VEE
Collaborative Cooking Platform
Privacy Policy & Data Protection
Compliant with Egyptian Law No. 151 of 2020
Last Updated: 20 January 2026
Arab Republic of Egypt
The company that owns and operates the VEE application (hereinafter “the Company”) is fully committed to respecting its users’ privacy and protecting their personal data. This policy (hereinafter “Privacy Policy”) defines how users’ personal data is collected, processed, used, and protected, as well as users’ legal rights regarding such data.
This policy expressly complies with:
The Egyptian Personal Data Protection Law No. 151 of 2020.
The Executive Regulations issued by Minister of Communications Decree No. 816 of 2025.
Anti-Cybercrime Law No. 175 of 2018.
Consumer Protection Law No. 181 of 2018.
Internationally recognized data protection principles, including legality, transparency, data minimization, purpose limitation, security, and accountability.
⚠ Mandatory Reading: By using the VEE application or creating an account on it, you expressly acknowledge and agree to all data processing practices outlined in this policy.
Pursuant to Article (2) of the Egyptian Personal Data Protection Law No. 151 of 2020, the “Data Controller” is the company that owns and operates the VEE application, which is the entity legally responsible for determining the purposes and means of personal data processing.
Controller Details:
Trade Name: VEE Application.
Legal Form: Limited Liability Company registered in the Arab Republic of Egypt.
Commercial Registry Number: [to be added].
Registered Address: [to be added].
Official email for legal inquiries: [to be added].
Pursuant to Article (8) of Law No. 151/2020, the Company has appointed a specialized Data Protection Officer registered with the Egyptian Personal Data Protection Center. The DPO can be contacted directly for all matters regarding user rights or data processing inquiries:
Dedicated DPO email: [to be added – dpo@vee.app].
Postal address: [to be added].
This policy applies to all users of the VEE application without exception, whether they are:
Regular users browsing or interacting with content.
Content providers or paid/free collaborative cooking session hosts.
Premium package subscribers.
Visitors to the application’s website.
Users inside or outside the Arab Republic of Egypt.
The policy applies to all types of processing occurring through the application, its website, APIs, or any affiliated platforms.
For the purposes of this policy, the following terms have the meanings set forth alongside each, per Law No. 151/2020 and its Executive Regulations:
Personal Data: Any data relating to an identified or identifiable natural person, directly or indirectly, by reference to an identifier such as name, ID number, biometric data, or location data.
Sensitive Personal Data: Data relating to psychological, health, genetic, biometric, financial status, religious beliefs, political opinions, sexual life, or data relating to children.
Processing: Any operation or set of operations performed on personal data, including collection, recording, storage, use, transfer, disclosure, modification, and deletion.
Controller: The company that determines the purposes and means of personal data processing (here, the company owning VEE).
Processor: The natural or legal person that processes data on behalf of the controller (such as cloud hosting providers).
Consent: Express, free, specific, and informed permission from the data subject to process their personal data for a specific purpose.
Cross-border Transfer: Transfer of personal data to a foreign country other than the Arab Republic of Egypt.
Breach: Any security violation resulting in accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal data.
The following data is collected upon registration or during application use based on the User’s direct input:
Full name or username.
Email address.
Mobile phone number.
Date of birth (to verify legal age).
Gender (optional, for content customization).
Profile picture (optional).
Country and city of residence.
Bank account data (for content providers only, for withdrawal and transfer purposes).
User-generated content (recipes, videos, comments, messages, live sessions).
User’s dietary and health preferences (optional, to customize ChefLens suggestions).
Some data is collected automatically when using the application without manual input, including:
Device type (smartphone, tablet, etc.) and model.
Operating system (iOS, Android) and version.
Unique Device ID.
IP address.
Preferred language and time zone.
In-app interaction data (visited sessions, saved recipes, comments, ratings).
Session duration and activity logs.
Application performance data (crash reports).
Approximate location data (from IP address, not precise GPS unless expressly authorized).
Payment and subscription history.
Paid session history (provided and attended).
Electronic wallet balances.
Withdrawal and transfer transaction history.
Important Notice: The application does not under any circumstances store payment card data (card number, expiration date, CVV). All financial transactions are conducted via electronic payment gateways licensed by the Central Bank of Egypt and certified to international PCI DSS security standards.
During live collaborative cooking sessions, the following types of data are processed:
Live audio and video streams between participants.
Text messages exchanged during the session (chat).
Connection quality logs and latency.
Session recordings (if any, with express User consent).
Using the application may involve processing some data classified as “sensitive” under Article (12) of Law No. 151/2020, particularly:
Data related to health status or food allergies (when the User interacts with ChefLens or sets dietary preferences).
Children’s data (in case of children using the application under parental supervision).
Financial data (bank account data of content providers).
The Company, when processing this data, undertakes to obtain express written consent, apply enhanced protection measures, and obtain an independent license from the Personal Data Protection Center per Article (12).
Data is processed based on one or more of the following legal bases pursuant to Articles (2) and (4) of Law No. 151/2020:
The Company primarily relies on express and informed User consent to process their data, obtained when:
Creating the account (accepting Terms and Privacy Policy).
Activating optional features (geolocation, notifications, photo access).
Using ChefLens and AI-based features.
Subscribing to promotional mailing lists.
The User may withdraw their consent at any time without consequences to essential services that do not require such consent.
Some processing is necessary to perform the contract concluded with the User (application usage agreement), such as:
Creating and managing the account.
Processing payments and subscriptions.
Providing live streaming and interaction features.
Providing customer service and technical support.
The Company may process data to comply with legal obligations, such as:
Retaining transaction records for 5 years (Tax Law).
Retaining system logs for 180 days (Law No. 175/2018, Article 2).
Responding to requests from judicial or regulatory authorities.
Reporting suspicious transactions (anti-money laundering).
The Company may rely on its legitimate interest for some types of processing, provided they do not override the User’s fundamental rights and freedoms, such as:
Improving and developing application services.
Protecting the platform from fraud and misuse.
Information security and cyber threat monitoring.
Conducting internal statistical analyses (without identification).
Personal data is used exclusively for the following purposes, and is not used for any purposes outside this scope without separate express consent or legal obligation:
Creating, managing, and authenticating user accounts.
Operating application features and functions (live streaming, ChefLens, wallet).
Executing payments and financial transfers via payment gateways.
Communicating with users and providing technical support.
Sending notifications regarding sessions and updates.
Improving user experience and customizing suggested content.
Training AI models for ChefLens (using anonymized data).
Internal statistical analysis (without individual identification).
Preventing fraud and unlawful activities.
Improving platform security and threat monitoring.
Complying with legal and regulatory requests.
Sending marketing and promotional notifications (with User consent only, with right to opt out at any time).
The Company does not sell, rent, or trade users’ personal data under any circumstances, nor share their data with third parties for direct marketing purposes without their express consent.
Data may be shared on a limited and necessary basis only with:
Licensed payment gateways (such as Paymob and Fawry) to execute financial transactions.
The Egyptian bank holding the Company’s accounts.
Only data necessary to complete the transaction is shared (name, amount, service type).
Cloud hosting services (AWS, Google Cloud, Microsoft Azure).
Live streaming and WebRTC services for audio and video.
Analytics services (Google Analytics, Firebase) anonymously.
AI service providers for ChefLens (with strict contractual safeguards).
Email and SMS sending services.
Legal advisors (when needed in legal disputes).
Financial advisors and accountants (for financial review purposes).
External auditors.
The Company may disclose user data to government or judicial authorities in the following cases:
Existence of a court order or official request from a competent judicial authority.
Requests from regulatory authorities (Data Protection Center, Telecommunications Regulatory Authority, Central Bank).
Cooperation with law enforcement in criminal investigations.
Defending the Company’s legal rights or protecting users’ safety.
All third parties are contractually bound to:
Maintain data confidentiality and not disclose it.
Use data only for the purpose specified in the contract.
Take appropriate technical and organizational protection measures.
Immediately notify the Company of any security breach.
Delete data at the end of the contractual relationship.
Important: Some user data is stored on cloud servers that may be located outside the Arab Republic of Egypt. This transfer is conducted pursuant to Articles (14), (15), and (16) of Law No. 151/2020.
