Privacy Policy
Last updated: 30 June 2026
This Privacy Policy (“Policy”) explains how Kilter Digital (a Norwegian sole proprietorship / enkeltpersonforetak, org. no. 936 936 768, owned by Filip Jolma Helland Kilter) (“we”, “us”, the data controller) collects and uses your information when you download, install, and use the Cellar mobile application (“the app”). We built Cellar to work without accounts and to collect as little as possible.
1. What we collect
Wine label photos
When you scan a bottle, the app reads the label text on your device and sends the label photo and the recognised text to our servers to identify the wine. We may store scanned label images to improve identification accuracy and caching. We do not ask you to photograph anything other than wine labels.
Your collection data
The wines you add — names, vintages, quantities, locations, notes, and any list you import — are stored to provide the app. Your personal cellar inventory is kept on your device; identified wine details may be cached on our servers in a form that is not tied to your identity.
An anonymous app identifier
Cellar has no login. To deliver scans and subscription access, the app generates a random, anonymous identifier for your install. It is not your name, email, or phone number, and we do not use it to build a profile of you.
Purchases
Subscriptions are processed by Apple and managed through our subscription provider (RevenueCat). We receive your subscription status (e.g. active or expired) but never your full payment-card details — those are handled by Apple.
Technical & diagnostic data
Our servers automatically process technical information needed to operate the service securely — such as device/app integrity signals (Apple App Attest), approximate request metadata, your chosen language and currency, and rate-limiting and error logs. This is used to run and protect the service, not to track you across other apps.
Analytics & advertising measurement
To understand how the app is used and to improve it, we collect anonymised product-analytics events (for example, which screens you open and where you drop off in onboarding) through PostHog, tied only to your anonymous install identifier. If you allow tracking when iOS asks (App Tracking Transparency), we also use AppsFlyer and Apple’s SKAdNetwork to measure which marketing campaign led you to install Cellar, so we can invest in what works. If you do not allow tracking, we do not use your device’s advertising identifier, and measurement falls back to Apple’s privacy-preserving SKAdNetwork. We do not use this data to build an advertising profile of you, and we do not sell it.
If you contact us
If you email us or take part in a survey, we process the contact details and content you choose to provide, to respond and to improve the app.
2. How & why we use it (legal bases)
- To identify wines from your label photos and return details and estimates — to perform our contract with you.
- To provide and sync your collection, valuations, drink windows, and pairings — contract performance.
- To verify subscription entitlements and prevent abuse — contract performance and our legitimate interests in securing the service.
- To keep the service secure and reliable, fix bugs, and improve identification accuracy — legitimate interests.
- To understand and improve how the app is used through anonymised analytics — legitimate interests.
- To measure which marketing campaign led you to install the app — only with your consent through the iOS App Tracking Transparency prompt.
- To respond to your messages — legitimate interests / your consent.
We do not sell your personal information. We only use cross-app tracking for marketing attribution if you allow it through the iOS App Tracking Transparency prompt, and you can withdraw that permission at any time in iOS Settings.
3. Label scanning & AI processing
Identification combines on-device text recognition with cloud processing. The label image and recognised text are sent to our backend, which uses an AI model provider to read the label, identify the wine, and gather public information such as typical market prices and critic scores via web search. These results are estimates and may be incomplete or inaccurate — see our Terms of Use.
4. Service providers & SDKs
We share the minimum necessary data with trusted providers who process it on our behalf:
- Cloudflare — hosting, storage, and edge infrastructure for the backend.
- AI model provider (via OpenRouter) — to read labels and generate wine information from the submitted image and text.
- Apple — App Store distribution, in-app purchases, and app integrity (App Attest).
- RevenueCat — subscription management and entitlement verification.
- PostHog — privacy-focused product analytics to understand and improve how the app is used.
- AppsFlyer — marketing attribution and measurement, used for identifier-based tracking only with your App Tracking Transparency consent.
These providers are permitted to use the data only to deliver their service to us, and process it under their own privacy policies. The analytics and attribution tools above are the only third-party SDKs of this kind in the app; we do not include third-party advertising networks that display ads to you. If we change the tools we use, we will update this Policy and the App Store privacy labels accordingly.
5. Data retention
Your personal collection lives on your device and remains until you delete it or remove the app. Cached wine details and scanned label images may be retained on our servers to speed up and improve identification; volatile data such as price snapshots is refreshed periodically. We keep information only as long as necessary for the purposes above or as required by law, and review our data periodically. You can ask us to delete server-side data associated with your install (see your rights).
6. Your rights
Because we operate from Norway (EEA), the GDPR applies. Subject to its conditions, you have the right to:
- be informed about how your data is used (this Policy);
- access the personal data we hold about you;
- rectify inaccurate data and complete incomplete data;
- erase your data (“right to be forgotten”);
- restrict or object to certain processing;
- data portability — receive your data in a portable format;
- withdraw consent at any time, without affecting prior processing;
- lodge a complaint with a supervisory authority — in Norway, the Norwegian Data Protection Authority (Datatilsynet).
To exercise any of these, email us (see Contact). You can turn tracking for marketing attribution on or off at any time in iOS Settings under Privacy & Security > Tracking. You can also control camera and photo access in iOS Settings, and manage or cancel subscriptions in your Apple ID settings. Removing the app deletes your on-device collection.
7. Security
We use industry-standard measures — encryption in transit, scoped access, app-integrity checks, and rate limiting — to protect data against unauthorised access. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
8. Children
Cellar concerns alcoholic beverages and is intended for adults of legal drinking age. It is not directed to children, and we do not knowingly collect personal data from anyone under 16. If we learn that we have collected such data, we will delete it promptly.
9. International transfers
Our providers may process data in countries outside the EEA, including the United States. Where this happens, we rely on appropriate safeguards (such as the EU Standard Contractual Clauses or an adequacy decision) as required by law.
10. Changes to this Policy
We may update this Policy from time to time. Material changes will be reflected by the “Last updated” date and version below and, where appropriate, noted in the app. Please review it periodically.
11. Contact
For any privacy question, or to exercise your rights, contact the data controller:
Kilter Digital (enkeltpersonforetak)
Org. no. 936 936 768
Kong Haralds gate 46A, 4041 Hafrsfjord, Norway
Email: fk.apps.customer@gmail.com
Policy version: 30 June 2026