Privacy Policy

Cork & Ledger · Last updated April 26, 2026

This Privacy Policy explains how Cork & Ledger ("we", "us", or "the app") collects, uses, and protects information when you use the iOS application. By using the app, you agree to the practices described below.

1. Information We Collect

Account information. When you sign in with Apple, Google, or email, we receive your email address and a unique user identifier. We do not receive your Apple or Google password.
Cellar data you create. Wines, purchases, transactions, tasting notes, and any photos you take or upload. This data is yours.
Photos. If you scan a wine label or barcode, the captured image is sent to our backend for parsing and may be processed by third-party AI services (see Section 4). We do not access your photo library without your permission.
Usage telemetry. Anonymous events about which features are used (e.g., "label scan started") to help us improve the product. No cellar contents or personally identifying information are included.

2. How We Use Your Information

To sync your cellar across your devices.
To extract wine details from labels and barcodes you scan.
To enrich wines with market pricing and critic scores.
To stylize bottle photos for your cellar display.
To diagnose bugs and improve the app.

3. Data Storage

Your cellar data is stored locally on your device (SQLite) and synced to our backend at Supabase. Each user can only access their own rows. Photos are stored in Supabase Storage with the same per-user access controls.

4. Third-Party Services

To provide certain features, we share data with the following processors:

Supabase — authentication, database, and storage. Hosted in the United States.
Anthropic (Claude API) — label scanning and AI features. Label photos are sent for parsing.
Black Forest Labs — bottle photo styling. Bottle photos are sent for processing.
WineLabs — wine identification, market pricing, and critic scores. Wine identifiers (name, winery, vintage) are sent for lookup.
Go-UPC — barcode lookups. Barcode numbers are sent.
Apple App Store / Google — sign-in.

We do not sell your data. We only share what is needed to fulfill the feature you triggered.

5. Your Rights

Export. Export your full cellar as CSV at any time from Settings.
Delete local data. Clear all data stored on your device from Settings.
Delete cloud data. Permanently erase your cellar from our servers from Settings → Erase Cloud Data.
Delete account. Email us at the address below to delete your account entirely.

6. Security

All network traffic is encrypted in transit (HTTPS / TLS). Database access is gated by row-level security so that one user cannot read another user's data. We do not implement custom encryption beyond what iOS and our service providers offer at the platform level.

7. Children's Privacy

The app is not intended for users under 17. We do not knowingly collect data from children. If you believe a child has provided us information, contact us and we will delete it.

8. International Users

Data is processed in the United States. By using the app, you consent to this transfer.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be reflected in the "Last updated" date at the top of this page.

10. Contact

Questions, requests, or concerns: craig@cork-and-ledger.com