European Union countries (France, Germany, Netherlands) – AWS and Google Cloud servers.
United States of America (AI servers for ChefLens).
Saudi Arabia and UAE (regional servers for performance improvement).
Pursuant to Law No. 151/2020, the Company takes the following safeguards to ensure an adequate level of protection for transferred data:
Obtaining prior authorization from the Personal Data Protection Center for cross-border transfer.
Concluding Standard Contractual Clauses with foreign processors.
Verifying that the receiving country provides a protection level at least equivalent to Egypt’s.
Encrypting data during transfer (TLS 1.3) and storage (AES-256).
Restricting data access and monitoring login operations.
Obtaining the User’s express consent for cross-border transfer.
The Company takes appropriate technical and organizational measures to protect personal data from unauthorized access, unlawful use, modification, disclosure, or destruction. These measures include:
Encryption of sensitive data at rest using AES-256.
Communications encryption using TLS 1.3 protocol.
Logical separation between production and testing environments.
Multi-layered firewalls and intrusion detection systems (IDS/IPS).
Multi-factor authentication (MFA) for administrative access.
Regular data backups with restore testing.
Continuous monitoring of abnormal activities.
Strict internal data access policies (Need-to-Know Basis).
Mandatory training for all employees on data protection.
Non-Disclosure Agreements (NDAs) with all employees and contractors.
Regular security reviews and annual risk assessments.
Incident response plan.
Despite the Company taking all reasonable measures, the User acknowledges and agrees that:
Data transfer over the internet cannot be guaranteed 100%.
No security system is absolutely impenetrable.
The Company is not liable for any breach resulting from factors beyond its reasonable control.
The User is responsible for protecting their own login data.
Pursuant to Article (7) of Law No. 151/2020 and the Executive Regulations, in case of any security breach affecting personal data, the Company undertakes to:
Notify the Personal Data Protection Center (PDPC) within seventy-two (72) hours of becoming aware of the breach.
Notify affected data subjects within three (3) business days of breach discovery.
Provide a detailed description of the breach, the nature of affected data, and the number of affected users.
State measures taken to contain the breach and mitigate its effects.
Provide recommendations for affected users to protect themselves (such as changing passwords).
Maintain a complete record of the breach and related investigations.
The User enjoys all rights stipulated in Chapter Three of the Egyptian Personal Data Protection Law No. 151 of 2020, which are:
The User has the right to be notified of the collection and processing of their data and the purposes of such processing, which this policy transparently and comprehensively provides.
Obtaining a copy of their processed personal data.
Knowing the source of data, processing purposes, and parties to whom data has been disclosed.
Knowing the data retention period.
Requesting correction of any inaccurate or incomplete data.
Updating personal data at any time via account settings.
Requesting deletion of personal data if no longer necessary for the purposes for which it was collected.
Requesting data deletion upon consent withdrawal.
Subject to the Company’s legal obligations to retain some data for specified periods.
Objecting to data processing for direct marketing purposes.
Objecting to some aspects of processing based on legitimate interest.
Objecting to automated decisions materially affecting them.
Requesting restriction of data processing in specific cases (such as disputing data accuracy).
Obtaining their data in an organized, machine-readable digital format.
Requesting its transfer directly to another controller when technically feasible.
Withdrawing consent for data processing at any time without affecting the lawfulness of prior processing.
Filing a complaint with the Egyptian Personal Data Protection Center.
Resorting to competent judicial authorities.
To exercise any of these rights, the User may:
Submit a request via the support section within the application.
Contact the Data Protection Officer at the dedicated email.
Send a written request to the Company’s postal address.
The Company undertakes to respond to requests within a maximum of sixty (60) days from request receipt, and may request verification of the requester’s identity before execution to prevent unauthorized disclosure.
The Company retains personal data only for the periods necessary to achieve the purposes for which they were collected, per the following schedule:
Basic account data: throughout account activity.
Published content: throughout its existence in the application or until deletion request.
After account deletion, some data may be retained in a limited and secure manner for the following purposes:
Financial and tax records: 5 years (Tax Law).
