Privacy Policy

We collect the information needed to operate the Service for you:

• Account information. When you create or are invited to an account, we collect your email address, the brewery / venue name you represent, your role (owner or manager), and an encrypted form of your password (we never store your password in plain text). If you sign in with a magic link, we receive only your email address.
• Venue content. The menu items, prices, sizes, images, videos, headers, slideshows, and screen configurations you upload or create to power your displays.
• Display content. The data needed to render your screens (your menu, slideshow images, configuration). When a TV loads a display we record minimal logs (the screen code, the timestamp of the request, and similar operational data) to help diagnose connectivity issues.
• Usage and device information. Standard logs from our hosting provider — IP address, browser type, operating system, and the pages or API endpoints you accessed — kept for security and abuse-prevention purposes.
• Communications. If you contact us by email or text, we keep that conversation so we can follow up and improve the Service.

We use the information above to:

• operate, maintain, and improve the Service;
• authenticate users and protect accounts;
• render your menu and slideshow on the TV screens you authorize;
• send transactional emails (account invites, password resets, security alerts);
• respond to support requests and customer feedback;
• detect, prevent, and respond to fraud or abuse;
• comply with legal obligations.

We do not sell your personal information, and we do not use your content to train machine-learning models.

We share information only with the service providers we use to run BrewerBoard, and only for the purposes listed in this Policy:

• Hosting and authentication. Our application is hosted on Vercel and uses Supabase for authentication, database, and file storage. These providers store your account data, your venue content, and your uploaded media on our behalf.
• Transactional email. We use Resend to deliver invites, password resets, and similar account emails. Recipient addresses and the content of those messages are processed by Resend solely to deliver the email.
• Legal requests. We may disclose information when required by law or when we believe in good faith that disclosure is necessary to protect rights, property, or safety.

We do not sell, rent, or trade your personal information to advertisers or data brokers.

Anything you choose to show on a public-facing TV screen (menu items, prices, images, videos, headers, slideshows, and tickers) is, by design, publicly visible to anyone looking at that screen. Treat what you put on a screen the same way you would treat what you put on a physical chalkboard at the front of your venue.

We keep your account and venue content for as long as your account is active. If you cancel, we delete your content within a reasonable retention window unless you ask for immediate deletion or we're required by law to keep it longer. Operational logs are kept for a short period — typically no longer than 90 days — and then deleted or aggregated.

We use industry-standard practices to protect your information, including encrypted transport (HTTPS), encrypted storage at rest with our providers, and role-based access controls within our database (Postgres Row Level Security). No system can be made perfectly secure. If you suspect a security issue, please contact us right away using the details at the bottom of this page.

You can update or delete your account information at any time from the Settings page of the web portal. You can also contact us to:

• request a copy of the personal information we hold about you;
• correct inaccurate information;
• delete your account and associated content;
• object to or restrict certain processing.

Depending on where you live, you may have additional rights under laws such as the California Consumer Privacy Act (CCPA) or the EU General Data Protection Regulation (GDPR). We honor those rights for all customers regardless of location.

BrewerBoard is intended for use by businesses and the people they invite. It is not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us and we'll delete it.

BrewerBoard is operated from the United States. If you use the Service from outside the U.S., your information will be transferred to and processed in the United States, which may have different data protection laws than your country.

We use a small number of essential cookies (or equivalents in mobile storage) to keep you signed in and to remember interface preferences. We do not use third-party advertising cookies or cross-site tracking.

We may update this Privacy Policy from time to time. When we do, we'll update the “Last updated” date at the top of this page and, where the change is material, give you reasonable notice (for example, by email or an in-app notice). Continued use of the Service after a change takes effect means you accept the updated policy.

Questions about this Policy or your data? Email jdelozier@beerhopok.com or text 405-514-4775.