All personal data is processed by:

We collect the following types of data when you use Vinello:

• Account Information: Email address and password (encrypted)
• Wine Collection Data: Your wine inventory, photos, ratings, tasting notes, and consumption history
• Voice Conversations: Transcriptions of your voice interactions with the AI sommelier
• User Preferences: AI personality selection, voice settings, language preferences, and app configuration
• Conversation Memories: Facts and preferences you explicitly ask us to remember
• Optional Information: Your name (for personalized AI interactions)
• Subscription Information: Subscription tier (FREE, PREMIUM, PRO), subscription ID from Apple/Google Play, usage tracking for tier limits (scans, chat sessions, descriptions, PDF imports)

Your data is used solely to provide and improve the wine cellar management and AI sommelier services. Specifically:

• To manage and sync your wine collection across devices
• To provide AI-powered recommendations and conversations
• To personalize your experience with the app
• To remember your preferences and facts you ask us to remember
• To improve our services and fix bugs

Third-Party Services: We share data with the following third-party services solely for app functionality:

• OpenAI: For speech-to-text (Whisper) and text-to-speech services. Your voice audio and transcriptions are sent to OpenAI for processing.
• Anthropic (Claude API): For AI conversations with the sommelier. Your conversations are sent to Anthropic using a centralized API key configured on the server. Anthropic is an external service.

Important: We do not sell, rent, or share your data with any other third parties for marketing or advertising purposes.

Storage: Your data is stored securely on our servers with industry-standard encryption. All data is encrypted at rest using AES-256 encryption.

Transmission: All data transmitted between the app and our servers uses HTTPS/TLS 1.2+ encryption. We never transmit sensitive data over unencrypted connections.

API Keys: Claude API key is configured centrally on the server and used to process AI conversation requests. The API key is stored securely in environment variables and never exposed to clients.

Access Control: Only you can access your account data. We use JWT (JSON Web Token) authentication to ensure secure access. Your password is hashed using bcrypt and never stored in plain text.

Data Backup: Regular backups are performed to prevent data loss. Backups are encrypted and stored securely.

Subscription Tiers: Vinello offers FREE, PREMIUM, and PRO subscription tiers. See our Subscription Plans page for complete details on pricing, limits, and features.

Payment Processing: Subscriptions are processed through Apple App Store (iOS) or Google Play Store (Android). We do not store or process payment information directly. All payment data is handled by Apple/Google according to their privacy policies.

Subscription Management: Manage subscriptions through your device settings. iOS: Settings → [Your Name] → Subscriptions. Android: Google Play Store → Subscriptions.

Cancellation: Cancel anytime through device settings. Access continues until the end of the current billing period. No refunds for partial periods.

Auto-Renewal: Subscriptions automatically renew unless cancelled at least 24 hours before the end of the current period.

Tier Changes: You can upgrade or downgrade at any time. Changes take effect immediately. Downgrades take effect at the end of the current billing period.

You have the following rights regarding your personal data under GDPR (EU) and CCPA (California):

• Right to Access: You can view all your data through the app. You can request a copy of all your personal data by contacting us.
• Right to Data Portability: You can export your complete wine collection as CSV (Settings → Account → Export CSV)
• Right to Deletion: You can delete your entire wine collection (Settings → Account → Delete All Wines) or request complete account deletion by contacting us. We will delete all your data within 30 days. Note: Cancelling subscription does not delete your account data. You must explicitly request account deletion.
• Right to Correction: You can update your account information, preferences, and wine data at any time through the app
• Right to Object: You can object to processing of your data by deleting your account or removing specific data
• Right to Restrict Processing: You can restrict processing by disabling AI features
• Right to Withdraw Consent: You can withdraw consent at any time by deleting your account
• Memory Management: You can view and delete conversation memories (Settings → AI Setup → Conversation Memory)

Exercising Your Rights: To exercise any of these rights, you can:

• Use the in-app features (export, delete, etc.)
• Contact us at support@vinello.ai
• Contact the data controller: Tommaso Galli, Via Giano della Bella 22/1, Firenze, Italy

Active Accounts: We retain your data for as long as your account is active and you use the app.

Account Deletion: If you delete your account, we will delete all associated data within 30 days, including:

• Account information (email, password hash)
• Wine collection data
• Voice conversation transcriptions
• User preferences and settings
• Conversation memories

Legal Requirements: We may retain certain data for longer periods where required by law, such as:

• Financial records (if applicable)
• Legal obligations or court orders
• Dispute resolution

Backups: Data in encrypted backups may be retained for up to 90 days after account deletion for disaster recovery purposes, after which it is permanently deleted.

Vinello is not intended for users under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe we have collected information from a child under 18, please contact us immediately at support@vinello.ai and we will delete such information promptly.

Your data may be processed and stored in servers located outside your country of residence. Specifically:

• Our Servers: Your data is stored on servers that may be located in the EU, US, or other jurisdictions
• Third-Party Services: When you use AI features, your data is sent to:
• OpenAI: Servers located in the US (subject to OpenAI's privacy policy)
• Anthropic: Servers located in the US (subject to Anthropic's privacy policy and terms of service)

Data Protection: We ensure that all data transfers comply with applicable data protection laws, including GDPR. By using the app, you consent to the transfer of your data to these locations for the purpose of providing the service.

Essential Cookies: The web interface uses session cookies for authentication purposes. These are essential for the app to function.

Analytics (Google Analytics): We use Google Analytics to understand how visitors interact with our website. This service uses cookies to collect anonymous usage data. These cookies are only set if you explicitly accept them via our cookie banner.

No Third-Party Advertising: We do not use cookies for third-party advertising or retargeting.

Cookie Management: You can withdraw your consent at any time by clearing your browser cookies for this domain.

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this page. Your continued use of the app after any changes constitutes acceptance of the new policy.

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us: