Privacy Policy
1. Introduction
This Privacy Policy explains how Gramage ("we," "our," or "the App") collects, uses, and protects your information. By using Gramage, you agree to this Privacy Policy.
2. Information we collect
Account information
- Email address (required for account creation)
- Password (encrypted, not accessible to us)
- Display name (optional)
Brewing data
- Brew logs (method used, date, coffee/water amounts, temperature)
- Ratings and notes you add to brews
- Timestamp of each brew session
Device information
- Device type and operating system version (for compatibility)
- App version (for troubleshooting)
- Notification preferences (for timer alerts)
Information we do NOT collect
- Location data
- Contact lists
- Camera or photo library access
- Payment information (handled entirely by App Store/Google Play)
3. How we use your information
We use your information solely to:
- Provide the brewing timer and logging service
- Store your brew history across devices
- Send timer notifications during active brews
- Troubleshoot technical issues if you contact support
4. Data storage and security
Where your data lives
- All data is stored on Supabase servers (PostgreSQL database)
- Supabase data centers are located in the United States
- Automatic daily backups maintained by Supabase
Security measures
- Passwords are encrypted using industry-standard hashing
- Data transmission uses SSL/TLS encryption
- Row-Level Security (RLS) ensures you can only access your own brew logs
- Two-factor authentication available (email verification)
5. Data sharing
We do NOT sell, rent, or share your data with third parties, except:
- Supabase (infrastructure provider): Stores your account and brew data
- Apple/Google: Payment processing for Premium subscriptions (they handle all payment info, we never see it).
- Legal requirements: If required by UAE law or valid court order
6. Your data rights
You have the right to:
- Access: View all your brew logs in the History screen
- Edit: Modify or delete individual brew logs
- Delete: Request permanent deletion of your account and all data by emailing support@getgramage.com
Data retention after deletion
- Account deletion requests are processed within 7 business days
- Account deletion is permanent and cannot be undone
- All your data (brew logs, notes, account info) is deleted within 30 days of your request
- Backups are purged within 90 days
7. Children's privacy
Gramage is not intended for users under 13 years old. We do not knowingly collect data from children. If you believe a child has created an account, contact us at support@getgramage.com and we will delete it immediately.
8. Notifications
The App sends notifications only for:
- Active brew timers (step transitions during a brew session)
- Step completion alerts
You can disable notifications in your device settings or via Settings > Notifications in the App.
9. Cookies and tracking
We do NOT use:
- Analytics tools (no Google Analytics, Mixpanel, etc.)
- Advertising trackers
- Third-party cookies
The only "tracking" is session authentication (Supabase tokens) to keep you logged in.
10. Changes to this policy
We may update this Privacy Policy as the App evolves. Changes will be posted in the App and on this page with a new "Last Updated" date. Continued use after changes means you accept the updated policy.
11. International users
If you are outside the UAE:
- Your data may be transferred to and stored in the United States (Supabase servers)
- By using Gramage, you consent to this transfer
- We comply with UAE data protection laws; other jurisdictions may have different standards
12. Contact us
For privacy questions or data requests:
- Email: support@getgramage.com
- Response time: Within 7 business days
13. Compliance
This Privacy Policy complies with:
- Apple App Store Guidelines (Section 5.1.2 — Data Use and Sharing)
- Google Play Developer Policy (User Data section)
- UAE Federal Decree-Law No. 45 of 2021 (Personal Data Protection Law)