Privacy Policy for Bourbon Bro

Bourbon Bro, LLC ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application "Bourbon Bro" (the "App"), which allows users to manage collections of bourbon bottles and monitor their value from real-time auctions. By using the App, you agree to the terms of this Privacy Policy.

If you do not agree with this Privacy Policy, please do not access or use the App. The App is intended for users who are at least 21 years old, in compliance with U.S. alcohol regulations. We do not knowingly collect data from children under 13 (or under 16 in certain jurisdictions).

1. Information We Collect

We collect minimal personal information to provide the App's functionality. Categories of information include:

• Account Information: When you sign up (required for use), we collect your email address for verification via AWS Cognito. You may optionally provide a username. In the future, we may support social logins (e.g., Google or Apple), which could provide additional details like your name or profile picture.
• Device and Usage Information: Through AWS Cognito (enhanced user pools) and Firebase Analytics, we may automatically collect device details such as operating system, IP address, browser type, and app usage patterns (e.g., pages viewed, time spent). This helps us improve the App and troubleshoot issues.
• User-Submitted Content: You may upload photos of bourbon bottles via camera or photo library access. These photos, along with any associated metadata (e.g., timestamps), are stored. We also collect data you provide about bottles, such as pricing or collection details.
• Payment Information: For in-app upgrades (e.g., monthly subscriptions), payment details are handled by third-party processors (e.g., Apple App Store or Google Play); we do not store your payment card information.
• Location Data: We do not collect or store location data, though AWS services may log it temporarily for security purposes.

We do not collect sensitive personal information such as health data or precise geolocation unless you explicitly provide it (which is not required).

2. How We Use Your Information

We use your information to:

• Provide and maintain the App, including authentication, bottle collection management, and real-time auction value monitoring.
• Analyze photos for nefarious content (e.g., inappropriate material) to ensure community safety.
• Improve the App through analytics (e.g., understanding usage trends via Firebase).
• Process subscriptions and communicate with you (e.g., verification emails).
• Comply with legal obligations, such as age verification for alcohol-related content.

3. How We Share Your Information

We do not sell your personal information. We may share it in limited circumstances:

• Third-Party Service Providers: With AWS (for authentication via Cognito, storage via S3, and databases via RDS) and Firebase (for analytics). These providers may access device info, IP addresses, or usage data.
• Public Features: If you add photos to a public collection, they may be visible to other users via encoded URLs (designed to be hard to guess but technically accessible).
• Legal Requirements: If required by law, subpoena, or to protect our rights, safety, or property.
• Business Transfers: In connection with a merger, sale, or asset transfer.

4. Data Storage and Security

Your data is stored in secure AWS environments (e.g., RDS behind a VPC for database info, S3 for photos). We use industry-standard measures like encryption in transit. However, no system is completely secure, and we cannot guarantee absolute security. Photos are retained as long as needed for app functionality (e.g., public collections) but deleted upon user request or account closure, with a grace period for backups. We perform weekly automated backups.

5. Your Rights and Choices

You have rights regarding your data:

• Access and Update: View or edit your account info in the App.
• Deletion: Delete your account via the App settings; associated data will be removed within 90 days.
• Opt-Out: You can opt out of analytics by disabling them in device settings (e.g., for Firebase).
• California Residents: Under CCPA, you may request access, deletion, or opt-out of sales (though we do not sell data). Contact us for these requests.

6. Changes to This Privacy Policy

We may update this Policy from time to time. Changes will be posted here with an updated effective date. Continued use of the App after changes constitutes acceptance.

7. Contact Us

If you have questions about this Privacy Policy or your data, contact us at: