Vinea — Privacy Policy
From the vineyard, to your glass.
This Privacy Policy describes how the Vinea mobile application ("the App", "Vinea", "we", "us") handles information when you use it. Vinea is operated by an independent developer (contact: Fadi_rh@hotmail.com).
1. What the App does
Vinea lets you photograph a wine bottle, a wine list, a shelf or a restaurant menu and receive AI-generated tasting notes, food pairings, terroir context and wine recommendations. You can save scans to a personal cellar, share scans with friends, follow other users, and subscribe to optional premium features.
2. Information we collect
- Account information. If you create an account, we store your email address, a hashed password (using bcrypt — we never see your plain password), and an optional display name and avatar. If you sign in with Apple or Google, we receive a stable user identifier from Apple or Google and the email address you choose to share. We do not receive your Apple or Google password.
- Session tokens. When you sign in we issue a signed session token, stored securely on your device (iOS Keychain via expo-secure-store) and recorded in our database alongside its expiry, last-used timestamp and the requesting IP / user-agent for security and abuse prevention.
- Wine bottle photos and OCR images. When you scan or upload an image, the image is sent to our analysis service and to our AI providers (OpenAI, Anthropic, Google Gemini) solely to generate the wine review or to read the text on the page. Images are not retained on our servers after the response is returned, and they are not used to train AI models.
- Camera and photo-library access. The App requests Camera and Photo Library permissions only to let you capture or pick an image. These permissions are used only for that purpose.
- Cellar & activity data. Wines you save, journal entries, ratings, tags, follows, friend connections and the events used to build your activity feed are stored on our servers under your account so they sync across your devices.
- Subscription & purchase data. If you subscribe to Vinea Premium, your purchase is processed by Apple (App Store) or Google (Play Store). We use RevenueCat to verify the receipt and unlock premium features. We receive your transaction status, product identifier, expiry date and an anonymous RevenueCat user ID — we never see your card details, address, or full Apple / Google account information.
- Push-notification token. If you allow notifications, we store an opaque Expo push token tied to your account so we can send you the notifications you have enabled (e.g. weekly cellar digest). You can disable notifications at any time in your device settings.
- Advertising identifier. The free tier of the App displays a banner ad supplied by Google AdMob. AdMob may use your device's advertising identifier to show ads and measure performance. You can reset or limit this ID in your device settings (Settings → Privacy → Advertising on iOS, or Settings → Google → Ads on Android). Premium subscribers do not see ads.
- Crash and basic diagnostic data. We may receive aggregated crash and performance data from the underlying app platform (Expo / Apple / Google) to keep the App stable. This is not linked to your identity.
3. Subscriptions
Vinea offers optional auto-renewing subscriptions ("Vinea Premium" and "Vinea Pro") that unlock a generous monthly scan allowance (with optional top-ups for power users), advanced sommelier features, and remove ads. Subscriptions are sold in two billing periods (monthly and yearly) and are managed by Apple or Google — not by us.
- Payment is charged to your Apple ID or Google Play account at confirmation of purchase.
- Auto-renewal happens within 24 hours of the end of the current period at the same price as the selected plan, unless you cancel at least 24 hours before the renewal date.
- Manage or cancel at any time in your App Store account (iOS: Settings → [your name] → Subscriptions) or Google Play subscriptions screen. Deleting the App does not cancel the subscription.
- The current price for each plan is shown in the App before you confirm purchase, in your local currency.
Full terms: vineaai.app/terms. Unused portions of a free trial (if offered) are forfeited when you purchase a subscription.
4. Information we do not collect
We do not collect your contacts, precise location, browsing history outside the App, microphone audio (other than when you explicitly use the Voice Sommelier feature, in which case the audio is sent only to the speech provider for transcription and immediately discarded), or health data. We do not sell personal data to third parties.
5. Third-party services
- OpenAI, Anthropic and Google Gemini — receive your wine images and short text prompts solely to generate the AI review or read the text. Their use is governed by their own privacy policies.
- RevenueCat — verifies and tracks your subscription receipt. See revenuecat.com/privacy.
- Resend — sends transactional emails (e.g. password-reset links) on our behalf.
- Pexels — supplies stock food and vineyard imagery used for pairing visualisations.
- Google AdMob — serves the in-app banner ad on the free tier. See policies.google.com/technologies/ads.
- Apple App Store and Google Play — handle distribution, payment and may collect their own analytics per their policies.
6. Children
Vinea is intended for adults of legal drinking age in their country and is not directed to children under 18. We do not knowingly collect data from children.
7. Data retention & deletion
You can delete your account from the App at any time (Account → Delete account). When you do, we delete your profile, cellar, journal entries, follows, push token, and session records from our servers. Subscription receipt records held by Apple, Google or RevenueCat are governed by their respective policies. To request manual deletion, write to the email below.
8. Security
All requests between the App and our servers, and between our servers and third parties, are sent over encrypted HTTPS connections. Passwords are stored only as bcrypt hashes. Session tokens are signed (HS256) and rotated on sign-out.
9. Your rights
Depending on where you live (e.g. EU/EEA, UK, California), you may have the right to access, correct or delete personal data, to obtain a portable copy, or to object to certain processing. You can exercise most of these rights directly in the App, or by contacting us at the email below.
10. Changes to this policy
We may update this policy from time to time. The current version is always available at this URL, and we will note the "Last updated" date below.
11. Contact
Questions or requests: Fadi_rh@hotmail.com