CarnetCarnet← Back to Carnet
Last updated · May 2026

Privacy policy

This policy explains what data Carnet collects, why, and how to control it. Carnet is built around the principle that your tasting notes and cellar inventory are yours — Carnet treats them as personal records, not content to mine. Specifically:

What we collect

  • Account identity. When you sign in with Google we receive your email address and (if you allow it) your full name. That's the entire account profile — there's no separate password or recovery email to store.
  • Your wine data. The cellar bottles you add, the tastings you log, the racks you set up, the photos you attach. This data is stored in our database (hosted on Supabase) and is private to your account by default.
  • Preferences. Display name, default tasting mode, units, currency, notification opt-ins.
  • Photos. Bottle photos you upload are stored in private per-user buckets in Supabase Storage. They're served via signed URLs that expire after one hour.
  • Sign-in cookies. A session cookie keeps you signed in. Strictly necessary; no analytics or advertising cookies.

What we don't collect

  • No third-party analytics (no Google Analytics, no Meta Pixel, no Mixpanel).
  • No advertising trackers.
  • No data brokers or audience segments.
  • No location data beyond what you choose to type into a tasting note.

How we use AI

The Pairing engine sends two kinds of text to Google's Gemini Flash model: (1) the structural profile of a wine and a food, when generating the editorial "Sommelier's Pick" prose; and (2) a free-text food query (e.g. "mushroom risotto"), when the curated food library doesn't have a match and we need attributes extracted. Extracted food attributes are cached so the same query isn't re-sent.

Carnet does not send your tasting notes, cellar contents, or personal identifiers to Gemini.

Sharing

Carnet does not sell or share your data with third parties.

Future social features (planned for v2) will be opt-in — you'll explicitly choose to make individual tastings public. Until you do, nothing you log is visible to anyone else.

Where data lives

  • Application + database hosted on Supabase (which itself runs on AWS infrastructure). You can choose a region during account creation; default is the closest geographically.
  • Photos in Supabase Storage, same region.
  • AI requests sent to Google Gemini Flash via secure API.

Your rights

  • Access & export. Settings → Data & privacy → Export. Downloads a JSON archive of everything Carnet stores about you.
  • Edit or delete individual records. Every tasting, bottle, photo, and wine profile is editable or deletable directly in the app.
  • Delete your account. Settings → Data & privacy → Delete account. Cascade-deletes all of your data including photos. This is permanent.
  • Withdraw consent. You can unsubscribe from product emails at any time in Settings → Notifications.

Children

Carnet is intended for users 18 and over (or the legal drinking age in your country, whichever is higher). We do not knowingly collect data from minors.

Updates to this policy

When this policy changes materially, we'll notify users in-app and via the email you signed up with. Minor edits (typo fixes, clarifications) update silently with a new "Last updated" date.

Contact

Questions or requests: dhendy11@gmail.com.