Privacy Policy

01 · IdentityWho we are

Espresso IQ is the data controller responsible for the personal data described in this policy.

You can reach us at the following addresses for any privacy question, request, or concern. The email is read by a person, not an autoresponder, and is the same mailbox that handles refund inquiries, support, and general contact.

02 · ScopeWhat this policy covers

This policy describes how Espresso IQ collects, uses, shares, and protects personal data in connection with the following surfaces:

• The pre-launch website at pre-launch.espressoiq.com, where you can purchase a founding-supporter access code.
• The Espresso IQ public website at espressoiq.com, which is the marketing and account home for the service after public launch.
• The Espresso IQ mobile application for iOS and Android, available to founding supporters during alpha and TestFlight access and to the public after launch.

Where a particular practice applies only to one surface, we say so. Where it applies to all of them, it applies to all of them.

Geographic scope. Espresso IQ is a United States service offered to users in the United States. Users outside the United States may visit our websites, but the Service is not directed to them, and their use is at their own discretion. We make no representation that the Service is appropriate or available for use outside the United States.

03 · CategoriesWhat we collect

3.1 At the pre-launch website

When you purchase a founding-supporter access code, we and our payment processor collect:

• Your email address. We need it to deliver your access code and to contact you about your purchase. You provide it directly when you start checkout.
• Payment information. Stripe handles your card or wallet data directly. Espresso IQ does not store your card number. We receive a Stripe customer identifier, the amount, the currency, and a transaction confirmation. That is the full extent of payment data we hold.
• Standard request data. When your browser loads the page, our content delivery network logs the request. That includes your IP address, the time of the request, the page URL, basic device and browser strings, and similar metadata that any web server records.

The pre-launch website at pre-launch.espressoiq.com does not run third-party advertising, marketing, or behavioral analytics. There is no Google Analytics on the pre-launch website, no Meta Pixel, no TikTok pixel, no advertising cookie of any kind. The Google Analytics processor described in section 6 operates inside the Espresso IQ mobile app and on the post-launch website at espressoiq.com, not on the pre-launch website.

3.2 Inside the Espresso IQ mobile app

Once you redeem your access code and create an account, we collect data in three groups.

Account data.

• Your email address, your redeemed access code, and the credentials our authentication provider uses to keep you signed in.
• If you sign in with Apple or Google, the limited identifier those providers return to us. We do not receive your password from those providers.

Coffee data you create.

• Shot logs. Every shot you record in the app, including grind size, dose, yield, brew temperature, pre-infusion seconds, extraction seconds, your taste rating, your flavor note, your free-text notes, and a timestamp.
• Bean profiles. Roaster, origin, process method, roast level, roast date, and your notes.
• Recipes. Saved shot profiles you flag as recipes, plus any custom drink recipes you create. The app ships with a curated set of classic drink recipes that are not your data.

Device and operational data.

• Device telemetry. Standard mobile diagnostic data such as crash reports, performance metrics, the operating-system version, and the app version. We use this to find and fix bugs.
• Push notification tokens, if you opt in to notifications, so we can deliver coaching nudges and account messages.
• Product analytics events. The app records pseudonymous, aggregated events about which screens are used and which features are pulled (for example, "user opened shot log"). These events are tied to a non-identifying device or installation identifier rather than to your name or email address, and they are designed to omit personally identifying content. They do not include your shot numbers, your tasting notes, or your email address.

04 · PurposesWhy we collect it

We use personal data for the following purposes:

• To run the service. Deliver your access code, create your account, store the shots and beans and recipes you log, sync across your devices, and let you sign in.
• To run the AI Coach feature. Send the structured shot and bean data you submit to the AI provider so the model can respond with coaching. See section 5 for the full disclosure.
• To process payments. Take your payment through Stripe and reconcile the transaction.
• To send transactional email. Deliver your access code, password resets, account notifications, and similar messages tied to your purchase or your account.
• To improve the product. De-identified, aggregated analytics about feature usage that help us understand which features are working and which are not.
• To prevent fraud and abuse. Detect and block fraudulent purchases, account-sharing schemes, and abusive use of the service.
• To meet our legal obligations. Tax records, response to lawful requests, and compliance with applicable United States federal and state law.

We do not use your data to build advertising profiles, and we do not share your data with advertising networks.

05 · AI CoachHow AI Coach uses your shot data

The AI Coach feature inside the Espresso IQ app sends the parameters of a shot you have just logged to a third-party large-language-model provider so the model can return tailored coaching on your next adjustment. Because this is the most novel data flow in the product, we want to be specific about what happens and what does not.

