Legal
Privacy Policy
How we handle your account, brew journal, payments, and analytics data.
Last updated: June 30, 2026
This Privacy Policy explains how MeadMate(“MeadMate,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information when you use our website and home fermentation tracking service (the “Service”).
By using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.
1. Who we are
MeadMate is operated by MeadMate. For privacy questions or requests, contact us at privacy@meadmate.com.
Effective date: June 30, 2026
2. Information we collect
Account and profile information
- Email address and password when you register with email (passwords are hashed by our auth provider)
- Display name and onboarding preferences (experience level, default brew types, goals, volume units)
- Subscription and trial status, plan tier, and Stripe customer identifiers
Sign in with Google
If you choose Sign in with Google, we receive information from your Google account through Google's OAuth service, processed by Supabase as our authentication provider. Depending on your Google account settings and the permissions you grant, this may include:
- Your Google account email address
- Your name and profile picture
- A unique identifier Google assigns to your account
We use this information only to create and secure your MeadMate account, display your profile within the Service, and communicate with you about your account. We do not receive your Google password. MeadMate does not sell this information. Google's collection and use of data during sign-in is governed by the Google Privacy Policy. You can revoke MeadMate's access through your Google Account permissions.
Brew journal data
When you use MeadMate, you may store brew names, styles, stages, gravity and temperature readings, vessels, tasting notes, free-text log entries, reminders, and photos of your ferments. This content is stored to provide the Service to you.
Payment information
Payments are processed by Stripe. We do not store full card numbers on our servers. Stripe may collect billing name, card details, billing address, and related payment metadata according to its own privacy policy.
Transactional email
We send one-to-one transactional emails triggered by your account activity, such as signup confirmation, magic links, password reset, security notices, and subscription or billing updates. These messages are sent from addresses like no-reply@meadmate.com. We do not use your email address for unrelated marketing without your consent where required by law.
Usage and technical data
- Pages visited, referring URLs, device type, browser, and approximate location derived from IP address
- UTM campaign parameters and other marketing attribution data
- Product interaction events such as sign-up, onboarding steps, brew creation, and log entries (without brew names, notes, or precise gravity values in analytics tools)
- Error reports, performance data, and diagnostic logs when something goes wrong
- Cookies, local storage, and similar technologies described in our Cookie Policy
AI features
If you use AI-powered suggestions, insights, chat, or photo analysis (such as Snap & Ask), we send relevant context to third-party AI providers server-side. This may include your profile preferences, brew metadata, log entries, notes, and images you submit for analysis. AI output is generated for your use within the Service and is not professional brewing, food safety, or medical advice.
3. How we use information
- Provide, operate, and improve the Service
- Create and manage your account, brews, and log entries
- Authenticate you when you sign in, including through Google OAuth if you choose that option
- Process subscriptions, trials, and billing through Stripe
- Generate AI suggestions, insights, and responses
- Understand product usage, diagnose errors, and improve reliability
- Communicate with you about your account, security, or support requests
- Comply with law, enforce our Terms of Service, and protect users and the Service
4. Legal bases (EEA, UK, and Switzerland)
Where applicable privacy law requires a legal basis, we rely on:
- Contract — to provide the Service you request, including account access, brew tracking, and paid features
- Legitimate interests — to secure the Service, prevent abuse, understand aggregate usage, and improve the product, balanced against your rights
- Consent — where required for non-essential cookies, session replay, or similar analytics; you can withdraw consent through browser controls or by contacting us
- Legal obligation — where we must retain or disclose information to comply with law
5. How we share information
We do not sell your personal information. We share information only as described below.
Service providers
We use trusted vendors to run MeadMate. They process data on our behalf under contractual obligations and only as needed to provide their services:
| Provider | Purpose |
|---|---|
| Supabase | Authentication (including Google OAuth), database, and file storage for brew photos |
| Sign in with Google (OAuth) when you choose that login option | |
| Stripe | Payment processing, subscriptions, trials, and customer billing portal |
| Vercel | Application hosting and infrastructure |
| Vercel Analytics | Privacy-friendly pageview and performance analytics |
| PostHog | Product analytics, funnels, heatmaps, and session replay (with input masking on sensitive fields) |
| Sentry | Error monitoring, performance tracing, and release health (with data scrubbing) |
| AI model providers | Generating brewing suggestions, insights, chat responses, and image analysis |
Within MeadMate
Authorized personnel may access information as needed to operate, secure, and support the Service.
Legal and safety
We may disclose information if required by law, court order, or government request, or when we believe disclosure is necessary to protect rights, safety, and security.
Business transfers
If MeadMate is involved in a merger, acquisition, or asset sale, your information may transfer as part of that transaction. We will notify you where required by law.
6. Photos and user content
Brew photos you upload are stored in cloud storage and associated with your account. Depending on configuration, stored files may be accessible via a direct URL. Do not upload images you do not have rights to share or that contain sensitive personal information you do not want stored.
You retain ownership of your brew journal content. You grant MeadMate a limited license to host, process, and display it solely to operate the Service, including AI features you choose to use. See our Terms of Service for more detail.
7. Analytics and privacy safeguards
We design analytics and error reporting to avoid collecting brew names, free-text notes, precise gravity readings, payment card data, or authentication secrets in third-party analytics or error tools. Session replay and heatmaps, where enabled, mask sensitive form inputs such as passwords, notes, and billing details.
Authenticated users are identified in analytics using an internal user ID rather than email address where possible.
8. Data retention
- Account and brew data are kept while your account is active
- If you delete your account in Settings, we delete your profile, brews, log entries, and related data through our account deletion process, subject to limited backup or legal retention needs
- Billing records may be retained as required for tax, accounting, and fraud prevention
- Analytics and error logs are retained according to each provider's settings and our internal retention schedules
9. Your rights and choices
Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information, and to withdraw consent where processing is based on consent.
- Account deletion — available in Settings; permanently removes your MeadMate account and associated brew data
- Marketing — MeadMate does not currently send promotional email by default; if that changes, you will be able to opt out
- Cookies — see our Cookie Policy and your browser settings
- Data export — contact us to request a copy of your data; self-serve export may be added in the future
To exercise your rights, email privacy@meadmate.com. We may need to verify your identity before responding. You may also lodge a complaint with your local data protection authority.
10. International transfers
MeadMate is based in the United States. Your information may be processed in the United States and other countries where our service providers operate. Those countries may have different data protection laws than your own. Where required, we use appropriate safeguards such as standard contractual clauses.
11. Security
We use technical and organizational measures appropriate to the nature of the data we process, including encryption in transit, access controls, row-level database security, and scrubbing of sensitive data in error reports. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
12. Children
MeadMate is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will take appropriate steps to delete it.
13. Third-party links
The Service may link to third-party sites such as Stripe's checkout or customer portal, or redirect you to Google when you choose Sign in with Google. Their privacy practices are governed by their own policies, not this one.
14. Changes to this policy
We may update this Privacy Policy from time to time. We will post the revised version on this page and update the “Last updated” date. Material changes may also be communicated by email or in-app notice where required by law.
15. Contact
Questions about this Privacy Policy: privacy@meadmate.com
General legal inquiries: legal@meadmate.com
