Privacy Policy

Last updated: January 28, 2025

BrewGenius ("we," "us," or "our") operates the BrewGenius web application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored as a salted hash). If you sign in with Google, we receive your name, email, and profile image from Google.

Brewing Data

We store the data you enter while using the app, including recipes, brew session logs, fermentation readings, water profiles, equipment profiles, and ingredient inventory.

IoT Device Data

If you connect IoT devices (such as Tilt, iSpindel, RAPT Pill, or Plaato), we receive and store gravity and temperature readings transmitted by those devices.

Community Content

Recipes you share publicly, comments, and ratings are visible to other users and stored on our servers.

Usage Data

We automatically collect information about how you interact with the app, including pages visited, features used, and AI assistant queries.

2. How We Use Your Information

Provide, operate, and maintain the BrewGenius service
Authenticate your identity and manage your account
Process AI recipe generation and assistant queries
Send transactional emails (account verification, password resets)
Display community content to other users when you choose to share
Improve our service and develop new features
Enforce our Terms of Service

3. Third-Party Services

We use the following third-party services that may process your data:

Google OAuth — for optional social sign-in. Google receives confirmation that you authenticated but does not receive your brewing data.
Anthropic (Claude AI) — powers our AI recipe generation and brewing assistant. Queries you send to the AI assistant are transmitted to Anthropic for processing.
Resend — handles transactional email delivery (verification emails, password reset emails).
PostgreSQL hosting provider — stores application data in an encrypted database.

4. Cookies and Sessions

We use session cookies and JSON Web Tokens (JWT) to keep you signed in and to manage your authentication state. We also store your theme preference (light/dark mode) locally in your browser. We do not use third-party advertising or tracking cookies.

5. Data Retention

We retain your account and brewing data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it by law. Community content you have shared (public recipes, comments, and ratings) may remain visible after account deletion but will be disassociated from your identity.

6. Data Security

We take reasonable measures to protect your information, including encrypting passwords with bcrypt, using HTTPS for all connections, and storing data in secured databases. However, no method of electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your data
Export your data in a portable format
Withdraw consent for data processing
Object to certain processing activities

To exercise any of these rights, please contact us at the email address below.

8. Children's Privacy

BrewGenius is intended for users who are of legal drinking age in their jurisdiction. We do not knowingly collect information from minors. If you believe a minor has provided us with personal data, please contact us so we can delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@brewgenius.com.