Privacy Policy

Viniq ("we", "us") is the data controller for personal data processed through the Viniq wine-cellar management service available at viniq.se. You can reach us at privacy@viniq.se with any questions about this policy or your personal data.

We collect the following categories of data:

• Account data – name, email address, and (if you set one) a hashed password, or your Google / Apple identity token if you sign in with those providers.

• Wine & cellar data – bottle records, bins, sites, vintages, tasting notes, ratings, and purchase/consumption history that you enter into the service.

• Usage data – pages visited, features used, session timestamps, and your approximate IP address, collected to operate and improve the service.

• Technical data – browser type, device information, and error logs needed to diagnose problems.

We do not collect payment card data. Patreon handles all subscription payments.

We use your data to:

• Provide and operate the Viniq service (contract performance, Art. 6(1)(b) GDPR).

• Send transactional emails such as password resets and account notifications (contract performance).

• Detect abuse, enforce our terms, and comply with legal obligations (legitimate interest / legal obligation, Art. 6(1)(c)(f) GDPR).

• Improve the service through aggregated, anonymised analytics (legitimate interest).

We do not sell your data or use it for third-party advertising.

Your account and cellar data are retained for as long as your account is active. If you delete your account, your personal data is removed within 30 days, except where we are required by law to retain it longer (e.g. financial records). Anonymised, aggregated statistics may be kept indefinitely.

To operate the service we work with a limited number of trusted infrastructure providers. We share only the data each provider needs to perform their function:

• Hosting & database – your account and cellar data is stored on cloud infrastructure operated within the EU or under contractual safeguards equivalent to EU data protection standards.

• Email delivery – a third-party email service is used to send account-related messages such as password resets. It receives only your email address and the content of that specific message.

• Sign-in providers – if you choose to sign in with a social login (such as Google or Apple), that provider handles the authentication step and their own privacy policy applies to it. We receive only the basic profile information needed to create your account.

• File storage – wine label images you upload are stored on a dedicated, access-controlled cloud storage service and are not shared further.

We do not use advertising networks or cross-site tracking of any kind. All usage analytics are first-party and aggregated.

We use a single session cookie (HTTP-only, Secure in production) to keep you signed in. We also use browser localStorage to remember your theme (light/dark) and language preference. No third-party tracking cookies are set.

Under the General Data Protection Regulation you have the right to:

• Access – request a copy of the personal data we hold about you.

• Rectification – correct inaccurate data.

• Erasure – request deletion of your account and data ("right to be forgotten").

• Portability – receive your data in a structured, machine-readable format.

• Restriction – ask us to stop processing your data in certain circumstances.

• Object – object to processing based on legitimate interest.

To exercise any of these rights, email privacy@viniq.se. We will respond within 30 days. You also have the right to lodge a complaint with your national supervisory authority (for Sweden: Integritetsskyddsmyndigheten, imy.se).

Passwords are stored as bcrypt hashes and are never logged or transmitted in plain text. All traffic is encrypted in transit using TLS. Access to production systems is restricted to authorised personnel.

Viniq is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, please contact privacy@viniq.se and we will delete it promptly.

We may update this policy from time to time. When we do, we will update the "Last updated" date above. Continued use of the service after changes constitutes acceptance of the revised policy.

Viniq

privacy@viniq.se

https://viniq.se