Privacy Policy

Last Updated: April 22, 2026

Kavast ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by Kavast.

1. Information We Collect

We collect information that you provide directly to us when you create an account, use the application, or communicate with us.

• Account Information: Name, email address, profile picture, and nickname.
• User Content: Data generated through the use of the app, including coffee cupping sessions, sample notes, scores, and custom forms.
• Technical Identifiers: IP addresses, unique device identifiers (UDID), and device metadata (e.g., OS version, device model).
• Directory Participation: If you choose to publish sessions to our Directory, your nickname and session details will be visible to other users.

2. Legal Basis for Processing

Under the GDPR, we process your data based on the following legal grounds:

• Consent: We rely on your explicit consent for recording Session Replays and high-level analytics. You can manage or withdraw this consent at any time via the Settings tab in the app.
• Contractual Necessity: We process your account and cupping data to provide the services you signed up for.
• Legitimate Interest: We process technical identifiers to ensure app security, fix bugs, and improve the general performance of Kavast.

3. Automated Data Collection & Analytics

To improve our service and understand user behavior, we use automated tracking technologies:

• Device Information: We collect info such as your device model, operating system, and unique device identifiers.
• Usage Data: We track interactions within the app (e.g., screens visited, buttons tapped).
• Session Replays: We use PostHog to record and replay user sessions. This helps us identify bugs and improve the user experience. You can opt-out of this recording in the App Settings.

3. Third-Party Services

We work with third-party service providers to power specific features of the app:

• Supabase: Used for authentication and database storage.
• RevenueCat: Used to manage subscriptions and in-app purchases.
• PostHog: Used for analytics and session recording.
• Apple/Google: Used for OAuth authentication.

4. How We Use Your Information

We use the collected data to:

• Provide, maintain, and improve the Kavast application.
• Manage your account and subscriptions.
• Facilitate the sharing of cupping data in the Directory.
• Send technical notices, updates, and support messages.

5. Data Storage & Security (GDPR)

For users in the European Union, we adhere to the General Data Protection Regulation (GDPR). Your data is stored securely using industry-standard encryption. We collect only the minimum data necessary to provide the service.

6. Your Rights

You have the following rights regarding your personal data:

• Access: Request a copy of the data we hold about you.
• Correction: Request that we correct inaccurate or incomplete data.
• Deletion: Request that we delete your personal data and account.
• Portability: Request a transfer of your data to another service.

To exercise these rights, please see our Data Deletion page or contact us via the email below.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: [INSERT_EMAIL]
Address: [INSERT_ADDRESS]

← Back to Compliance Overview