Privacy Policy
Last updated: July 1, 2026
This Privacy Policy explains how Oeno et Viti (“Oeno et Viti,” “we,” “us,” or “our”) collects, uses, discloses, and protects information in connection with the Oeno winery production management platform, our websites, and related services (collectively, the “Services”).
We designed Oeno around a simple principle: your production data belongs to you. We collect only what we need to operate the Services, and we hold it to a high security standard.
1. Scope & Who We Are
This Policy applies to individuals who visit our websites, create an account, or use the Services (“you”). Where a winery or other organization (a “ Customer”) uses Oeno and invites you as a user, that Customer controls the workspace and the production records within it. For information a Customer submits or collects through the Services (“Customer Content”), we act as a processor acting on the Customer’s behalf, and that Customer’s own privacy notice governs their handling of it.
2. Information We Collect
We collect the following categories of information:
- Account information. Name, work email, password (stored only as a salted hash), role, and the winery or organization you belong to.
- Customer Content. The production data you enter into the Services — such as vessels, lots, movements, analyses, additions, tasks, weigh-ins, and related notes and attachments.
- Usage and log data. Technical information generated when you use the Services, including IP address, browser and device details, pages and actions, timestamps, and request identifiers used for security and troubleshooting.
- Cookies and similar technologies. Strictly necessary cookies to keep you signed in and to secure sessions. We do not use advertising or cross-site tracking cookies.
- Communications. Information you provide when you contact us, request a demo, or submit a support or sales inquiry.
3. How We Use Information
We use information to:
- Provide, operate, secure, and improve the Services;
- Authenticate users and enforce role-based access and tenant isolation;
- Maintain audit logs and detect, investigate, and prevent abuse or security incidents;
- Provide customer support and respond to your requests;
- Send service and administrative messages (for example, security or availability notices);
- Comply with legal obligations and enforce our agreements.
We do not sell your personal information, and we do not use Customer Content to train third-party advertising or unrelated machine-learning models.
5. Data Retention
We retain account information and Customer Content for as long as your account is active or as needed to provide the Services. After termination, we make Customer Content available for export for a limited window and then delete or de-identify it in the ordinary course, unless a longer retention period is required by law. Backups are retained on a rolling schedule and purged over time.
6. How We Protect Information
We apply administrative, technical, and physical safeguards designed to protect information, including:
- Encryption of data in transit (TLS) and at rest;
- Role-based access control, least-privilege access, and per-tenant data isolation;
- Salted, hashed password storage and session protections;
- Comprehensive audit logging with user attribution and timestamps;
- Automated backups and monitored, access-controlled infrastructure;
- Vendor security due diligence and a defined incident-response process.
No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If you have questions about our security practices, contact security@oeno.io, or review our Security overview.
7. Your Data & Ownership
You retain ownership of your Customer Content. You can access and export your production records in standard formats at any time. If you stop using Oeno, your data comes with you — there is no lock-in.
8. Your Privacy Rights
Depending on where you live, you may have rights to access, correct, delete, or receive a copy of your personal information, and to object to or restrict certain processing. If your information is managed within a Customer’s workspace, please direct requests to that Customer; we will assist them as their processor.
California residents. Under the CCPA/CPRA you may request access to, deletion of, or correction of personal information, and you may not be discriminated against for exercising these rights. We do not sell or “share” personal information as those terms are defined under California law.
To exercise any right, contact privacy@oeno.io. We will verify and respond consistent with applicable law.
9. International Data Transfers
We operate in the United States, and information may be processed there and in other countries where we or our service providers operate. Where required, we use appropriate safeguards for cross-border transfers.
10. Children's Privacy
The Services are intended for businesses and are not directed to children. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us information, contact us and we will delete it.
11. Changes to This Policy
We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice. Your continued use of the Services after an update means you accept the revised Policy.
12. Contact Us
Questions about this Policy or our privacy practices? Contact us at privacy@oeno.io.
See also our Terms of Service.