Céllare
Privacy Policy

Grounded in the current app source.

This policy was rewritten to match the iOS source archive, including the app privacy manifest, in-app privacy screen, permissions strings, and network code.

1. Overview

Céllare is an iPhone app for personal wine collection management. Based on the current source code, most collection data is stored locally on your device. Certain features send data to the app backend for processing.

2. What We Process

According to the in-app privacy screen and the app privacy manifest, Céllare may process the following data for app functionality:

  • Your Apple user identifier used for authentication.
  • Wine label images when you choose to scan a label.
  • Questions you submit to the AI sommelier.
  • Subscription and purchase status handled through Apple's in-app purchase systems.

3. What Stays On Your Device

The current app source stores your cellar locally using SwiftData. This can include inventory records, quantities, vintage data, region data, cellar locations, purchase history, tasting notes, personal notes, and label thumbnail images.

Authentication credentials are stored in the iOS Keychain using device-bound accessibility settings.

4. When Data Leaves Your Device

Data is sent to the app backend when you use cloud-backed features such as:

  • AI label analysis after scanning or importing a label photo.
  • AI sommelier chat.
  • Valuation requests.
  • Apple sign-in token exchange and token refresh.

The in-app privacy screen states that scanned images and sommelier questions are not permanently stored on the app server. This page is reflecting that in-app disclosure.

When you use the sommelier feature, a summary of your wine collection may be included with your question to personalize the response.

5. Third-Party Services

  • Apple Sign In is used for authentication.
  • Apple handles subscription billing, renewals, cancellation management, and purchase restoration flows.
  • The in-app privacy screen identifies OpenAI GPT-4o as the provider used for AI label analysis and sommelier questions.

6. Tracking, Ads, and Analytics

The privacy manifest in the source archive declares no tracking. The in-app privacy copy states that Céllare does not sell your data, does not use it for advertising, does not track your location, and does not use analytics or tracking SDKs.

7. Permissions

The app requests camera access to scan wine labels and photo-library access to scan labels from existing photos.

8. Security

The in-app privacy disclosure states that network communication uses HTTPS. Authentication credentials are stored in Keychain, and local cellar data is stored on-device.

9. Your Choices

  • You can delete wines from the app individually.
  • You can sign out, which removes authentication credentials from the device.
  • You can use the app's delete-account-and-data action to erase local cellar data and remove auth state.
  • Deleting the app removes locally stored data from the device.

10. Limits Of This Policy

This site is based on the provided source archive, not an audited production backend. If backend behavior changes, this page must be updated to stay accurate.

11. Contact

The in-app privacy screen tells users to use the contact email listed on the app's App Store page for privacy questions. No separate privacy email address appears in the supplied source archive, so this site does not invent one.

Last updated: May 3, 2026.