Privacy Policy

We collect the following categories of data:

• Account data: name, email, encrypted password (when you sign up with email/password), username and legal-age confirmation.
• Data received when signing in with Google: name, email and public profile picture. We never receive your Google password.
• Professional profile data: city, country, languages, specialties, bio, years of experience, social networks, profile picture.
• Published content: recipes, gallery photos, quotes, conversations with the AI Mixologist.
• Payment data: processed directly by Stripe; we only store a customer identifier, the contracted plan and the subscription status.
• Technical data: IP address (anonymized), browser type, operating system, language, pages visited, date and time of access, security audit events.
• Third-party data (prospective clients): when a visitor to a PRO/PRO+ profile submits a quote request, we collect their name, email, optional phone, event date and type, location, estimated guest count and message. This data is delivered to the recipient bartender and stored in their request inbox.
• Cookies: see our Cookies.

• Create and manage your account and public profile.
• Provide Platform features (profile, recipe book, gallery, calculator, AI Mixologist, PDF export).
• Process payments and manage subscriptions through Stripe.
• Verify legal age and prevent fraud.
• Operate the quote-request (LEADS) system for PRO/PRO+ profiles: validate the submission, apply anti-spam rate limits per IP and deliver the request to the recipient bartender via email and dashboard.
• Send you operational notifications (account changes, billing, security, password reset) and, if you opt in, promotional communications.
• Improve the Platform through aggregated and anonymized analytics.
• Comply with legal, tax and accounting obligations.

Processing is based on:

• Contract performance: providing the services you contracted.
• Consent: for optional cookies, promotional communications and use of Google sign-in.
• Legitimate interest: security, fraud prevention and product improvement.
• Legal obligation: tax, accounting compliance and response to authorities' requirements.

We share data exclusively with the following processors, all of which are subject to contractual obligations of confidentiality and security:

• Lovable Cloud (built on Supabase): database infrastructure, authentication, file storage and OAuth broker for Google sign-in.
• Cloudflare: hosting, CDN and serverless function execution.
• Stripe, Inc.: payment processing, subscription management and billing portal.
• Lovable AI Gateway: managed gateway to Google and OpenAI AI models, exclusively to process your queries to the AI Mixologist.
• Resend: delivery of transactional emails (verification, password reset, notifications).
• Competent authorities: when there is a valid legal obligation.

Some providers are located outside the European Economic Area (mainly the United States). In such cases we guarantee an adequate level of protection through Standard Contractual Clauses approved by the European Commission or other equivalent mechanisms. We do not sell your personal data to third parties.

In compliance with GDPR and similar regulations, you have the right to:

• Access the data we hold about you.
• Rectify inaccurate or incomplete data.
• Delete your data (right to be forgotten).
• Restrict or object to processing.
• Port your data to another provider.
• Withdraw consent when it is the basis of processing.
• File a complaint with the competent supervisory authority.

You can exercise these rights from your panel or by writing to Contact. We will respond within a maximum of 30 days.