BarrelLogic ("we", "us") operates the winery operations platform at barrellogic.com. This Privacy Policy explains what data we collect, how we use it, and the rights you have.
Summary
- We do not sell your data. Not to anyone, for any reason, ever.
- We do not train Anthropic's or any other provider's models on your data. The specialists run on the providers' inference endpoints under their API terms, which — as of this writing — exclude API traffic from model training.
- You can export everything. The Full Data Export feature produces a ZIP archive of every row we hold on your winery.
- You can delete everything. Account deletion purges operational data within 90 days, excluding records we must retain for legal or financial compliance.
- We encrypt sensitive fields. API credentials and payment method summaries are encrypted at rest with AES-256-GCM. Transport is TLS 1.2+ everywhere.
Data we collect
Winery data you provide or authorize us to collect
- Account info: email, name, winery name, winery address.
- Winemaking operations data: vessels, lots, vineyard blocks, chemistry readings, work orders, modules, conversations with the specialists.
- Customer lists you import or sync from DTC platforms (Commerce7, etc.). This is your customer data; we process it on your behalf under the DPA.
- Sensor readings from BarrelLogic hardware you install.
- Files you upload (CSVs, photos via the mobile app, lab-result PDFs).
Data we observe
- Browser and device metadata (user-agent, IP address) for security and rate limiting.
- Product usage events (which pages, which features, error rates) — for engineering.
- Audit trail of privileged actions (Phase 23 audit_log).
Data we do not collect
- We do not track you across other websites.
- We do not fingerprint your device beyond standard anti-abuse signals.
- We do not record browser sessions except when an error occurs, and then with all text and media masked.
How we use data
- Operate the Service — run specialists, generate briefings, sync integrations, produce reports.
- Improve the Service — aggregate analytics on feature usage, error investigation. Individual winery data is not surfaced to product decisions; we look at cohorts.
- Bill — compute usage metering, Stripe invoicing, revenue-share calculation.
- Communicate — transactional emails (billing, alerts, briefings), and — only with your consent — product announcements.
- Secure — detect fraud, abuse, and prompt-injection attempts. Logged to the security_events table.
- Comply — retain records where required (e.g. financial records for 7 years under most accounting regulations).
Third-party processors
We use the following sub-processors to deliver the Service. Each has contractual obligations to protect your data.
| Processor | Purpose | Data |
|---|---|---|
| Supabase | Database, auth, storage | All operational data |
| Vercel | Web + API hosting | Server-side processing |
| Anthropic | AI inference (specialists) | Conversation content, system prompts |
| OpenAI | Voice transcription (Whisper) | Audio files |
| Stripe | Payment processing | Billing details |
| Resend | Transactional email | Email addresses, email content |
| Commerce7 | DTC wine commerce (opt-in) | Customer + order sync |
| Expo | Push notifications | Push tokens |
| Sentry | Error tracking | Stack traces (with PII stripped) |
| Upstash | Rate-limiting cache | IP addresses (ephemeral) |
A complete and current list with legal basis, data categories, and retention periods is maintained at docs/sub-processors.md.
Your rights
All users
- Access — download a full export via Settings → Data.
- Correction — update any field we hold via the relevant Settings surface.
- Deletion — request account deletion via support@barrellogic.com. We execute within 30 days.
- Portability — the data export is in machine-readable JSON + CSV.
EU / UK / EEA (GDPR / UK GDPR)
In addition:
- Object to processing for direct marketing.
- Restrict processing while a dispute is resolved.
- Lodge a complaint with a data protection authority.
Our EU representative is [to be designated before EU launch].
California (CCPA / CPRA)
In addition:
- Right to know what personal information we collect, use, and disclose.
- Right to opt out of sale or sharing of personal information — we do neither, but the option is explicit.
- Right to non-discrimination for exercising privacy rights.
Data retention
- Active data: kept as long as your account is active.
- Post-cancellation: operational data purged 90 days after termination, unless legally required to retain longer (e.g. 7-year financial-records retention).
- Audit log: 7 years (tamper-evident append-only log; we cannot delete entries even on request — this is documented to users in the audit-log UI).
- Security events: 24 months.
- Backups: Supabase point-in-time recovery retains up to 30 days of history; these are purged on the same schedule as production data.
Security
See the security hardening doc (public copy to be republished under barrellogic.com/security) for specifics. Highlights:
- TLS 1.2+ everywhere; HSTS preload enabled.
- Row-level security on every multi-tenant table.
- AES-256-GCM encryption for sensitive columns (integration credentials, etc.).
- Rate limiting on all API endpoints.
- Tamper-evident audit log.
- Regular third-party penetration testing (first scheduled pre-launch).
Children
The Service is not intended for users under 18. We do not knowingly collect data from anyone under 18. If you believe a minor has provided data, contact privacy@barrellogic.com and we will delete it.
Cookies
See the Cookie Policy for the full list. Briefly: we use strictly-necessary cookies for auth and preferences. Analytics and marketing cookies only with your explicit consent via the cookie banner.
International transfers
BarrelLogic is incorporated in Delaware, USA. Data centers are selected per customer region where Supabase supports it; the default region is US-East. EU customer data is hosted in Supabase EU (Ireland) on request.
Cross-border transfers from the EU use Standard Contractual Clauses (SCCs) per GDPR Article 46.
Changes
We will notify you via email and in-app banner at least 30 days before any material change to this policy.
Contact
privacy@barrellogic.com for data requests or questions.