Legal

Privacy

LAST UPDATED · June 25, 2026

1. Overview

SommelAI, LLC (“sommelai,” “we,” “us,” “our”) provides an AI-powered wine discovery and recommendation application. This Privacy Policy explains how we collect, use, store, and share information when you use the sommelai mobile application (the “App”).

By using the App, you acknowledge and agree to the practices described in this Privacy Policy.

2. Account Types

The App supports three account types:

  • Anonymous accounts are created automatically when you first open the App and confirm you are at least 21 years old. Anonymous accounts do not require any personal information and are limited to 3 lifetime AI-powered actions (menu scans and pairing requests combined).

  • Email accounts are created when you sign up with an email address and password. Email accounts require you to provide your email, display name, date of birth, and gender.

  • Apple Sign-In accounts are created using Apple’s Sign in with Apple service. Apple provides us with your email address (or a private relay address if you choose to hide your email). You also provide your display name, date of birth, and gender during sign-up.

When you convert from an anonymous account to an email or Apple Sign-In account, your existing data (scans, reviews, cellar items) is preserved and linked to your new account.

3. Information We Collect

a. Account Information

When you create an account, we collect:

  • Email address (for email and Apple Sign-In accounts)
  • Password (for email accounts only; stored securely using industry-standard hashing)
  • Display name
  • Date of birth (used to verify you are at least 21 years old)
  • Gender (optional: Woman, Man, Non-binary, or Prefer not to say)
  • Marketing opt-in preference (whether you want to receive wine tips and recommendations)

b. Taste Profile Information

During onboarding or at any time in the App, you may provide:

  • Wine experience level (beginner, casual, enthusiast)
  • Budget preferences
  • Preferred wine varietals
  • Flavor preferences (liked and disliked flavor notes for each varietal)
  • Free-text wine preferences

c. User Content

You may submit content through the App, including:

  • Images of wine menus
  • Images of wine bottle labels
  • Wine reviews (such as ratings, flavor notes, comments, and dining location)
  • Cellar inventory entries (such as wine details, quantity, price paid, and purchase location)
  • Restaurant or venue names
  • Free-text prompts for wine recommendations

d. Images

Images you upload are processed to read and identify the wines they contain. Images are stored both on your device and in our cloud storage. We may retain images to improve our services unless you request deletion.

e. Usage and Analytics Data

We automatically collect:

  • Feature usage events (such as scans, recommendations, reviews, and navigation)
  • App interactions and session data
  • Error and crash diagnostics
  • Performance metrics (e.g., scan duration, recommendation response time)
  • Device type, operating system version, and app version

We use a third-party analytics provider to collect this information. Your account identifier is linked to your analytics profile for product-improvement purposes.

f. Identifiers

  • Anonymous users: We assign a persistent anonymous identifier (UUID) to your device.
  • Account holders: Your account is identified by a unique user ID linked to your email or Apple ID.

Authentication tokens are stored securely on your device.

4. Information We Do Not Collect

We do not collect:

  • Precise geolocation or GPS coordinates
  • Contacts or address book data
  • Phone numbers
  • Payment or credit card information
  • Health or fitness data
  • Browsing history outside the App

5. How We Use Information

We use the information we collect to:

  • Operate and improve the App
  • Verify your age (21+)
  • Create and manage your account
  • Generate personalized wine recommendations based on your taste profile
  • Process the menu and bottle label images you submit
  • Store and display your wine cellar inventory
  • Send you reminders and notifications related to your activity
  • Send transactional emails (password reset, email confirmation, email change notifications)
  • Send marketing emails if you opt in
  • Analyze usage patterns and improve features
  • Diagnose errors and performance issues
  • Improve and develop our services and models
  • Generate aggregated and anonymized insights

6. Automated Processing and Service Improvement

We use automated processing to operate core features of the App, such as interpreting the images and text you submit and generating personalized recommendations and content. Some of this processing is performed by third-party service providers on our behalf.

These providers act as data processors, process your data only as needed to provide their services to us, and are contractually obligated to protect it.

We may also use your interactions, content, and other data to operate, improve, and develop our own services, features, and models. Where practicable, we use anonymized or de-identified data for these purposes, and any aggregated or derived data is not reversible to individual users.

