Last updated: April 2026
This is placeholder legal copy. Before launching publicly, we will have this reviewed by counsel. The intent below reflects how we actually operate.
When you create an account through Google OAuth, we receive your email address, display name, and profile picture. We also collect sensor readings (temperature, humidity, timestamps) tied to the humidors you create, alarm configurations, and any notes or annotations you add.
Your data powers your dashboard, your alarms, and your AI Curator. We do not sell your data, we do not share it with third parties for advertising, and we do not use your humidor readings to train public models. Sensor readings are sent to our AI Curator (Anthropic Claude) only when you explicitly invoke it.
All data is stored on Supabase with row-level security. Each user can only access their own humidors and the humidors they have been explicitly invited to. API keys for sensors are readable only by our service role — never by authenticated users, never by the browser.
On the Aficionado plan, sensor readings older than 7 days are aggregated. On Maestro and Salón, all readings are retained for the life of your account. If you delete your account, all data is permanently erased within 30 days.
We use Google for authentication, Supabase for database + auth + realtime, Cloudflare for the monitoring worker, Anthropic Claude for the AI Curator, and Telegram (optional) for notifications. Each of these providers has their own privacy policy.
You can export, amend, or delete your data at any time from the account settings. You can withdraw consent for AI Curator usage by disabling the feature. You can delete your account entirely from the settings page; deletion is immediate and irreversible.
Questions about this policy? Email privacy@thecabinet.club.