Which provider. Our primary AI provider is Straico, an LLM router that currently routes Espresso IQ requests to Anthropic's Claude family of models. If Straico is unavailable, we fall back to Anthropic directly. Both providers process the request to generate coaching and return text to the app.

Provider data handling. Each AI provider operates under its commercial terms of service or, where required by applicable law, processing terms consistent with our obligations under that law. Under those terms as we currently apply them, the providers process the data we send for the purpose of delivering the coaching response, we do not authorize the providers to use the contents of your AI Coach requests to train their underlying foundation models, and the providers retain the request only for the limited operational and abuse-prevention windows specified in their own terms. Provider terms can change. We list both providers in section 6 with links to their current data-handling pages so you can read those terms in full, and we will update this section when those terms change in a way that affects you.

If you do not want to use AI Coach. AI Coach is a discrete feature inside the app. If you do not invoke it, no shot data is sent to either AI provider for that shot. The rest of the app, including the shot log, bean library, and dial-in recipes, runs without involving any AI provider.

06 · ProcessorsWho we share data with

We share personal data with the following service providers, each acting as a data processor on our behalf and only for the purposes described.

We do not sell your personal data to anyone, and we do not share it with advertising networks. We may disclose personal data when required to do so by law, in response to a lawful request from a public authority, or to protect the rights, property, or safety of Espresso IQ, our users, or others.

If we ever sell or transfer the Espresso IQ business as part of a merger, acquisition, or asset sale, your personal data may be transferred to the acquiring entity, which will be bound by the commitments in this policy or a successor policy that offers materially equivalent protection. We will give you notice before that happens.

07 · RetentionHow long we keep data

• Account data. Held for as long as your account is active. If you delete your account, we delete your account record and your shots, beans, and recipes within 30 days, except for items we are required to retain under tax, accounting, or legal-hold obligations.
• Shot logs, beans, and recipes. Held for as long as you keep them in your account. You can delete individual shots, beans, or recipes at any time through the app.
• Payment records. Held by Stripe and by us for the period required by tax and accounting law in the United States, generally seven years from the year of the transaction.
• Transactional email logs. Held by Emailit and by us for a short operational window for delivery confirmation and abuse prevention, typically up to 12 months.
• AI Coach request payloads. Held by the AI provider for the limited operational and abuse-prevention window specified in that provider's then-current commercial or data-handling terms. This window is typically a small number of days but is set by the provider, not by us, and may change. We do not store these requests on our own servers beyond the response cycle, and we will update this section when we negotiate a contractually fixed retention period with either provider.
• Cloudflare access logs. Held for the period configured in our Cloudflare account, which currently relies on the short-term retention defaults of the Cloudflare plan we operate for security, performance, and abuse-prevention purposes. We will state the specific retention period upon written request to and we will update this section when we set a contractually fixed retention period.
• Backups. We keep encrypted backups for disaster recovery. Deleted data may persist in backups for up to 90 days before it is fully purged through backup rotation.

08 · RightsYour rights

Subject to applicable United States federal and state law, you have the following rights with respect to your personal data:

• Access. Ask us what personal data we hold about you and receive a copy.
• Correction. Ask us to correct personal data that is inaccurate or incomplete. Most account and coffee data you can also correct yourself directly in the app.
• Deletion. Ask us to delete your account and the personal data we hold about you, subject to legal retention obligations.
• Portability. Receive your shot logs, beans, and recipes in a structured, commonly used format.
• Opt-out of sale or sharing. Espresso IQ does not sell your personal data, and we do not share it for cross-context behavioral advertising. There is nothing to opt out of.
• Non-discrimination. We will not deny you service, charge you a different price, or provide you a different level of quality for exercising any privacy right.

To exercise any of these rights, write to . We will respond within the timeframe required by the law that applies to you, generally within 45 days for requests under California law (extendable as permitted) and within a reasonable time in any case. We may need to verify your identity before fulfilling certain requests, particularly access and deletion requests, to make sure we are not handing your data to someone else.

If you believe we have not handled your request properly, you can submit a complaint to the U.S. Federal Trade Commission or to the attorney general of your state. California residents may also contact the California Privacy Protection Agency. We would prefer the chance to fix it first, but you do not have to give us that chance.

09 · CaliforniaFor users in California

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the CCPA), gives you the following rights with respect to personal information we collect about you.

