Legal

Vitola — Privacy Policy

Last updated: 12 July 2026
Applies to: the Vitola mobile app (iOS and Android)
Hosted at: https://vitola.my/legal/privacy

Vitola is an adults-only (21+, attested in-app) reference, tasting-journal and pairing companion for people who already enjoy cigars and their spirit/coffee companions. This policy explains exactly what we collect, why, who we share it with, how long we keep it, and the rights you have. It is written to be specific to how the app actually works — not a generic template.

We (the “operator”) run our own self-hosted backend (Supabase — Postgres, Auth and Storage — plus an AI proxy and a webhooks service). We also use Google’s Firebase services for analytics, crash reporting and push notifications (see §1). We are the data controller for the data described below.

1. What we collect and why

Account (required to sign in)

Purpose: to create and secure your account. Legal basis: performance of a contract.

Social sign-in (optional)

Instead of a password you can sign in with Apple or Google:

We receive only this basic identity data from the provider; we never see your Apple or Google password. Purpose: account creation and sign-in. Legal basis: performance of a contract.

Profile & preferences

Purpose: to run the age gate, personalise the catalogue, and honour your AI choice. Legal basis: contract; legal obligation (age restriction); consent (AI).

Taste profile, collection, journal, wishlist

Purpose: to provide the core journal + pairing features. Legal basis: contract (consent for optional photos). Photos you attach are stored in our self-hosted Supabase Storage.

Reviews & community (UGC)

Purpose: to power product reviews and to keep the community safe. Legal basis: contract; legitimate interest and legal obligation (moderation of user content).

AI Sommelier (only after you consent)

Purpose: to provide the AI sommelier and to enforce fair-use limits. Legal basis: consent.

Purchases & entitlement

Purpose: to unlock paid features and restore purchases. Legal basis: contract.

Technical / device data

Analytics & crash reporting (Firebase, Google LLC)

2. The AI Sommelier and the third-party AI provider

The AI Sommelier is off until you explicitly consent (App Store Guideline 5.1.2). Before your first AI message the app shows a consent screen that discloses what is shared, with whom, and why; the chat is unreachable until you agree, and you can revoke consent at any time in Settings.

When you use the feature, the app sends your message to our AI proxy, which forwards it to Google Gemini to generate a reply. To ground answers in your own palate, relevant context from your own collection and taste profile (which already lives in your account) may be added server-side by the proxy. Your data is not used for advertising. Google processes this data under its API terms and may process it outside your country. If you decline or later revoke consent, no messages are sent to the AI provider.

Your pairing recommendations outside the AI feature are computed on your device by a local engine — no data leaves the app for ordinary pairings.

3. Who we share data with

Recipient What they receive When
Self-hosted Supabase (our own servers) All account, profile, collection, journal, review, and AI-history data above Always — this is our backend
Google LLC (Firebase) Analytics events + app instance ID (unless you opt out in Settings); crash logs + device model/OS; FCM push token (only if you enable notifications) While you use the app
Google Gemini (via our AI proxy) Your AI chat message + relevant collection/taste context Only after AI consent, for subscribers
RevenueCat An app user identifier + purchase history / entitlement info When you subscribe or buy a message pack
Apple App Store / Google Play The payment itself When you subscribe or buy a message pack

We do not sell your data and do not share it with advertising networks.

4. Retention

We keep your data while your account is active. When you delete your account (§5), a real server-side cascade removes your rows from every user-owned table and your auth record. AI daily-usage counters are keyed by day and removed with your account. Backups, where they exist, age out on the operator’s normal cycle.

5. Your rights and choices

Depending on where you live, these rights arise under the GDPR and, for users in Türkiye, the KVKK; residents of other regions may have comparable rights.

6. Children / age restriction

Vitola is strictly for adults (21+) and requires an in-app 21+ attestation before use. It is not directed to, and we do not knowingly collect data from, anyone under 21. If you believe a minor has created an account, contact us and we will delete it.

7. Contact & region

If we make material changes to this policy we will update the “Last updated” date and, where appropriate, notify you in the app.