← Back

Privacy Policy

Last updated: April 2026

Overview

Bourbonator is a social bourbon tasting journal. We collect information to help you track your pours, discover new bottles, and connect with fellow enthusiasts. We don't sell your data, run ads, or share your information with third parties except as described below.

Information We Collect

Account information: Your username, email address, and password (stored as a salted hash — we never see your actual password).

Tasting data: Check-ins, ratings, tasting notes, flavor notes, serving style, and vintage year that you log. This is the core of the app and is your data.

Social data: Who you follow, toasts you give, and flights or lists you create and share.

Venue data: If you tag a venue on a check-in, we store the venue name and city. We use Foursquare's Places API to look up venue details; see Foursquare's privacy policy.

Profile photo: If you upload a profile photo, it is stored on our servers. You can delete it at any time by removing it in your profile settings.

Usage data: Standard server logs (IP address, browser type, pages visited). We use this for debugging and security, not for tracking or profiling.

How We Use Your Information

  • To provide the core app functionality (check-ins, feed, search, recommendations)
  • To send transactional emails (verification, password reset, notifications you've opted into)
  • To process payments for Pro subscriptions via Stripe — we never see or store your card details
  • To improve the app based on aggregated, anonymized usage patterns

Third-Party Services

We use the following third-party services, each with their own privacy policies:

  • Stripe — payment processing for Pro subscriptions
  • Resend — transactional email delivery
  • Foursquare — venue search and data
  • Railway — hosting and infrastructure

Affiliate Links

Some whisky detail pages include links to retailers (ReserveBar, Total Wine, Flaviar, Amazon). If you purchase through these links, we may earn a commission at no extra cost to you. We only link to legitimate retailers and the links are clearly disclosed.

Data Retention & Deletion

Your data is yours. You can delete your account at any time from your profile settings. When you delete your account, all your check-ins, ratings, notes, wishlist, cellar, flights, lists, and profile photo are permanently deleted within 24 hours.

We do not retain deleted account data except as required by law or for fraud prevention purposes.

Data Security

Passwords are hashed using bcrypt. All data is transmitted over HTTPS. Your database is stored on Railway's infrastructure with access restricted to application code only. We take reasonable precautions but no system is perfectly secure — please use a unique password.

Cookies & Local Storage

We use a single HTTP-only session cookie for authentication. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. No cookie consent banner required.

Children

Bourbonator is a platform about alcoholic beverages and is intended for users 21 years of age or older (or the legal drinking age in your jurisdiction). We do not knowingly collect data from minors.

Changes

If we make material changes to this policy, we will notify users via email and post an announcement in the app. Continued use after changes constitutes acceptance.

Contact

Questions about your privacy? Email us at [email protected].