Privacy Policy
Last updated: March 23, 2026
ORIGIN Intelligence, Inc. ("ORIGIN," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our data driven business intelligence platform and related services.
1. Information We Collect
Information You Provide
- Account Information: Name, email address, winery/business name, and password when you create an account.
- Business Data: Wine inventory, transaction records, club member data, barrel aging records, and harvest/fermentation data that you input or sync through our platform.
- Payment Information: Billing details processed securely through our third-party payment processor (Stripe). We do not store full credit card numbers.
- Communications: Feedback, support requests, and any other information you send to us.
Information Collected Automatically
- Usage Data: Pages viewed, features used, session duration, and interaction patterns within the platform.
- Device Information: Browser type, operating system, device identifiers, and IP address.
- Cookies: We use essential cookies for authentication and session management. See Section 7 for details.
Information from Third Parties
- POS Integrations: Transaction data from connected point-of-sale systems (Square, Lightspeed, Toast, Clover) that you authorize.
- Cloud Storage: File metadata and spreadsheet data from Microsoft OneDrive or Google Sheets connections you explicitly authorize.
- Authentication Providers: Basic profile information from Supabase Auth, Google, or Microsoft when you sign in.
2. How We Use Your Information
- Provide, maintain, and improve the ORIGIN platform and its features.
- Generate analytics, reports, forecasts, and business intelligence specific to your winery.
- Process transactions and manage your subscription.
- Send service-related communications (account updates, security alerts, feature announcements).
- Respond to your support requests and feedback.
- Ensure platform security and prevent fraud.
- Comply with legal obligations, including TTB reporting requirements.
3. How We Share Your Information
We do not sell your personal information. We may share information in the following circumstances:
- Service Providers: With trusted vendors who help us operate the platform (hosting, analytics, payment processing), bound by confidentiality agreements.
- Legal Requirements: When required by law, regulation, or legal process.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users.
- With Your Consent: When you explicitly authorize sharing with a third party.
4. Data Security
We implement industry-standard security measures to protect your data:
- 256-bit SSL/TLS encryption for all data in transit.
- AES-256 encryption for data at rest.
- Row-level security (RLS) ensuring winery data isolation — your data is never visible to other users.
- Regular security audits and penetration testing.
- SOC 2 Type II compliance (in progress).
5. Data Retention
We retain your data for as long as your account is active or as needed to provide services. Upon account deletion:
- Personal information is deleted within 30 days.
- Business data (wines, transactions, members) is permanently deleted within 90 days.
- Anonymized, aggregated analytics may be retained for product improvement.
- Data required for legal compliance (tax records) may be retained as required by law.
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access: Request a copy of your personal data.
- Correction: Update inaccurate or incomplete information.
- Deletion: Request deletion of your personal data.
- Portability: Export your data in a machine-readable format (CSV/JSON via Reports & Export).
- Opt-Out: Unsubscribe from non-essential communications.
To exercise these rights, contact us at hello@getorigin.net.
7. Cookies
We use the following types of cookies:
- Essential: Required for authentication and core platform functionality. Cannot be disabled.
- Analytics: Help us understand how users interact with the platform to improve features. Can be disabled in your account settings.
We do not use advertising or tracking cookies.
8. Children's Privacy
ORIGIN is a business-to-business platform for the alcoholic beverage industry. We do not knowingly collect information from individuals under 21 years of age. If we learn we have collected such information, we will delete it promptly.
9. International Data Transfers
Your data is stored on servers in the United States. If you access ORIGIN from outside the US, your information may be transferred to and processed in the US, subject to applicable data protection laws.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on the platform. Continued use after changes constitutes acceptance.
11. Contact Us
If you have questions about this Privacy Policy or our data practices:
- Email: hello@getorigin.net
- ORIGIN Intelligence, Inc.