Privacy Policy
Howell · howell.app
Effective Date: April 14, 2026
Last Updated: April 21, 2026
Operated by: Owyhee Holdings LLC · Boise, Idaho
TL;DR
we don’t sell your data. your taste profile, session history, and food orders are yours. we use them to make howell work, nothing else.
what we collect:
- apple id and name (from sign in with apple)
- your menu or tap list photo (sent to claude to read the list — not stored after the recommendation)
- your food order and what you’re eating
- your location (to identify the restaurant or brewery)
- the beverage recommendation you received
- your post-session rating (if you submit one)
- your taste profile (built from your sessions over time)
what we do with it:
- send your menu or tap list photo and food order to claude (anthropic) to generate your recommendation
- use google places to identify the venue from your location
- build a personal taste profile so howell gets better at knowing what you like
- store your session history so you can look back at past recommendations
what we don’t do:
- sell or rent your data
- train ai models on your data
- serve ads
- share your personal data with beverage industry partners without your explicit opt-in
your rights:
- delete your account anytime
- export your taste profile
- change your consent preferences at any time
this is the friendly version. the legal stuff below is binding.
Overview
Howell (“we,” “us,” or “our”) operates beverage recommendation applications — Howell Wine and Howell Beer — that read restaurant wine lists and brewery tap lists, learn your taste preferences, and make personalized recommendations (the “Service”). This Privacy Policy covers both apps. It explains how we collect, use, disclose, and protect your information.
By using Howell, you agree to the collection and use of information in accordance with this policy.
Information We Collect
1. Information You Provide Directly
Account Information:
- Apple ID (required for authentication via Sign in with Apple)
- Name (optional, if you choose to share it with Apple)
Onboarding Preferences:
- Wine style preference (bold reds, light reds, whites, bubbles, no preference) — Wine app
- Beer style preference (hoppy, malty, crisp, dark, sour, no preference) — Beer app
- Format preference (glass, bottle, either)
- Budget range per glass — Wine app
Session Data:
- Your menu or tap list photo (processed then discarded — not stored on our servers)
- Your food order or “just pair me” selection
- Your post-session rating (1–5 stars, submitted via notification)
2. Information Collected Automatically
Location:
- GPS coordinates at the time of a scan, if you grant location permission
- Used only to identify the venue via Google Places API
- Stored as venue identity (name, cuisine or brewery type, city, neighborhood) — not as raw coordinates
Usage Data:
- Sessions created, features used, app performance metrics, crash reports
- Used for app stability and improvement
Device Information:
- Device type, iOS version, app version
- Used for technical support and compatibility
3. Information We Derive
Taste Profile: We build a plain-language taste profile from your sessions and ratings. For wine, this might read: “Strongly prefers bold, fruit-forward reds. Tends to order by the glass. Budget comfort zone $12–18/glass. Has responded well to Italian and Pacific Northwest producers.” For beer: “Gravitates toward hop-forward styles — West Coast IPAs and DIPAs. Pairs well with fatty, savory food. Tends away from sour and heavily roasted beers.” This profile is stored on our servers, linked to your account, and included in every future recommendation to make Howell more personal over time.
Pseudonymized Behavioral Data: Each session generates a behavioral event — varietal or beer style, price point, cuisine context, city, occasion, and rating — linked to a pseudonymous cohort ID derived via cryptographic key (HMAC-SHA256). This is pseudonymization, not anonymization: Howell holds the derivation key and can re-identify events if required by law. This data is used for internal analytics and, with your explicit opt-in, for aggregate research (see §5).
How We Use Your Information
| Data | Purpose |
|---|---|
| Menu or tap list photo | Sent to Claude API to read the list |
| Food order + location | Sent to Claude API as recommendation context |
| Taste profile | Included in every recommendation for personalization |
| Session record | Stored for session history and taste profile refinement |
| Ratings | Used to refine your taste profile |
| Pseudonymized behavioral data | Internal analytics; aggregate research with opt-in only |
Third-Party Services
Anthropic (Claude API)
Your menu or tap list photo, food order, venue context, and taste profile are sent to Anthropic’s Claude API to generate your recommendation. Anthropic processes this data under their API terms. Anthropic does not use API inputs to train their public models. For current data retention practices, see Anthropic’s privacy policy.
Google Places API
Your GPS coordinates (if location permission is granted) are sent to Google Places to identify the venue and retrieve context like cuisine type and price tier. See Google’s privacy policy.
Apple
Authentication and subscription billing are handled by Apple via Sign in with Apple and StoreKit 2. See Apple’s privacy policy.
Railway
Our backend infrastructure runs on Railway. Your data is processed on Railway’s servers under their data processing terms.
Aggregate Research and Data Licensing
With your explicit opt-in
During onboarding, you may choose to allow aggregate research use of your pseudonymized behavioral data. This is optional and off by default.
If you opt in, your pseudonymized session data may be included in aggregate datasets shared with beverage industry partners (wine distributors, importers, and producers; brewery and beer industry partners). These partners:
- See patterns across many users — never anything that identifies you specifically
- Never receive your name, location history, taste profile, or individual sessions
- Receive only cohort-level aggregate insights (for example, “West Coast IPAs over-index at gastropubs in Pacific Northwest markets” or “Sangiovese over-indexes at Italian restaurants in Mountain West markets”)
You can change this preference at any time in the app via Me → Privacy.
What “pseudonymized” means
Your behavioral events are linked to a cohort ID derived from your user ID via a cryptographic key we hold. Third-party licensees cannot identify you from this data. Howell can re-identify events if required by law. Under GDPR, pseudonymous data retains legal protections — this data is not anonymous.
Data Security
We implement industry-standard security measures including TLS/SSL encryption in transit, database encryption at rest, HMAC-keyed pseudonymization for behavioral data, and role-based access controls. No method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
Data Retention
| Data | Retention |
|---|---|
| Menu or tap list photos | Discarded after recommendation — not stored on our servers |
| Session records | Retained while your account is active |
| Taste profile | Retained while active; exportable on request |
| Pseudonymized behavioral events | Retained for analytics; aggregate cohorts may persist after account deletion |
| Account data | Deleted within 30 days of account deletion |
| Billing records | Retained per legal requirements (typically 7 years) |
Your Rights and Choices
Access and export: Request an export of your taste profile and session history at privacy@howell.app.
Delete: Delete your account at any time via Me → Delete Account. Personal data deleted within 30 days.
Consent preferences: Change your aggregate research opt-in at any time via Me → Privacy.
GDPR (EEA/UK): You have rights to access, rectification, erasure, portability, and the right to object to processing. Contact privacy@howell.app.
CCPA (California): You have the right to know what we collect, request deletion, and opt out of sale. We do not sell personal information.
Children’s Privacy
Howell is not intended for anyone under the legal drinking age (21 in the United States). We do not knowingly collect information from minors. If we discover we have collected information from a minor, we will delete it immediately.
Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via in-app notification. The effective date at the top of this page reflects the most recent update.
Contact
Privacy: privacy@howell.app
Support: hello@howell.app
Owyhee Holdings LLC · Boise, Idaho