Privacy Policy

Last updated: April 5, 2026

Overview

Spiritus ("we", "us", "the service") is a web application for tracking personal whiskey collections. We respect your privacy and are committed to protecting the personal information you share with us. This policy explains what data we collect, how we use it, and your rights regarding that data.

Information We Collect

Account Information

  • Email address (used for login, verification, and password recovery)
  • Password (hashed and salted — we never store or see your plain text password)
  • Display name (optional, visible to other users if you choose)

Collection Data

  • Bottle information you enter (names, distilleries, prices, ratings, tasting notes, images)
  • Wishlist items, trade proposals, and tasting event participation
  • This data is yours — you can export or delete it at any time

Usage Data

  • Page views (path, timestamp, country derived from IP)
  • Security events (login attempts, password changes) for account protection
  • IP addresses (used for rate limiting and security monitoring)

Third-Party Connections (Optional)

  • Discord: If you connect your Discord account, we store your Discord username, avatar, and server list. Access tokens are encrypted at rest.
  • Push notifications: If you enable push notifications, we store your browser's push subscription endpoint.

How We Use Your Information

  • To provide and operate the service (managing your collection, displaying stats, enabling social features)
  • To authenticate your identity and secure your account
  • To send transactional emails (verification, password reset, email changes)
  • To send push notifications you have opted into (followers, trades, events)
  • To monitor and prevent abuse (rate limiting, ban enforcement, security logging)
  • To improve the service (aggregate, anonymized usage analytics)

What We Don't Do

  • We do not sell, rent, or share your personal data with third parties for marketing purposes
  • We do not track you across other websites

Data Visibility

  • Collection value: Your purchase prices, market values, and collection totals are never visible to other users
  • Private collections: You can set your collection to private so no other users can see your bottles
  • Public collections: If your collection is public, other users can see your bottle names, types, and tasting notes — but never your prices or values
  • Wishlists: You can share your wishlist via a public link, or keep it private
  • Discord: You control which servers are visible on your profile

Data Storage & Security

  • Data is stored on Cloudflare's infrastructure (D1 database, R2 object storage) in the United States
  • Passwords are securely hashed and salted using industry-standard algorithms — we never store plain text passwords
  • Session tokens are cryptographically hashed before storage
  • Sensitive data (Discord tokens, recovery codes) is encrypted at rest
  • All connections use HTTPS with HSTS enforcement
  • Two-factor authentication (TOTP) is available for additional account security

Cookies

We use a single session cookie to keep you logged in. It is:

  • HttpOnly (not accessible to JavaScript)
  • Secure (only sent over HTTPS)
  • SameSite=Lax (not sent in cross-site requests)
  • Expires after 30 days of inactivity

We also use Cloudflare Turnstile for CAPTCHA verification, which may set its own cookies. We do not use any analytics or advertising cookies.

Your Rights

You have the right to:

  • Access your data — your collection, notes, and profile are always accessible to you
  • Export your data — use the CSV export feature to download your collection
  • Correct your data — edit any bottle, note, or profile information at any time
  • Delete your data — delete individual bottles, or delete your entire account from the Profile page. Account deletion removes all your data permanently.
  • Opt out of push notifications at any time from your Profile
  • Disconnect third-party services (Discord) at any time

Data Retention

  • Your account and collection data is retained as long as your account is active
  • Analytics data (page views, security events) is periodically purged after 90 days
  • When you delete your account, all associated data is permanently removed via cascade deletion

Children's Privacy

This service is not intended for use by anyone under the age of 21. We do not knowingly collect personal information from anyone under 21.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be reflected on this page with an updated "last updated" date. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy or your data, use the Feedback page to get in touch.