Privacy Policy

Effective: 18 May 2026

Korken is a personal wine cellar app. This page explains what we collect, why, where it lives, and what you can do about it. We've tried to keep it short and in plain English.

The short version: We keep your email so you can sign in. We keep the wine data you enter so the app can show it back to you. We send your wine photos and chat messages to an AI to interpret them. We don't sell your data, we don't run ads, and we don't track you across other websites.

What we collect

Account info: your email address and a hashed password (handled by our auth provider, Supabase — we never see your password in plain text).
Cellar data: the wines, bottles, locations, prices, tasting notes, and ratings you enter into the app.
Photos: wine labels and wine list photos you upload, stored in private cloud storage scoped to your account.
AI conversations: the messages you send to the Korken assistant, plus the assistant's replies. We keep recent history so the assistant can follow context across a conversation.
Onboarding preferences: the style preferences and notes you give us during onboarding (e.g. "Mostly red wine", "I like bold Cabernets").
Basic technical data: we keep server-side logs of edge function calls for debugging and rate-limit enforcement. These contain timestamps, function names, and user IDs — not the content of your messages.

Where it lives

All of your data is stored in Supabase (Postgres database, file storage, and authentication), hosted in the United States. We use Row-Level Security so that, in normal operation, only you can read your own rows.

Who else sees it

Anthropic (Claude API): when you scan a wine label, scan a wine list, or chat with the Korken assistant, the relevant text or image is sent to Anthropic to be processed. Anthropic's privacy policy applies to that processing.
Supabase: our database, storage, and auth provider. Their privacy policy covers infrastructure-level handling.
Hosting: static assets are served from a hosting provider (currently Vercel).
Error monitoring (Sentry): if something crashes in the app, we send the technical error details to Sentry so we can fix it. Before sending, we strip your email, cookies, and URL query parameters. We keep only your user ID so we can tell which user hit which bug. Sentry's privacy policy.

That's the full list. We do not sell or share your data with advertisers, data brokers, or any third party not listed above.

Cookies and local storage

Korken uses localStorage in your browser to remember your sign-in session, your onboarding progress, and the last few messages from your AI assistant conversation (so it can remember context). We don't use tracking cookies or third-party analytics cookies.

Your rights

You can:

Access: see all of your cellar data inside the app at any time.
Export: request a copy of your data as a JSON file.
Correct: edit any wine, bottle, note, or preference at any time inside the app.
Delete: delete your account and all associated data.

Export and delete-account flows are being rolled out as part of our beta. In the meantime, email us and we'll do it for you.

Children

Korken is a wine app and is not intended for use by anyone under the legal drinking age in their jurisdiction. We do not knowingly collect data from minors.

Security

We rely on Supabase for authentication and at-rest encryption of your data. Communication between your browser and our backend happens over HTTPS. No system is perfectly secure, but we treat your cellar like it's our own.

Changes

If we change this policy in a way that materially affects how your data is used, we'll let you know inside the app before the change takes effect.

Contact

Questions, requests, or just want to say hi? Email hello@korken.app.

← Back to Korken