7. Sharing of Information

a. Aggregated and De-Identified Data

We may share, license, or sell aggregated, anonymized, or de-identified data to third parties, including business and commercial partners.

For purposes of this Policy:

  • “Aggregated data” means information that relates to a group or category of users, from which individual identities have been removed, and that is not linked or reasonably linkable to any individual or device.
  • “De-identified data” means information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular individual or device.

Before we share, license, or sell any such data, we take commercially reasonable measures to ensure it is aggregated and/or de-identified so that it does not identify any individual user and cannot reasonably be associated with one. Demographic information (such as age and gender) is shared only in the form of aggregate distributions across groups of users, never as individual-level records. We publicly commit to maintaining and using this data only in de-identified or aggregated form, and we will not attempt to re-identify it, except as reasonably necessary to test that our de-identification measures are effective. Where we provide such data to a third party, we contractually require that the recipient not attempt to re-identify it.

b. Service Providers

We use third-party service providers to operate the App. These include:

  • Cloud infrastructure, database, and storage providers
  • Data processing providers
  • Product analytics providers
  • Transactional email providers
  • Apple (for Sign in with Apple identity verification)

These providers process data on our behalf, only as needed to provide their services to us, and are contractually obligated to protect your information.

We may disclose information if required by law, regulation, subpoena, or legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

8. Data Storage

a. Cloud Storage

Your account information, content, and usage data are stored in our cloud database. Images are stored in private cloud storage with access controls that ensure you can only access your own files.

b. On-Device Storage

The App stores certain data locally on your device:

  • Authentication tokens (in your device’s secure storage)
  • Bottle label photos (for offline access and sharing)
  • Notification schedules

Data stored on your device persists across app updates but is removed if you delete the App.

9. Data Retention

  • Account information and user content are retained indefinitely unless you request deletion.
  • Images are retained indefinitely unless you request deletion.
  • Analytics data is retained for as long as needed for product-improvement purposes.
  • Aggregated, anonymized, or model-derived data may be retained even after your account or content is deleted.

10. Data Deletion

You may request deletion of your account and associated data by emailing support@thesommelai.com with the subject line “Data Deletion Request.” Include your Account ID (found in the Profile tab of the App).

Upon receiving a verified request, we will delete:

  • Your account and authentication records
  • Your profile, preferences, and taste data
  • Your scans, reviews, cellar items, and bottle scans
  • Your images stored in our cloud storage

Deletion does not include:

  • Anonymized, aggregated, or model-derived data
  • Data that has already been incorporated into aggregate analytics
  • Data we are required to retain for legal or compliance purposes

We aim to process deletion requests within 30 days.

11. Your Privacy Rights

California Residents (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it is used
  • Request deletion of your personal information
  • Opt out of the “sale” of personal information

We do not sell personal information as defined by CCPA. We may share, license, or sell aggregated, anonymized, or de-identified data, which does not constitute personal information under California law. We do not attempt to re-identify such data and contractually require recipients not to do so. See Section 7(a) for details.

To exercise your rights, contact us at support@thesommelai.com.

Other Jurisdictions

If you are located in a jurisdiction with applicable data protection laws, you may have additional rights regarding access, correction, portability, or deletion of your data. Contact us to exercise any applicable rights.

12. Children’s Privacy

The App is intended solely for users who are at least 21 years old. We do not knowingly collect personal information from anyone under 21. If we learn that we have collected information from someone under 21, we will delete it promptly. If you believe we have information from someone under 21, please contact us at support@thesommelai.com.

13. Age Verification

We verify your age through self-attestation:

  • Anonymous users must confirm they are at least 21 years old before accessing the App.
  • Account holders must provide their date of birth during sign-up. The App validates that you are at least 21 before allowing account creation.

We do not use independent third-party age verification services.

14. Data Security

We use reasonable administrative and technical safeguards to protect your information, including:

  • Secure authentication
  • Password hashing using industry-standard algorithms
  • Secure token storage on your device
  • Private storage with access controls
  • HTTPS encryption for all data in transit

No system is completely secure. If you become aware of a security vulnerability, please contact us at support@thesommelai.com.

15. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the App or by other reasonable means. The “Last updated” date at the top indicates when the policy was last revised.

Continued use of the App after changes constitutes acceptance of the updated policy.

16. Contact

Questions, concerns, or requests:

support@thesommelai.com

Document Version: 2.0