Privacy Policy

Last updated June 2, 2026

This Privacy Policy explains how NextWine ("we", "us", or "our") collects, uses, and shares your personal information when you use our website at https://www.nextwine.net and the related features (the "Services").

NextWine helps you discover wines, take quizzes, save favourites, and generate personalized wine recommendations using artificial intelligence. If you do not agree with this Privacy Policy, please do not use the Services. Questions? Contact us at support@nextwine.net.

Summary of key points

  • We collect the account details you share through Google sign-in (name, email address, and profile picture), the wishlist and recommendations you save, and payment identifiers when you buy credits.
  • We do not store your payment card details - card payments are handled by Stripe.
  • When you use the AI recommendation feature, the prompt you submit is sent to OpenAI to generate results.
  • We do not sell your personal information.
  • We do not run advertising or analytics cookies - only a session cookie required to keep you signed in.

1. What information do we collect?

Information you provide to us

We collect personal information that you provide when you use the Services, including:

  • Account information. When you sign in with Google, we receive your name, email address, and profile picture from your Google account.
  • Wishlist. The wines you save to your wishlist.
  • Recommendations. The quizzes you complete and the prompts you submit to the AI recommendation feature, together with the recommendations generated for you.
  • Payment information. When you purchase credits, our payment processor (Stripe) collects and processes your payment details. We do not receive or store your full card number. We store only payment identifiers associated with your account (such as a customer reference and your credit balance).

Information collected automatically

When you access the Services, our hosting and error-monitoring providers automatically collect technical information needed to operate and secure the Services. This may include your IP address, browser and device type, operating system, and diagnostic data such as error reports and the actions that led to an error. We use this information for security, troubleshooting, and to keep the Services working.

We do not collect precise geolocation (GPS) data, and we do not process special categories of sensitive personal information.

Information shared with AI providers

When you use the AI wine recommendation feature, the text you enter and the related options you choose are sent to our AI provider (OpenAI) to generate recommendations. Please avoid including personal or confidential information in your prompts.

Google API

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

2. How do we process your information?

We process your personal information to:

  • create and maintain your account and keep you signed in;
  • generate personalized and AI-based wine recommendations you request;
  • save and display your wishlist and saved recommendations;
  • process payments for credits and manage your credit balance;
  • apply usage limits and prevent abuse of the AI feature (for example, rate limiting);
  • monitor, debug, and secure the Services and prevent fraud; and
  • comply with our legal obligations.

3. What legal bases do we rely on?

Where data protection laws such as the EU/UK General Data Protection Regulation (GDPR) apply, we process your personal information on the following legal bases:

  • Performance of a contract - to provide the Services you request, including account access, recommendations, and credit purchases.
  • Legitimate interests - to secure, maintain, and improve the Services and prevent abuse.
  • Consent - where you have given it; you may withdraw consent at any time.
  • Legal obligations - where processing is necessary to comply with applicable law.

4. When and with whom do we share your information?

We do not sell your personal information. We share it only with the service providers that help us operate the Services, and only to the extent they need it to perform their function:

  • Authentication - Google, when you sign in.
  • Database and hosting - our cloud database and hosting providers, which store your account data and serve the Services.
  • Payments - Stripe, to process credit purchases.
  • AI processing - OpenAI, to generate the recommendations you request.
  • Rate limiting - Upstash (Redis), to enforce usage limits using your account identifier.
  • Error monitoring - Sentry, to capture technical and diagnostic data when errors occur.

Our content management and media providers (such as the wine catalog and image hosting) power the content you see and do not receive your personal information. We may also disclose information where required by law or in connection with a business transfer such as a merger or acquisition.

5. How do we handle your Google sign-in?

The Services let you register and sign in using your Google account. When you do, we receive basic profile information from Google - your name, email address, and profile picture - which we use to create and identify your account. We do not control how Google processes your information; please review Google's privacy policy to understand their practices.

6. How long do we keep your information?

We keep your personal information for as long as your account is active or as needed to provide the Services. When you delete your account, we delete or anonymise the associated personal information, except where we are required or permitted by law to retain it (for example, payment records for tax and accounting purposes).

7. How do we keep your information safe?

We use appropriate technical and organisational measures to protect your personal information. However, no method of transmission or storage is completely secure, so we cannot guarantee absolute security. You access the Services at your own risk.

8. Do we collect information from minors?

The Services relate to wine and are intended for users who are at least 18 years old. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, contact us at support@nextwine.net and we will take steps to delete it.

9. What are your privacy rights?

Depending on where you live, you may have the right to access, correct, update, or delete your personal information, to object to or restrict certain processing, to data portability, and to withdraw consent. You can update your account details at any time from your profile, or contact us to exercise any of these rights. If you are in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority.

10. Cookies and tracking

We use a strictly necessary session cookie to keep you signed in after you authenticate. We do not use advertising or third-party analytics cookies, and we do not track your activity across other websites. Because no standard for Do-Not-Track (DNT) signals has been finalised, we do not currently respond to them.

11. Do we make updates to this policy?

We may update this Privacy Policy from time to time. The updated version will be indicated by a revised "Last updated" date at the top of this page. We encourage you to review it periodically.

12. How can you contact us?

If you have questions or requests about this Privacy Policy or your personal information, email us at support@nextwine.net.