Privacy Policy

Plain-language Privacy Policy for the ShotDial app and website.

What we store

When you create an account we store your email address and, if you sign in with Google or Apple, your name. Each brew you log stores the beans, method, grind, dose, yield, time, taste tags and any free-text taste or setup notes you enter.

When you ask for a diagnosis we also keep a record of the request and the AI's response — which includes the brew details and notes sent to the provider — so we can monitor diagnosis quality and cost. These records are included in your data export and are deleted when you delete your account.

How it's linked

Your brew log is tied to your account, and therefore to your email. It is private to your account — only you can see it. It is not anonymous and it is not shared publicly.

Who else processes it

• Our database and sign-in are hosted by Supabase.
• To generate a diagnosis, the details of the brew you ask about (including your setup details and free-text notes) are sent to an AI provider (Anthropic, OpenAI or Google, depending on configuration). Your email is not sent with it.
• Optionally — and currently turned off by default — your machine or grinder, method and taste keywords (not your notes) may be sent to Anthropic's web search tool to gather community tips. Those non-personal tips may be cached and reused across users.
• Aggregate, non-identifying usage analytics are collected via Google — Google Analytics on the website and Firebase Analytics in the app. See "Website & app analytics" below.

Security

Data is encrypted in transit (HTTPS/TLS), and your account and brew log are stored in Supabase, which encrypts data at rest. No system is perfectly secure, but we limit access: your log is readable only by your authenticated account. We never sell your data, and we do not use advertising SDKs, ad networks, or cross-app tracking. We do use privacy-respecting usage analytics, described under "Website & app analytics" below.

Website & app analytics

We use Google analytics to understand how ShotDial is used so we can improve it. On the website we use Google Analytics (gtag.js), which uses cookies to collect standard data such as the pages you view, your approximate location (derived from a truncated IP address), and your device and browser type. In the app we use Firebase Analytics, which collects aggregate usage such as app opens, screen views, and device type.

This analytics data is not linked to your ShotDial account, email, or brew log. We have not enabled advertising identifiers or ad personalization, and analytics data is never sold or used for advertising. You can block website analytics cookies through your browser settings. On iOS, the app does not use Apple's advertising identifier or request app-tracking permission, so the analytics it collects stay aggregate and unlinked to your identity.

Your choices

You can delete individual shots from your history at any time. From Settings you can export everything we store for you as a JSON file, or permanently delete your account and all associated data.

Retention

We retain your account data until you delete your account. When you delete an individual shot it is removed from our active database immediately; when you delete your account, your account record and all associated shots are removed from our active database immediately and from point-in-time backups within 30 days. Aggregated, non-personal cached forum tips (see "Who else processes it") are not tied to your account and may be retained indefinitely.

Children

ShotDial is not directed to children under 13, and we do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

Where data is processed & your rights

ShotDial is operated from the United States, and your data is processed in the United States by us and the providers listed above. If you use the app from the EU, the UK, or California, applicable law may give you rights to access, correct, export, or delete your personal data, and to object to certain processing. You can exercise the core rights yourself from Settings (data export and account deletion); email us for anything else.

Who operates ShotDial

ShotDial is operated by Rohit Gandhi, an individual based in California, United States. References to "we", "us" or "ShotDial" on this page mean that individual.

Contact

Questions, deletion requests, or data export problems: [email protected].

Last updated: June 8, 2026