FeaturesHobbyistsCollectorsWine ClubsPricingAboutFAQSupport

Privacy Policy

Last updated: May 22, 2026

Your collection is yours. This page explains what data we collect, how we use it, and which third parties we send it to — including Anthropic, the AI provider behind Ask AI.

1. Who we are

WineTracking ("we," "us") is the operator of this Service. Privacy questions, deletion requests, and data-access requests should go to privacy@winetracking.io.

2. What we collect

Account data

  • Email address, name (optional), profile photo (optional)
  • Authentication records (NextAuth sessions, magic-link tokens, login history)

Wine inventory data

  • Bottles, cabinets, slots, photos, ratings, notes, drink dates, custom tags
  • Tasting events, scores, group memberships, and shared cabinet links

Ask AI data

  • Questions you ask, generated SQL, returned answers, and full conversation history
  • Thumbs-up/down feedback, glossary entries you add

Support data

  • Support messages and any attachments you send (scanned for malware before storage)

Payment data

  • Stripe customer ID and subscription status. We never see your card number — Stripe handles payment.

Device and log data

  • IP address, user agent, page-view timestamps, error logs (used for security and debugging)

3. How we use it

  • To provide the Service: store your inventory, render your dashboard, run Ask AI queries on your behalf.
  • To send notifications you ask for (drink-window reminders, group tasting invites).
  • To improve features, fix bugs, and prevent abuse.
  • To comply with legal obligations.

We do not sell your data. We do not use your data to train AI models, and we have configured our AI integration so the provider doesn't either (see Anthropic disclosure below).

4. Anonymous wine knowledge base

When you add a bottle, score a wine, or run an external lookup (critic ratings, market value, food pairings), we may store the wine-level facts — producer, vintage, varietal, region, critic ratings, market price, drink-window estimate, and an aggregate score distribution — in an anonymous, app-wide knowledge base.

We never store the following in this knowledge base:

  • Your identity, account, or tenant ID
  • Your personal score or tasting notes (only frequency counts of common phrases extracted across many independent users)
  • Your purchase price, purchase source, or storage location
  • Anything that links a wine back to a specific person or cellar

This anonymous aggregate is used to power AI suggestions ("wines like this in your region"), reduce duplicate external lookups (so the same wine isn't looked up dozens of times across users), and surface community-level insights such as score distributions and drink-window confidence.

You can opt out at any time from your profile settings. With opt-out enabled, none of your wine-level facts contribute to the knowledge base. Existing aggregate counters are not retroactively reduced (we cannot tell which row was "yours" — that's the point of the anonymity), but no new data from your account will be added.

5. Third-party processors

To run the Service we share specific data with these processors:

Anthropic — Ask AI. When you use Ask AI, your question text, the relevant portions of your wine collection data needed to answer it, and the database schema are sent to Anthropic (the maker of the Claude AI assistant) to generate an answer. We have configured our integration so that Anthropic does not use your inputs or outputs to train their models. Anthropic's privacy commitments are at anthropic.com/legal/privacy. If you don't want your data sent to Anthropic, simply don't use the Ask AI feature — every other part of WineTracking works without it.

  • Vercel — application hosting; receives request logs.
  • Neon — PostgreSQL database hosting (US region).
  • Stripe — payment processing; receives billing email and payment method (we never see card details).
  • Cloudmersive — virus-scans support attachments; file content is sent for the duration of the scan.
  • Resend — sends magic-link login emails and transactional notifications.
  • Google — when you sign in with Google, Google authenticates you and shares your name, email, and avatar with us.

6. Data retention

  • Account, inventory, and tasting data: kept until you delete your account.
  • Ask AI conversations: kept until you delete them or your account.
  • Support messages and attachments: kept for 12 months after the thread closes, then deleted.
  • Logs and error reports: 30 days.
  • Payment records: kept as required by tax and accounting law (typically 7 years).

7. Your rights

You can:

  • Access and correct your data — most fields are editable directly in the app.
  • Export your data — a self-serve archive download is on the roadmap; in the interim, email privacy@winetracking.io and we'll prepare one.
  • Delete your account — self-serve deletion is on the roadmap; in the interim, email us and we'll erase everything within 30 days.
  • Object to processing — email us and we'll respond.

EU/UK users have additional rights under GDPR, and California users have additional rights under CCPA/CPRA. We'll add a region-specific addendum once we accept signups from those regions; in the meantime, the rights listed above apply to everyone.

8. Security

Passwords (when used) are hashed; databases are encrypted at rest; all traffic is HTTPS; uploaded files are virus-scanned before being stored. No system is 100% secure — if you suspect a breach, please contact us immediately at privacy@winetracking.io.

9. Children

The Service is age-gated to legal drinking age (21 in the US, 18 in most other jurisdictions). We do not knowingly collect data from anyone below that age. If you believe we have, contact us and we'll delete it.

10. Cookies

See our Cookie Policy for the full list of cookies we set and how to control them.

11. International transfers

Data is processed in the United States (Vercel, Neon, Anthropic, Stripe). If you access the Service from outside the US, you consent to this transfer. We rely on Standard Contractual Clauses or equivalent safeguards with our processors.

12. Changes

Material changes will be announced in the app and via email. Continued use after the effective date constitutes acceptance.

13. Contact

Privacy questions, deletion requests, data access requests: privacy@winetracking.io.