Last updated: March 2026
1. Introduction
BevSync (“we,” “our,” “us”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, and safeguard your information when you use our platform and website.
2. Information We Collect
Account Information
When you create an account, we collect your name, email address, and organization details (company name, number of locations).
Usage Data
We collect information about how you use BevSync, including pages visited, features used, and interactions with the platform.
POS Data
When you connect a POS system, we receive sales transaction data (items, quantities, prices, timestamps). Customer personal information (names, emails, phone numbers, card numbers) is automatically stripped before storage.
3. How We Use Your Information
We use your information to:
- Provide, maintain, and improve the BevSync platform
- Calculate pour costs, variance, and generate reports
- Send transactional emails (account confirmations, reports)
- Respond to support requests
- Comply with legal obligations
4. Data Security
We implement industry-standard security measures: HTTPS for all traffic, AES-256-GCM encryption for stored POS credentials, Supabase-managed encryption at rest, and HTTP-only secure cookies for authentication. All data is stored in the United States on Supabase-managed PostgreSQL databases.
5. Data Sharing and Sub-Processors
We do not sell your personal information or business data to third parties. We share data only with the following service providers (“sub-processors”) who assist in operating our platform, subject to confidentiality and data processing agreements:
| Provider | Purpose | Data processed |
|---|---|---|
| Supabase | Database hosting, authentication | Account data, business data, auth tokens |
| Netlify | Website hosting, serverless functions | Request logs, form submissions |
| Resend | Transactional email delivery | Email address, email content |
| Sentry | Error monitoring | Error context (no PII by design) |
6. Data Retention
- Account data: retained as long as your account is active
- POS sales records: configurable per connection (default 2 years)
- Inventory history: based on your plan (30 days to 2 years)
- POS sync logs: 90 days
7. Your Rights
You may export all your data at any time via Settings > Data. You may delete your account via Settings > Security. Upon account deletion, your authentication credentials are permanently removed.
8. Cookies
We use strictly necessary cookies for authentication and session management. See our Cookie Policy for details.
9. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have the right to: (a) know what personal information we collect about you, (b) request deletion of your personal information, (c) opt out of the sale or sharing of your personal information (we do not sell or share your data), and (d) not be discriminated against for exercising your privacy rights. To exercise these rights, email support@bevsync.net.
10. Breach Notification
In the event of a data breach that affects your personal information, we will notify affected users via email within 72 hours of discovery, in accordance with applicable law.
11. Children's Privacy (COPPA)
BevSync is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us at support@bevsync.net and we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the platform.
13. Contact
Questions about this policy? Contact us at support@bevsync.net.