• The right to know what personal information we have collected, the categories of sources, the purposes for collecting it, and the categories of third parties to which we have disclosed it. The categories we collect are described in section 3, and the recipients are described in section 6.
• The right to delete personal information we have collected from you, subject to legal retention obligations.
• The right to correct inaccurate personal information.
• The right to opt out of sale or sharing. Espresso IQ does not sell your personal information, and we do not share it for cross-context behavioral advertising. There is nothing to opt out of, and we do not display a "Do Not Sell or Share My Personal Information" link because the practices that would require one are not part of our service.
• The right to limit use of sensitive personal information. Espresso IQ collects sensitive personal information only to the limited extent necessary to provide the service, specifically the account log-in credentials (your email address and the authentication token used to keep you signed in) that fall within Cal. Civ. Code § 1798.140(ae)(2)(A). We use this sensitive personal information solely to authenticate you and to deliver the service, and we do not use it to infer characteristics about you. Our use is therefore already limited to the purposes specified in CCPA Regulations § 7027(m), and there is no broader use to opt out of.
• The right to non-discrimination. We will not deny you service, charge you a different price, or provide you a different level of quality for exercising any CCPA right.

Retention by category. The retention periods that apply to each category of personal information are described in section 7. Section 7 is structured by category and satisfies our CCPA retention-disclosure obligation.

To exercise any of these rights, write to . We may need to verify your identity before fulfilling the request. You may use an authorized agent to make a request on your behalf, subject to verification.

10 · MinorsChildren's privacy and minimum age

Espresso IQ is not directed to children. We do not knowingly collect personal data from anyone under the age of 18. The minimum age to create an account or to purchase a founding-supporter access code is 18. The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If you believe a person under 18 has created an account or provided us with personal data, write to and we will delete the account, the associated personal data, and any backups containing that data within 30 days of confirmation.

11 · HostingWhere your data is processed

Espresso IQ is a United States service, and our service infrastructure is hosted in the United States. The Supabase database that holds your account data, shot logs, bean profiles, and recipes runs in the us-east-1 region. Our other processors are listed in section 6 with the jurisdictions in which they operate.

If you access the Service from outside the United States, your personal data will be transmitted to and processed in the United States. By using the Service, you understand that your data will be processed in the United States and in the other jurisdictions where our processors operate. The Service is not directed to users outside the United States, and we may decline to process or may refund any purchase that does not match our United States-only operating posture.

12 · SecuritySecurity

We protect your data with measures appropriate to the kind of data we hold and the risks involved.

• Data in transit between your device, our servers, and our processors is encrypted using TLS.
• Data at rest in our database is encrypted using the standard encryption-at-rest mechanisms provided by Supabase.
• Access to production systems is restricted to a small number of authorized personnel and protected by strong authentication.
• We use row-level security in our database so that one user cannot read another user's data through the application.
• We follow our processors' published security guidance and review our configuration on an ongoing basis.

No method of transmission or storage is perfectly secure. We cannot guarantee absolute security, but we do commit to taking the threat seriously and to disclosing any incident that affects you, as described in the next section.

13 · BreachBreach notification

If we become aware of a security incident that compromises your personal data, we will notify affected users and any regulators or attorneys general entitled to notice within the time limits required by applicable United States federal and state breach-notification law (including, where applicable, statutes such as Cal. Civ. Code § 1798.82 and the parallel statutes in other states). We will notify affected users without undue delay where the law requires it or where we judge that notice will help you protect yourself, even if notice is not strictly required.

14 · CookiesCookies and similar technologies

The pre-launch website uses a small number of cookies and similar storage mechanisms. We do not use advertising or tracking cookies on this page.

• Essential cookies. Set by Cloudflare for bot management and site security (for example, the cookie commonly known as __cf_bm) and by Stripe to operate the embedded checkout. These cookies are required for the page and the checkout to work.
• Authentication storage. Once you sign in to the mobile app, the app stores authentication tokens locally on your device so that you stay signed in. This is functionally similar to a cookie in a web browser.

Your browser allows you to refuse or delete cookies. Refusing essential cookies will prevent the page or the checkout from working. We do not run any other cookie category on the pre-launch site at this time.

15 · ChangesChanges to this policy

We will update this policy when our practices or the law change. The "Effective" and "Last updated" dates at the top of the page reflect the current version. If we make a material change, we will give you at least 30 days' advance notice through the app, by email, or through a prominent notice on the website before the change takes effect.

16 · ContactContact us

For any privacy question, request, or complaint, you can reach us by email or by United States mail.

A real person reads that mailbox. We will get back to you.