Espresso of Interest is operated by LogoLess Labs. This policy explains how we collect, use, and protect your personal data in compliance with the Australian Privacy Act 1988, the EU General Data Protection Regulation (GDPR), and the UK GDPR.
| Data | Purpose | Legal Basis |
|---|---|---|
| Name, email, password | Account creation & authentication | Contract |
| Shot logs (dose, yield, time, grind, rating) | Core app functionality & AI analysis | Contract |
| Bean & equipment selections | Tracking your setup and preferences | Contract |
| Cafe visits (name, location, rating, notes) | Logging out-of-home coffee experiences | Contract |
| Tasting notes & flavour tags | Flavour profiling and recommendations | Contract |
| Consent timestamps | Recording when you agreed to terms / marketing | Legal obligation |
We do not collect your location, contacts, browsing history, or any data beyond what you explicitly enter into the app.
Your individual data powers your personal dashboard — shot history, bean shelf, AI recommendations, cafe visit log. This data is only visible to you when you are logged in.
We combine data from all users into anonymised aggregates that appear on our public content website. For example:
Privacy safeguards for aggregated data:
If you opt in, we may send you emails about new features, newly added roasters and beans, brewing tips, and early access to beta features. You can withdraw your consent at any time from your account settings or by clicking unsubscribe in any email. We will never sell your email to third parties.
When you request a shot analysis, we send your shot parameters (dose, yield, time, grind setting, rating, flavour notes) and the associated bean's recommended recipe to a third-party AI provider (currently via OpenRouter). We do not send your name, email, or any personally identifiable information to AI providers. AI responses are stored in our database for your reference.
We share your data with:
We do not sell personal data to any third party. We do not share individual user data with roasters, cafes, or any commercial partner.
We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days. Anonymised aggregate data that has already been computed may persist as it cannot be linked back to you.
Under GDPR and the Australian Privacy Act, you have the right to:
To exercise any of these rights, email [email protected]
Passwords are hashed with bcrypt (12 rounds). All data is transmitted over HTTPS. Database access is restricted to our application services. We do not store payment information (the Service is currently free).
We use a single session cookie for authentication. We do not use analytics cookies, tracking cookies, or any third-party advertising cookies.
The Service is not intended for anyone under 16. We do not knowingly collect data from children under 16. If you believe a child has provided us with personal data, contact us and we will delete it.
We may update this policy from time to time. Material changes will be communicated via email or in-app notice. The "Last updated" date at the top indicates the most recent revision.
For privacy questions or data requests: [email protected]