Legal

Privacy Policy

Last updated: 15 April 2026

1. Who we are

SipWiser ("we", "us", "our") is operated from Belgium and acts as the data controller.

  • Email: contact@sipwiser.app
  • Data Protection Officer: We are not required to appoint a DPO under GDPR Art. 37. Privacy queries go to the email above.

If you need a postal contact for a formal data-subject request or regulatory correspondence, email us and we will provide one.

2. Summary

SipWiser is a local-first app. Your data lives primarily on your device. When you sign in, we sync a copy to our servers in the EU so your sips are available across devices and restorable after reinstall. We do not sell your data, we do not run advertising, and we do not use behavioural trackers.

3. Data we collect

  • Account — your email address and a Supabase user ID, provided by Google when you sign in.
  • Profile (health-related, optional) — date of birth, sex, weight, and height if you opt in to BAC estimation. These are required to compute Blood Alcohol Concentration. See §4 on special-category treatment.
  • Sips and sessions — for every drink you log: timestamp, drink type, size, alcohol by volume, and optional notes. Aggregated into sessions. When combined with the BAC profile, this reveals information about your health.
  • Device — a push-subscription endpoint if you enable reminders or nudges. No device identifiers beyond that.
  • Location — off by default. When you turn it on (a future feature), we store latitude/longitude and a reverse-geocoded place name per sip.
  • Analytics — page views, referrer, and country via Vercel Web Analytics. Cookie-free; no persistent identifiers stored.
  • IP address — processed transiently by Vercel (to serve pages, derive country for analytics, and prevent abuse) and by Supabase (on authentication events, for security logging). Not linked to your account beyond the authentication record.

4. Why we process it, and our legal basis

Your BAC profile (date of birth, sex, weight, height) combined with your logged sip history reveals information about your physical health. We treat it as special-category data under GDPR Art. 9 and rely on your explicit consent (Art. 9(2)(a)), captured when you enable BAC in-app. Everything else runs on the Art. 6 bases below.

DataPurposeLegal basis
Account (email, user ID)Authenticate you and attach your sips to your accountArt. 6(1)(b) Contract
BAC profile + sip history (as health data)Compute BAC estimates you asked to seeArt. 9(2)(a) Explicit consent
Sips and sessions (as ordinary personal data, when BAC is off)Provide the core app functionalityArt. 6(1)(b) Contract
Push subscriptionDeliver reminders you opted intoArt. 6(1)(a) Consent
LocationShow where you drink mostArt. 6(1)(a) Consent
Analytics (aggregate, cookie-free)Understand aggregate usage and fix bugsArt. 6(1)(f) Legitimate interest
IP address (transient)Serve the app securely, prevent abuseArt. 6(1)(f) Legitimate interest

Legitimate-interest balancing (analytics & IP): we use Vercel's cookie-free, aggregate analytics and only transient IP processing. This is low impact, non-personalised, and within users' reasonable expectations for a web service. You can object at any time under Art. 21 by emailing us; we will stop the processing unless we demonstrate compelling legitimate grounds. You can also disable analytics by using the app offline (sign out) — the app remains fully functional locally.

5. How to withdraw consent

You can withdraw any consent at any time, without affecting prior lawful processing:

  • BAC / health data — Settings → BAC → disable. Your profile fields (DOB, sex, weight, height) are cleared.
  • Push notifications — Settings → Reminders → disable, or revoke permission in your browser/OS.
  • Location (when available) — Settings → Privacy → disable, or revoke permission in your browser/OS.
  • Account + all data — Settings → Account → Delete all data.

6. Where your data is stored

  • On your device — IndexedDB, persisted until you clear browser storage or delete the app.
  • Supabase — Postgres database hosted in the EU region. Protected by row-level security: only your authenticated session can read or write your rows.
  • Vercel — our hosting provider. Static content and serverless functions are served from edge regions globally.
  • Essential cookies — Supabase sets an authentication session cookie when you sign in. It is strictly necessary to keep you logged in and is not used for tracking.

7. International transfers

Vercel's global edge network and sub-processors may process data outside the EEA. We rely on:

  • EU Standard Contractual Clauses (2021) with our sub-processors.
  • Supplementary measures published in the sub-processors' DPAs (encryption in transit, encryption at rest, access controls).
  • A lightweight Transfer Impact Assessment based on the published protections; no transfers to high-risk jurisdictions are made for authenticated user data, which stays in the EU Supabase region.

For UK users, we rely on the UK International Data Transfer Addendum where applicable.

8. Sub-processors and independent controllers

Processors (acting on our instructions):

Independent controllers (you interact with them directly when using certain features):

  • Google — when you click "Continue with Google," Google processes your sign-in as an independent controller under its own privacy policy (https://policies.google.com/privacy). We receive only your email address and a Google user ID.
  • Apple APNs / Google FCM / Mozilla autopush — when push notifications are enabled, only your push-subscription endpoint is shared with the relevant service to deliver messages.

9. Retention

  • Active accounts — we keep your data as long as your account is active.
  • After account deletion — deletion is self-serve in Settings → Account → Delete all data. Application rows are removed immediately; our database backups roll off within 30 days.
  • On-device — IndexedDB persists until you clear browser storage or delete the app.
  • Dormant accounts — we currently do not automatically delete dormant accounts. If we introduce a dormancy policy, we will notify you in-app before it takes effect.

10. Your rights under GDPR

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Erase your data (self-serve via Settings, or by email for anything we missed)
  • Restrict or object to processing (including legitimate-interest processing, under Art. 21)
  • Portability — receive your data in a machine-readable format
  • Withdraw consent at any time — see §5 for the in-app paths
  • Lodge a complaint with your national data protection authority. In Belgium, this is the Autorité de protection des données / Gegevensbeschermingsautoriteit (APD/GBA): https://www.dataprotectionauthority.be

To exercise any right that is not self-serve, email us at contact@sipwiser.app. We respond within 30 days (extendable by up to 60 days for complex requests, with notice).

11. Children

SipWiser is not intended for anyone under 18 (or the local legal drinking age, if higher). Age is self-certified at sign-in. We do not knowingly collect data from minors. If you believe a minor has signed up, contact us and we will delete the account.

12. Automated decision-making

None. The BAC display is informational. It does not make decisions that produce legal or similarly significant effects on you within the meaning of GDPR Art. 22.

13. Security and breach notification

We use the access controls, row-level security, and encryption provided by Supabase and Vercel. In the event of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify the Belgian APD/GBA within 72 hours and notify you without undue delay if the risk is high, per GDPR Art. 33–34.

14. Changes to this policy

If we materially change this policy, we will show a notice in-app before the change takes effect. The "Last updated" date at the top of this page always reflects the current version.

15. Contact

Questions or requests: contact@sipwiser.app.