Sip Steward
Get Started
Back to Home
Version 1.0

Privacy Policy

Effective Date: November 5, 2025 • Last Updated: November 5, 2025

1. Introduction

Sip Steward ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our wine production management platform and related services (collectively, the "Service").

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, username, and password when you register for an account
  • Profile Information: Winery name, location, production volume, and other profile details
  • Production Data: Recipes, batch information, fermentation logs, inventory data, tasting notes, and other winemaking-related information
  • Supply Information: Product scans, inventory items, supplier details, and purchase history
  • Communication Data: Feedback, support requests, and other communications with us
  • Payment Information: Billing details and payment card information (processed securely through third-party payment providers)

2.2 Information Collected Automatically

  • Usage Data: Features used, actions taken, time spent on pages, and interaction patterns
  • Device Information: IP address, browser type, operating system, device identifiers, and mobile network information
  • Log Data: Access times, pages viewed, app crashes, and system activity
  • Location Data: General geographic location based on IP address
  • Cookie Consent Data: Your cookie preferences, including whether you consented to analytics cookies, the timestamp of consent, and whether consent was withdrawn

2.3 AI-Powered Features

When you use our AI-powered supply scanner, we process images you upload to identify products and extract relevant information. Images are processed temporarily and are not stored permanently unless you explicitly save them to your inventory.

2.4 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to provide and improve our Service:

  • Essential Cookies: Required for authentication, security, and core functionality. These cannot be disabled and do not require consent under GDPR.
  • Analytics Cookies: Used to understand how you use our Service and improve user experience through anonymized usage data. For users in the European Union and United Kingdom, we only set analytics cookies with your explicit opt-in consent.

Your Cookie Choices:

  • EU and UK users will see a cookie consent banner on their first visit
  • You can accept or reject analytics cookies at any time
  • Your choice is remembered and can be changed in your account settings
  • Essential cookies are always active to ensure core functionality

For detailed information about the cookies we use, see our Cookie Policy.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Create and manage your account
  • Process and track your winemaking activities
  • Send administrative information, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues and security threats
  • Develop new features and services
  • Comply with legal obligations
  • With your consent, send marketing communications about features, updates, and industry insights

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your personal data under the following legal bases:

  • Contract Performance: To provide the Service you requested
  • Legitimate Interests: To improve our Service, ensure security, and conduct business operations
  • Legal Obligations: To comply with applicable laws and regulations
  • Consent: For marketing communications and optional features

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information in the following situations:

5.1 Service Providers

We work with third-party service providers who assist in operating our Service:

  • Database and Authentication Providers: Database hosting and user authentication services
  • Cloud Infrastructure: Server hosting and content delivery
  • Analytics Services: Vercel Analytics (Vercel Inc.) to understand usage patterns and improve user experience. We collect only anonymized, aggregated data. For EU/UK users, analytics cookies are set only with explicit opt-in consent. Data is processed in accordance with Vercel's Data Processing Agreement and Standard Contractual Clauses for international transfers.
  • Payment Processors: To handle billing and payments securely
  • AI Services: For product recognition and data extraction features

5.2 Legal Requirements

We may disclose information if required by law or in response to valid legal requests by public authorities.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5.4 Consent

We may share your information with your explicit consent for specific purposes.

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide you with the Service
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Maintain business records

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes (such as fraud prevention).

Production data and recipes are retained for the duration of your account to maintain historical accuracy and batch traceability.

Cookie Consent Records: We retain records of your cookie consent preferences for 3 years after your last interaction with our Service, or 1 year after consent withdrawal, to demonstrate compliance with data protection laws and for legal defense purposes.

7. Your Privacy Rights

7.1 Rights Under GDPR (European Users)

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Restriction: Limit processing of your data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw previously given consent

7.2 Rights Under CCPA/CPRA (California Users)

  • Know: Information about data collection and sharing practices
  • Delete: Request deletion of personal information
  • Correct: Request correction of inaccurate information
  • Opt-Out: Opt-out of sale/sharing (Note: We do not sell personal information)
  • Limit Use: Limit use of sensitive personal information
  • Non-Discrimination: Equal service regardless of privacy choices

7.3 Exercising Your Rights

To exercise any of these rights, please contact us through our contact form or through your account settings. We will respond to your request within 30 days (45 days for CCPA requests).

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Employee training on data protection
  • Incident response procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your country.

We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses approved by the European Commission.

Analytics data may be transferred to the United States where Vercel Analytics processes the data. These transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission and Vercel's Data Processing Agreement, ensuring your data receives equivalent protection to that required under GDPR.

10. Children's Privacy

Our Service is not intended for individuals under the age of 21 (or the legal drinking age in your jurisdiction). We do not knowingly collect personal information from minors. If we discover that a minor has provided us with personal information, we will delete such information immediately.

11. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

12. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will provide additional notice through the Service or via email.

13. Contact Information

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us through our contact form:

Sip Steward

Contact Us →

For EU residents: You have the right to lodge a complaint with your local supervisory authority if you believe we have not adequately addressed your concerns.