System and access logs: 180 days (Law No. 175/2018, Article 2).
Legal dispute data: until dispute resolution + limitation period.
Anonymized data for statistical analysis: no time limit.
Content the User shared with others may remain with them even if the User deletes their account.
Public comments and interactions may remain visible anonymously.
Any content the User publicly publishes within the application is visible to all other users.
The User is solely responsible for content they choose to publish publicly.
The Company is not liable for content reuse by other parties after public publication.
The Company is not liable for any privacy violation resulting from the User’s own content publication.
The User is advised not to publish any sensitive personal data in public content.
⚠ Important Notice: The VEE application does not target children under 18 as independent users but may be of interest to them given the nature of cooking and creative home activities content.
Children under 18 are not permitted to create an independent account.
Children’s data is not knowingly collected.
If a minor’s account is discovered, it is immediately disabled.
When children use the application (under parental supervision), the following is required:
Direct and continuous supervision by parent or legal guardian.
Express parental consent for child’s use of the application.
The account is in the parent’s name and registered with their data.
Parents are fully responsible for the child’s interaction with content.
The Company emphasizes that:
Cooking activities involve risks (fire, sharp tools, high heat).
Parents are responsible for ensuring activities are suitable for the child’s age and abilities.
Age-appropriate tools and ingredients must be used.
The Company is not liable for any injuries or damages resulting from children’s use of the application.
If parents discover that a minor child has provided data to the application, they can request its immediate deletion by contacting the Data Protection Officer. The request will be executed within 7 business days.
The VEE website (not necessarily the application) uses cookies and similar technologies to improve user experience. These files are divided into:
Necessary for site operation and cannot be disabled.
Such as: login sessions, language preferences, shopping cart.
Collect anonymous information about site usage.
Help improve performance.
Remember user preferences.
Improve browsing experience.
Used to display personalized ads (with user consent only).
Can be disabled from browser settings or cookie management panel.
The VEE application uses the AI-based ChefLens tool for suggesting recipes and estimating calories. The User acknowledges and agrees to:
Using ChefLens requires processing user inputs (texts, images, dietary preferences).
User inputs may be used – anonymously – to improve and develop the model.
ChefLens results are estimates, non-binding, and not medical advice.
Input data may be transferred to AI service providers outside Egypt with protection safeguards.
The User may object to their data being processed by AI, noting this may prevent using some features.
The Company may send the User promotional messages and marketing notifications, but only after obtaining express consent.
The User may at any time unsubscribe from these messages via the unsubscribe link at the bottom of each email, or from application settings.
Unsubscribing from marketing messages does not affect receipt of necessary operational messages (booking confirmations, security alerts, etc.).
The Company reserves the right to amend this policy at any time for legal, operational, or regulatory reasons. Users will be notified of material amendments via:
Prominent in-app notification 30 days before the amendment takes effect.
Email to registered users.
Publication of the updated version on the policy page with the last update date clearly shown.
Continued use of the application after amendments take effect constitutes express and binding acceptance of the modified policy. If the User does not agree to the amendments, they may delete their account.
The competent supervisory authority for enforcing the Egyptian Personal Data Protection Law is:
The Personal Data Protection Center (PDPC).
Affiliated with the Ministry of Communications and Information Technology.
Website: pdpc.gov.eg (upon official portal launch).
The User has the right at any time to file a complaint directly with the Center if they believe their data is being processed in violation of the law.
This policy is governed by the laws of the Arab Republic of Egypt.
The courts of the Arab Republic of Egypt alone have jurisdiction over any dispute arising therefrom.
In case of conflict between Arabic and English versions, the Arabic version prevails.
For any inquiry, request, or complaint related to data protection and privacy, you may contact us via the following channels:
Data Protection Officer (DPO): [email to be added].
Support section within the application.
General Company email: [to be added].
Official postal address: [to be added].
By using the VEE application, you expressly acknowledge and agree that:
Your data is processed pursuant to this policy and Law No. 151/2020.
The Company is committed to protecting your privacy to the highest standards.
You have all the rights stipulated by law, which you may exercise at any time.
This policy – together with Terms and Conditions and Refund Policy – constitutes our complete agreement.