Back
Privacy Policy for VineReviewer
PRIVACY POLICY
Last Updated: January 8, 2025
This Privacy Policy describes how VineReviewer ("Company," "we," "our," or "us") collects, uses, and protects your information when you use our service located at https://vine-reviewer.com.
INFORMATION WE COLLECT
Personal Information:
- Name and email address (for account creation and authentication only)
- Payment information (processed securely through Stripe; we do not store credit card details)
Service Data:
- Review text you submit to our AI service
- Generated review content returned by our system
- Aggregate mathematical calculations including word counts, time savings metrics, and efficiency measurements
Technical Data:
- Authentication cookies (essential for service functionality)
- Anonymous usage analytics through Vercel Analytics (no personal identifiers)
PURPOSE AND LEGAL BASIS FOR PROCESSING
We process your information solely for the following lawful purposes:
- Contract Performance: Account management and service delivery
- Legitimate Interests: Calculating efficiency metrics to demonstrate service value
- Legal Compliance: Meeting regulatory requirements for financial transactions
DATA MINIMIZATION PRINCIPLE
We adhere to strict data minimization practices:
- No unnecessary personal data collection
- No behavioral tracking beyond service usage
- No marketing profiles or customer segmentation
- Temporary storage of review content for service delivery only
- Permanent retention limited to aggregate mathematical calculations
DATA STORAGE AND RETENTION
Our minimal storage practices include:
- Review text: Temporary storage during processing, then deleted
- Generated content: Temporary storage for delivery, then deleted
- Aggregate metrics: Mathematical calculations only (word counts, time savings)
- Account data: Name, email, and authentication tokens
- Payment data: Processed and stored exclusively by Stripe (PCI DSS compliant)
THIRD-PARTY DATA SHARING
We do not sell, rent, trade, or otherwise monetize your personal information. Limited data sharing occurs only with:
- Stripe Inc. (payment processing - PCI DSS Level 1 compliant)
- OpenAI (review content processing only - no personal identifiers transmitted)
- Legal authorities when required by applicable law
COMPLIANCE FRAMEWORK
VineReviewer maintains compliance with:
- General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- Children's Online Privacy Protection Act (COPPA)
- Payment Card Industry Data Security Standard (PCI DSS) via Stripe
- SOC 2 Type II security standards
DATA SECURITY MEASURES
We implement industry-standard security protocols:
- End-to-end encryption for all data transmission (TLS 1.3)
- Encrypted database storage using MongoDB encryption at rest
- JWT token-based authentication with rotation
- Regular security audits and penetration testing
- Access controls and principle of least privilege
YOUR PRIVACY RIGHTS
Under applicable privacy laws, you possess the following rights:
- Right of Access: Request copies of your personal data
- Right to Rectification: Correct inaccurate personal data
- Right to Erasure: Request deletion of your personal data
- Right to Restrict Processing: Limit how we process your data
- Right to Data Portability: Receive your data in a structured format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Revoke consent for optional processing
CHILDREN'S PRIVACY PROTECTION
Our service is not directed to persons under eighteen (18) years of age. We do not knowingly collect personal information from minors. Upon discovery of such collection, we will immediately delete the information and terminate the account.
COOKIES AND TRACKING TECHNOLOGY
We employ minimal cookie usage:
- Essential Cookies: Authentication and session management (cannot be disabled)
- Analytics Cookies: Anonymous usage statistics (can be opted out)
- No advertising cookies or cross-site tracking technologies
INTERNATIONAL DATA TRANSFERS
Your data may be processed in jurisdictions outside your residence. We ensure adequate protection through:
- Standard Contractual Clauses (SCCs) approved by competent authorities
- Adequacy decisions where applicable
- Additional safeguards as required by law
POLICY MODIFICATIONS
Material changes to this Privacy Policy will be communicated via:
- Email notification to registered users
- Prominent notice on our website
- Thirty (30) day advance notice period for objectionable changes
DISPUTE RESOLUTION
Privacy-related disputes shall be resolved through:
- Direct communication with our Data Protection Officer
- Binding arbitration under applicable commercial arbitration rules
- Regulatory complaints to appropriate supervisory authorities
CONTACT INFORMATION
For privacy inquiries, data subject requests, or security concerns:
Data Protection Officer
Email: privacy@vine-reviewer.com
Response Time: Within 72 hours for urgent matters, 30 days for standard requests
EFFECTIVE DATE
This Privacy Policy is effective as of January 8, 2025, and supersedes all previous versions.
BY USING OUR SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY.