← Back to Wine Hero

Privacy Policy

Last updated: 16 April 2026

1. Who we are

Wine Hero Ltd (“Wine Hero”, “we”, “us”) is a UK limited company. We provide an AI-powered consultant called Celia that helps independent restaurants run smarter wine programmes, understand their business, and grow revenue.

We are the data controller for the personal data described in this policy. You can contact us at hello@staff.wine-hero.co.uk for any data-related requests.

2. Data we collect

When you use Wine Hero, we may collect and process the following data:

  • Account information: your phone number (for OTP verification), email address (for magic link login), and your name.
  • Venue information: venue name, address, and type.
  • Venue documents: wine lists, food menus, POS reports, supplier invoices, and other files you upload or send to Celia.
  • Conversation history: messages exchanged with Celia via chat and voice, including transcripts.
  • Payment information: processed securely by Stripe. We do not store card numbers. Stripe provides us with your subscription status and billing identifiers.
  • Email integration tokens: if you connect Gmail or Outlook, we store OAuth access and refresh tokens to read your inbox and manage drafts on your behalf. We do not store your email password.
  • Usage data: which features you use, when you log in, and how you interact with the app, for the purpose of improving the service.

3. How we use your data

We use your data to:

  • Deliver the Wine Hero service, including AI-generated recommendations, reports, and automations.
  • Analyse your wine list, menus, and POS data to generate gap analyses and business intelligence reports.
  • Power Celia, your AI consultant, with context about your venue so she can give relevant, personalised advice.
  • Send you transactional messages (OTP codes, magic links, daily reports) via SMS and email.
  • Process your subscription payments through Stripe.
  • Read your connected email inbox and draft replies to customer enquiries on your behalf, subject to your approval.

4. Where your data is stored

Your data is stored on Google Cloud Platform (GCP) in the europe-west2 (London) region. All data is encrypted at rest using Google-managed encryption keys and encrypted in transit via TLS. Documents you upload are stored in Google Cloud Storage. Structured data (venue configuration, conversation history, drafts, automations) is stored in Google Cloud Firestore.

5. Third parties

We share data with the following third-party processors, only as necessary to deliver the service:

  • Anthropic (Claude) — our AI model provider. Your conversation context and venue data are sent to Claude to generate responses and analysis. Anthropic does not use your data to train their models.
  • Deepgram — speech-to-text and text-to-speech for the voice assistant.
  • Stripe — payment processing. Stripe handles all card data under their own PCI-DSS compliance.
  • Twilio — SMS delivery for OTP verification codes.
  • Resend — transactional email delivery (magic links, reports, notifications).
  • Google Cloud Platform — infrastructure hosting, database, and file storage.

We do not sell your data to any third party.

6. Your rights under UK GDPR

Under the UK General Data Protection Regulation, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — ask us to correct inaccurate data.
  • Erasure — ask us to delete your data (“right to be forgotten”).
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing of your data for specific purposes.
  • Restrict processing — ask us to limit how we use your data while a concern is resolved.

To exercise any of these rights, email hello@staff.wine-hero.co.uk. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

7. Data retention

We keep your data for as long as your account is active. If you cancel your subscription, we will delete your personal data and venue data within 30 days of cancellation. Anonymised, aggregated data (such as industry benchmarks) may be retained indefinitely.

8. Cookies

Wine Hero uses functional cookies only. These are strictly necessary for authentication (keeping you logged in) and do not track you across websites. We do not use advertising cookies, analytics cookies, or any third-party tracking scripts.

9. Security

We take the security of your data seriously. All data is encrypted at rest and in transit. Access to production systems is restricted to authorised personnel. Secrets and credentials are stored in Google Cloud Secret Manager. We conduct regular reviews of our security practices.

10. Changes to this policy

We may update this privacy policy from time to time. If we make significant changes, we will notify you via the app or by email. The “last updated” date at the top of this page shows when the policy was last revised.

11. Contact

For any questions about this privacy policy or your data, contact us at: hello@staff.wine-hero.co.uk

Data Controller: Wine Hero Ltd

Wine Hero·Wine Hero Ltd, a UK limited company