Privacy Policy

BrewEdge ("we", "us", "our") is committed to protecting your personal information. This Privacy Policy explains what data we collect when you use BrewEdge, how we use it, and the choices you have.

• Account data — name, email address, and hashed password when you register with credentials.
• OAuth data — name, email, and profile image provided by Google or Facebook when you sign in via OAuth.
• Brew data — brewing method, dose, water, temperature, time, tasting notes, and any photos you upload for analysis.
• Subscription & billing data — your chosen plan, subscription status, billing period dates, and a Stripe customer ID. We do not store your full card number, CVC, or expiry date — these are held exclusively by Stripe.
• Usage data — pages visited, features used, and error logs to help us improve the service.

• To provide and improve the BrewEdge service, including AI-generated brew guidance and analysis.
• To save your brew history and make it accessible across your devices.
• To send important account-related emails (password reset, security notices).
• To analyse aggregate, anonymised usage patterns to improve features.

We do not sell your personal data to third parties. We do not use your data to train AI models.

Subscription payments are processed by Stripe, Inc., a PCI-DSS Level 1 certified payment processor. When you subscribe, you are directed to Stripe's hosted checkout where your card details are entered and stored securely by Stripe. BrewEdge never sees or stores your raw card data.

Stripe may store your name, email, billing address, and payment method details in accordance with their own Privacy Policy. We share your user ID and plan choice with Stripe as subscription metadata to reconcile payments with your account.

You can manage or cancel your subscription — including updating your payment method — at any time through the Stripe Customer Portal, accessible from your account settings.

When you upload a coffee bag photo for label scanning, the image is sent to OpenAI's API for processing. Images are not stored by OpenAI beyond the processing request. Brew inputs and tasting notes sent to the AI are used solely to generate your response and are not retained by OpenAI.

Your data is stored on Neon serverless PostgreSQL (EU region). We use industry-standard encryption in transit (TLS) and at rest. Passwords are hashed using bcrypt and never stored in plain text.

• Access — you can export your brew history at any time.
• Deletion — you can delete your account and all associated data in Settings → Danger zone.
• Correction — you can update your display name in Settings.

We use a single session cookie to keep you signed in. We do not use tracking or advertising cookies. No third-party analytics scripts are loaded.

Questions about this policy? Email us at hello@brewedge.ie.