Privacy Policy

Last updated: July 1, 2026

This Privacy Policy explains how Oeno et Viti (“Oeno et Viti,” “we,” “us,” or “our”) collects, uses, discloses, and protects information in connection with the Oeno winery production management platform, our websites, and related services (collectively, the “Services”).

We designed Oeno around a simple principle: your production data belongs to you. We collect only what we need to operate the Services, and we hold it to a high security standard.

1. Scope & Who We Are

This Policy applies to individuals who visit our websites, create an account, or use the Services (“you”). Where a winery or other organization (a “ Customer”) uses Oeno and invites you as a user, that Customer controls the workspace and the production records within it. For information a Customer submits or collects through the Services (“Customer Content”), we act as a processor acting on the Customer’s behalf, and that Customer’s own privacy notice governs their handling of it.

2. Information We Collect

We collect the following categories of information:

  • Account information. Name, work email, password (stored only as a salted hash), role, and the winery or organization you belong to.
  • Customer Content. The production data you enter into the Services — such as vessels, lots, movements, analyses, additions, tasks, weigh-ins, and related notes and attachments.
  • Usage and log data. Technical information generated when you use the Services, including IP address, browser and device details, pages and actions, timestamps, and request identifiers used for security and troubleshooting.
  • Cookies and similar technologies. Strictly necessary cookies to keep you signed in and to secure sessions. We do not use advertising or cross-site tracking cookies.
  • Communications. Information you provide when you contact us, request a demo, or submit a support or sales inquiry.

3. How We Use Information

We use information to:

  • Provide, operate, secure, and improve the Services;
  • Authenticate users and enforce role-based access and tenant isolation;
  • Maintain audit logs and detect, investigate, and prevent abuse or security incidents;
  • Provide customer support and respond to your requests;
  • Send service and administrative messages (for example, security or availability notices);
  • Comply with legal obligations and enforce our agreements.

We do not sell your personal information, and we do not use Customer Content to train third-party advertising or unrelated machine-learning models.

4. How We Share Information

We share information only as described below:

  • Service providers (sub-processors). Trusted vendors that host our infrastructure and provide supporting functions (for example, cloud hosting, database and storage, and transactional email). They are bound by contract to process data only on our instructions and to protect it.
  • Within your organization. Customer Content is accessible to authorized users of your winery’s workspace according to the roles and permissions your administrators configure.
  • Legal and safety. Where required by law or valid legal process, or to protect the rights, safety, and property of users, the public, or Oeno et Viti.
  • Business transfers. In connection with a merger, acquisition, or sale of assets, subject to this Policy’s protections.

5. Data Retention

We retain account information and Customer Content for as long as your account is active or as needed to provide the Services. After termination, we make Customer Content available for export for a limited window and then delete or de-identify it in the ordinary course, unless a longer retention period is required by law. Backups are retained on a rolling schedule and purged over time.

6. How We Protect Information

We apply administrative, technical, and physical safeguards designed to protect information, including:

  • Encryption of data in transit (TLS) and at rest;
  • Role-based access control, least-privilege access, and per-tenant data isolation;
  • Salted, hashed password storage and session protections;
  • Comprehensive audit logging with user attribution and timestamps;
  • Automated backups and monitored, access-controlled infrastructure;
  • Vendor security due diligence and a defined incident-response process.

No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If you have questions about our security practices, contact security@oeno.io, or review our Security overview.

7. Your Data & Ownership

You retain ownership of your Customer Content. You can access and export your production records in standard formats at any time. If you stop using Oeno, your data comes with you — there is no lock-in.

8. Your Privacy Rights

Depending on where you live, you may have rights to access, correct, delete, or receive a copy of your personal information, and to object to or restrict certain processing. If your information is managed within a Customer’s workspace, please direct requests to that Customer; we will assist them as their processor.

California residents. Under the CCPA/CPRA you may request access to, deletion of, or correction of personal information, and you may not be discriminated against for exercising these rights. We do not sell or “share” personal information as those terms are defined under California law.

To exercise any right, contact privacy@oeno.io. We will verify and respond consistent with applicable law.

9. International Data Transfers

We operate in the United States, and information may be processed there and in other countries where we or our service providers operate. Where required, we use appropriate safeguards for cross-border transfers.

10. Children's Privacy

The Services are intended for businesses and are not directed to children. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us information, contact us and we will delete it.

11. Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice. Your continued use of the Services after an update means you accept the revised Policy.

12. Contact Us

Questions about this Policy or our privacy practices? Contact us at privacy@oeno.io.

See also our Terms of Service.