Law Enforcement Guidelines

These Law Enforcement Guidelines describe how ChefSphere OÜ ("ChefSphere") responds to lawful requests for information and content action made by government authorities. They are published under our obligation of good-faith cooperation with authorities under Art. 9 and Art. 10 of Regulation (EU) 2022/2065 (Digital Services Act — "DSA") and comparable rules outside the EU, and under our duty of lawful processing under Art. 6(1)(c) GDPR. They do not create a right on the part of any authority, user, or third party beyond what the law already provides, and they do not limit any defence or challenge available to a user or to ChefSphere.

1. Who we are

• Legal entity: ChefSphere OÜ, Estonian registry code 17470129 (Tartu County Court Registration Department, business register card No. 1).
• Registered service address: c/o E-Residency Hub OÜ, Ahtri tn 12, 10151 Tallinn, Harju maakond, Estonia.
• Establishment in the EU: yes. A Data Protection Officer is appointed and a DSA single point of contact is published.

2. Channels

Lawful requests should be sent through one of the following channels. We do not accept requests submitted through unofficial channels (social media DMs, ordinary user support, or the public abuse inbox) except in an imminent-risk-to-life situation (see §5).

Channel	Purpose
[email protected]	All non-emergency requests. Please use subject prefix [LEA] <your-reference> and attach the signed order as a PDF. Encryption-in-transit is standard; a PGP key is available on request.
Postal — c/o E-Residency Hub OÜ, Ahtri tn 12, 10151 Tallinn, Harju maakond, Estonia	Any request that must be served in hard copy, or where an authority prefers postal service. Mark the envelope "Law Enforcement Response Team".
DSA authorities — [email protected]	Specifically for EU Member State DSCs, the European Commission, and the Board under Art. 11 DSA.
Copyright — [email protected]	Specifically for subpoenas under 17 U.S.C. §512(h) and for DMCA-registered notices.

We acknowledge receipt within 2 business days for non-emergency requests. Average full-response SLA is 10 business days for a narrowly-scoped order; complex orders are scoped through follow-up correspondence.

3. Valid process — what the order must contain

We only act on orders that meet the following minimum bar. Requests that fall short of it are held and the sender is asked to remedy the defect; we do not refuse to cooperate but we do refuse to act on malformed orders.

3.1 Orders requesting user data (subpoena, court order, warrant, DSA Art. 10 order)

A valid order must:

1. Identify the authority (court, prosecutor, agency, specific judge or signatory) and the legal basis (statute article, case number, issuing authority's name, sworn or apostilled where needed for cross-border).
2. Identify the user or account with specificity — email address, ChefSphere username, account ID, IP address with date/time + timezone, phone number, or a combination. We cannot act on vague descriptions ("all users who posted X"). For DSA Art. 10 orders the identification rules of Art. 10(2) apply.
3. Specify the categories of data requested, with proportionality — what is strictly necessary to the investigation, not everything the account has ever generated. Orders that read like a generic data dump are returned for refinement.
4. State the statement of reasons (Art. 9(2)(a)(iii) DSA), the territorial scope (Art. 9(2)(a)(v) DSA), and whether the user is to be notified (Art. 9(2)(b) DSA). For non-EU orders, comparable elements under the national statute.
5. Be served on the correct entity. ChefSphere OÜ is established in Estonia; the Estonian entity is the proper respondent for EU orders. We do not respond to orders served on ChefSphere users, on our processors (Stripe, Cloudflare, hosting providers) in relation to account data, or on individual employees. If your domestic rules require service on a local representative, note that we do not maintain a legal representative outside the EU (no Art. 13 DSA representative is required because our establishment is in the EU).

3.2 Orders requesting content action (removal, restriction, de-indexing)

A valid order must, in addition to §3.1 elements:

1. Specify the exact content (URL, item ID, user handle, timestamp, screenshot).
2. State the illegal-content finding with the legal basis (national statute or EU regulation).
3. Confine the territorial scope (Art. 9(2)(a)(v) DSA) to what the alleged illegality requires. Global removal is granted only where the order explicitly and justifiably extends beyond a Member State.

4. Data we can and cannot produce

We can only produce what we actually hold. The Privacy Policy §2 lists our data categories; the Data Retention Schedule lists retention windows. Some specific notes:

• Account metadata (email, display name, age band, account creation date, sign-in IPs with timestamp, device model and OS) — available, subject to retention.
• Content (posts, messages, recipes, listings) — available unless the user has deleted it and the operational purge window has elapsed.
• Direct messages — available for the retention period. Messages are stored server-side but are never readable by ChefSphere staff without the specific access necessary to fulfil a lawful order and with a recorded audit trail.
• Payment data — we do not store full card numbers. We hold tokenised references, the last four digits, and billing country. Full card data is held by Stripe (or by Apple / Google for in-app purchases) and must be requested from them.
• Passwords — not available in any form. Passwords are stored as bcrypt hashes. We cannot retrieve or decrypt them.
• End-to-end-encrypted data — at present, ChefSphere does not operate end-to-end-encrypted surfaces. If this changes we will disclose it here.
• Biometric data — not held. Identity verification for marketplace sellers is performed by Stripe and returns only a pass/fail result to us.
• AI chat history (AI Chef) — available to the extent the user has not deleted it, for the retention window described in the AI Disclosure §4.
• Precise location — not held by default. Location is collected only for the Tools Marketplace geo-search and only with the user's explicit opt-in, and is encrypted at rest.

4.1 Preservation requests

Under 18 U.S.C. §2703(f) (Stored Communications Act) and comparable rules elsewhere, an authority may request that we preserve records pending a formal order. We honour preservation requests that clearly identify the account and scope. A preservation request is valid for an initial 90 days and may be extended once for an additional 90 days; after that a fresh preservation or a formal production order is required.

5. Emergency disclosure — imminent risk to life

Where we receive information giving rise to a good-faith belief that an emergency involving imminent danger of death or serious physical injury to any person requires disclosure without delay, we may voluntarily disclose information to the extent strictly necessary to prevent that harm. The legal bases are Art. 6(1)(d) GDPR (vital interests) and 18 U.S.C. §2702(b)(8) where applicable.

Emergency requests should be sent to [email protected] with the subject prefix [EMERGENCY — life-threat] and must come from an identifiable law-enforcement email domain, state the nature and immediacy of the danger, identify the target account, and name the requesting officer, agency, case reference, and a call-back number. We evaluate the request against Art. 6(1)(d) GDPR and produce only the information strictly necessary to address the emergency.

We also independently notify competent authorities under Art. 18 DSA where we become aware of a criminal offence involving a threat to life or safety, without waiting for a request.

6. User notice

Unless prohibited by law, by a valid non-disclosure clause in the order, or by a legitimate operational concern about the integrity of a criminal investigation, we notify the affected user that we have received a request concerning their account. Notification is given in-app or by email, identifies the requesting authority and the legal basis, and gives the user the opportunity to seek legal advice before the data is produced. Where the order is accompanied by an explicit, lawfully-issued gag clause or where imminent harm would result, we suspend user notice and notify the user as soon as the prohibition lapses.

7. Non-disclosure obligations

Where a lawfully-issued order prohibits disclosure of the existence or contents of the order itself (for example a U.S. non-disclosure order under 18 U.S.C. §2705(b)), we honour the prohibition for the period it requires and re-evaluate at the sunset date.

8. Cost reimbursement

We do not charge governments for producing data in response to lawful orders. Where the requested scope is unusually broad and requires substantial engineering effort, we may invoke 18 U.S.C. §2706 or comparable cost-reimbursement rules to recover the reasonable cost.

9. Cross-border cooperation

Requests from authorities outside the EU reach ChefSphere OÜ through one of four routes, in order of preference:

1. Mutual Legal Assistance Treaty (MLAT) — the authoritative path between a non-EU authority and the Estonian Ministry of Justice.
2. CLOUD Act preservation — for US authorities where preservation before MLAT is needed.
3. Art. 10 DSA order — from a Member State authority where the conduct concerns EU users and the order meets the DSA criteria.
4. Direct request — honoured on a voluntary basis for non-contentious requests (for example confirming an account's existence for an identity-theft investigation) and only after we have satisfied ourselves that disclosure is lawful under Estonian and EU law, including GDPR transfer rules.

10. Transparency

We publish aggregate statistics on the number of government requests we received, by country and type, in our annual DSA Transparency Report at https://chefsphere.app/legal/transparency-report. The figures cover Art. 9 orders, Art. 10 orders, Art. 16 notices, emergency disclosures, preservation requests, and the outcome (full compliance, partial compliance, formal objection, deferred).

11. Limits we will push back on

We will contest orders that, in our reasonable assessment, breach any of the following:

• Overbreadth — orders seeking blanket data unrelated to the investigation at hand.
• Disproportionality under Art. 52 of the EU Charter of Fundamental Rights.
• Foreign-intelligence fishing requests under FISA §702 or equivalent — consistent with the Schrems II judgment of the CJEU and the EDPB's Recommendations 01/2020 on supplementary measures, and with Data Privacy Framework post-transfer review.
• Orders that would force us to compromise the security of the Service or of our users, including orders to weaken cryptography, to implant surveillance capabilities, or to falsify transparency reporting.
• Orders that would breach the EU GDPR Chapter V transfer regime (adequacy or SCCs and a valid Transfer Impact Assessment).

We contest via the appeals mechanism available under the issuing authority's law, or by seeking judicial review, and we may notify the affected user where permissible.

12. Security of the response path

All lawful-request email traffic is handled by a small, vetted Law Enforcement Response Team within ChefSphere's legal function. Every request is ticketed, every response is logged and retained for 7 years as required by Estonian administrative law and by our own compliance obligations. The team operates on a principle of least privilege; no one outside it can produce data in response to an external request.

13. What we do not do

• We do not respond to authority requests sent to support@, abuse@, or other non-legal inboxes, except in the emergency-disclosure path described in §5.
• We do not accept authority requests by phone without a follow-up written order.
• We do not provide "back-door" access, push-style access to our systems, or "fire-hose" access to live data. Any such proposal is refused on principle.
• We do not pre-emptively hand over user content to an authority absent a valid order or the §5 emergency path.

14. Contact summary

• Primary law-enforcement inbox: [email protected]
• DSA authorities / Commission / Board: [email protected]
• DMCA §512(h) subpoenas: [email protected]
• DPO / data protection: [email protected]
• Postal address for service: ChefSphere OÜ, c/o E-Residency Hub OÜ, Ahtri tn 12, 10151 Tallinn, Harju maakond, Estonia, Attn: Law Enforcement Response Team.

15. Changes

We update this page when our process, our establishment, or applicable law changes materially. The effective date and version in the header control.