Privacy Policy

PRIVACY POLICY
Last updated: August 24th, 2025

This Privacy Policy explains how Brim (“Brim,” “we,” “us,” or “our”) collects, uses, shares, and protects information when you use our websites, apps, and services that help you find and generate food and cocktail recipes based on what’s in your kitchen (the “Service”). By using the Service, you agree to this Privacy Policy and our Terms & Conditions.If you do not agree, do not use the Service.

1) WHO WE ARE AND HOW TO CONTACT US
Data Controller: Brim
Contact: hello@usebrim.com
If you are in the EEA/UK: You may contact our EU/UK representative at hello@usebrim.com.

2) WHAT WE COLLECT
A) Information you provide
• Account details (e.g., name, email, password or SSO ID)
• Profile info (e.g., display name, avatar)
• Pantry/bar items, shopping lists, saved/favorited recipes, notes, ratings, tags
• Searches, filters, substitutions you add, and “match” preferences
• Feedback, support requests, content you upload (including images), and referral codesB) Information collected automatically
• Device and usage data (IP address, device/browser type, OS, language, pages viewed, buttons clicked, session timestamps, crash logs)
• Approximate location from IP (country/region)
• Cookies, SDKs, pixels, and similar technologies for authentication, preferences, analytics, and (if enabled) advertising measurementC) Information from others
• Social sign-in providers (if you choose to connect)
• Friends who send you referrals or share a recipe with you
• Service providers (security, fraud prevention) and analytics partnersNote on sensitive info: We do not seek to collect health or medical data. You may provide dietary preferences (e.g., vegetarian, gluten-free); treat those as optional and only share what you’re comfortable with.

3) HOW WE USE INFORMATION
We use information to:
• Provide and maintain the Service (e.g., account, authentication, syncing)
• Generate and personalize recipe matches (food + cocktails) and suggestions
• Communicate with you (service messages, feature updates, transactional emails)
• Process referrals, sharing features, and community interactions
• Analyze, debug, and improve performance and reliability
• Enforce our Terms, prevent fraud and abuse, and ensure safety
• Comply with legal obligations
• With your consent, send marketing communicationsWe may use automated systems (including rules and AI) to personalize results. Automated outputs can be imperfect; you remain responsible for safe food handling and lawful alcohol use.

4) LEGAL BASES (EEA/UK ONLY)
Where GDPR/UK GDPR applies, we process your data based on: (i) performance of a contract (to provide the Service); (ii) legitimate interests (e.g., security, improvement, personalization compatible with your expectations); (iii) consent (e.g., marketing, certain cookies); and/or (iv) legal obligations.

5) SHARING OF INFORMATION
We share information with:
• Service providers (hosting, infrastructure, analytics, messaging, customer support, payments if applicable) under contract
• Social/media platforms when you choose to share content or use social login
• Partners and affiliates for operational purposes
• Successors in a merger, acquisition, or asset sale
• Law enforcement or others when required by law or to protect rights and safetyWe do not allow service providers to use data for their own independent marketing.[OPTION: CALIFORNIA “SELL/SHARE” STATUS]
[Brim does not “sell” or “share” personal information for cross-context behavioral advertising as defined by California law. If this changes, we will update this Notice and provide required opt-out mechanisms.]

6) COOKIES AND SIMILAR TECHNOLOGIES
We use cookies/SDKs to keep you signed in, remember preferences, measure usage, and (if enabled) assess marketing performance. You can control cookies via your browser or through our cookie banner (where available). Disabling certain cookies may limit features.“Do Not Track”: We currently do not respond to DNT signals. Some browsers support Global Privacy Control (GPC); where legally required, we treat valid GPC signals as an opt-out of targeted advertising.

7) YOUR CHOICES
• Account settings: Update your profile and preferences in the app/site
• Email/SMS: Use unsubscribe links or reply STOP (for SMS)
• Push notifications: Control in your device settings
• Sharing/referrals: Use sharing features at your discretion; shared links may identify you to recipients (e.g., via referral code)8) YOUR RIGHTS
Depending on your location, you may have rights to:
• Access, correct, or delete your information
• Port your data
• Object to or restrict certain processing (including targeted advertising)
• Withdraw consent (where processing is based on consent)
• Appeal a rights decision (certain U.S. states)How to exercise: Email [privacy@yourdomain.com]. We will verify your request and respond within the time required by law. Authorized agents may submit requests where permitted by law.California/Colorado/Connecticut/Virginia/Utah residents:
• You may have a right to opt out of targeted advertising and certain “sharing” of personal information. Use [link to “Do Not Sell/Share” or “Privacy Choices” page] or email us.
• We do not use “sensitive” personal information for purposes that require a “Limit Use” link under California law.
• We will not discriminate against you for exercising your privacy rights.EEA/UK residents:
• You may lodge a complaint with your local data protection authority. We encourage you to contact us first.

9) DATA RETENTION
We keep personal data while your account is active and for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. We may keep aggregated or de-identified data that does not identify you.

10) SECURITY
We use reasonable administrative, technical, and physical safeguards to protect personal data. No system is 100% secure. You are responsible for protecting your account credentials.

11) CHILDREN & ALCOHOL CONTENT
The Service is not directed to children under 13, and they may not create an account. Users must be of legal drinking age in their jurisdiction to access cocktail content. If you believe a child provided personal data, contact us to delete it.

12) INTERNATIONAL TRANSFERS
We may process and store information in countries outside your own. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) to protect cross-border transfers.

13) USER-GENERATED CONTENT
Content you post in public areas (e.g., public comments, shared recipe collections) may be visible to others and may be indexed by search engines. Only post content you’re comfortable making public.

14) AI/ALGORITHMIC PERSONALIZATION
We use automated systems to rank, match, and suggest recipes and substitutions. We also use aggregated and de-identified data to improve models and features. We do not expose your private notes or account details publicly.

15) CHANGES TO THIS POLICY
We may update this Privacy Policy. If changes are material, we will provide notice (e.g., email or in-app). The updated Policy takes effect on the “Last updated” date above.

16) CONTACT
Questions or requests? Email helllo@usebrim.com