Privacy

The short version

muddler processes what it needs to return a result and keeps nothing else. Scans are not stored. The website has no tracking, no analytics, no cookies, and no third-party requests.

What happens when you scan

  1. You take a photo of a cocktail menu, or paste text on the scan screen.
  2. The image or text is sent to the muddler backend over HTTPS.
  3. The server runs OCR (if it’s an image), parses the text, matches the tokens against the ingredient database, and constructs a structured response.
  4. Results are returned to your device.
  5. The image and extracted text are immediately discarded on the server. Nothing is written to disk, logged, or retained.

The parsed cocktails live on your device for the current session. If you have an account and opt to save a scan, that saved entry is stored against your account and can be deleted at any time from the app.

Accounts

Accounts are optional. The scan, browse, and reference features work without one. Signing up lets you add custom ingredients, save scans to revisit later, and enables features added over time.

If you create an account:

  • Only what you provide (email, username) is stored.
  • Passwords are hashed; nobody at muddler can read them.
  • You can delete your account at any time from the settings menu. Deletion removes your saved scans and custom ingredients.

What muddler does not do

  • No scan history on the server. Scans exist only on your device unless you explicitly save them.
  • No third-party analytics. No Google Analytics, no Mixpanel, no tracking pixels, on the app or this website.
  • No advertising. No ads, no ad networks, no ad tracking.
  • No selling data. Ever.

Telemetry

The app reports anonymous crash diagnostics and basic performance metrics to help identify bugs. This data is not linked to your identity, is not sold, and cannot be used to re-identify you. You can opt out in the settings menu.

AI enhancement (optional)

If you opt into AI enhancement for handwriting or low-quality scans, the extracted OCR text (not the original image) may be sent to an external AI provider for cleanup. Current options:

  • On-device model (default when available): runs entirely on your phone; nothing leaves it.
  • Cloud provider: sends the text to an LLM API. These providers have their own privacy policies. This option is opt-in and disabled by default.

The website

This site (muddler.cc) is a static site hosted on Cloudflare. It:

  • Uses no JavaScript analytics or tracking.
  • Sets no cookies.
  • Makes no third-party requests (fonts are self-hosted).
  • Serves all content over HTTPS from Cloudflare’s edge network, with strict Content-Security-Policy, HSTS, and Permissions-Policy headers.

Changes to this policy

If this policy changes in a way that affects users, we will announce the change in the app. The page you’re reading is the current policy.