Privacy Policy

Sophia Propria LLC — Effective June 2026

1. About this policy

This Privacy Policy describes how Sophia Propria LLC collects, uses, stores, and protects information in connection with the Saporio platform, including Saporio Somm and Saporio Cellar. Sophia Propria LLC is the data controller for all personal data collected through Saporio.

Saporio is currently in closed beta, available by invitation only. This policy applies to all invited users.

2. Data we collect

Account and identity data

When you sign in to Saporio using Google or Apple, we receive your email address and a unique identity token from that provider. We use this information to create and maintain your Saporio account. We do not receive your password or payment information from identity providers.

Saporio Somm session data

When you interact with Somm, your wine queries and the context you provide are processed through Cloudflare Workers AI to generate recommendations and analysis. Session inputs are processed in real time and are not stored as persistent user records beyond what is necessary to maintain the continuity of your session.

Saporio Cellar inventory data

When you use Saporio Cellar, we store your wine collection records, including bottle details, vintages, producers, and any notes or metadata you provide. This data is associated with your Saporio account and retained for the duration of your account.

Transactional email data

We use Amazon Simple Email Service to send transactional emails related to your account, such as access confirmations and service notifications. Your email address is used solely for these communications.

Platform operational data

We collect limited operational data to run and maintain the platform, including authentication logs, API request logs, and infrastructure metrics. This data is retained for a maximum of ninety (90) days and does not include your wine session content.

3. How we use your data

We use the data we collect exclusively for the following purposes:

  • Authenticating your identity and maintaining your Saporio account;
  • Processing your wine queries through Somm and returning recommendations and analysis;
  • Storing and managing your wine collection data in Cellar;
  • Sending transactional emails related to your account;
  • Maintaining the security and integrity of the platform.

We do not use your data for advertising, sell your data to third parties, or use your wine query content to train AI models.

4. Third-party services

Authentication

Saporio uses Amazon Cognito, hosted at auth.saporio.app, to manage user authentication. Your identity provider credentials are handled entirely by Google or Apple. Sophia Propria LLC receives only the identity information those providers share with us upon your authorization.

AI inference

Saporio Somm uses Cloudflare Workers AI to process wine queries and generate recommendations. Your session data is processed within Cloudflare's infrastructure. Cloudflare does not retain your inference inputs for model training purposes under its applicable terms of service. No inference data is transmitted to third-party AI companies.

Wine collection storage

Saporio Cellar stores your wine inventory data in Amazon DynamoDB, operated within Sophia Propria LLC's AWS infrastructure. Your collection data is isolated to your account and is not accessible to other users.

Email delivery

Transactional emails are delivered through Amazon Simple Email Service. Your email address is used solely to deliver service-related communications from noreply@saporio.app.

5. Data retention

We retain your account and Cellar inventory data for the duration of your active account. If you request deletion of your account, we will permanently delete your personal data and wine collection records within thirty (30) days and confirm deletion upon request.

Platform operational logs are retained for ninety (90) days and deleted automatically.

6. Security

We implement administrative, technical, and physical safeguards designed to protect your data against unauthorized access, disclosure, alteration, and destruction. These measures include encryption of data at rest and in transit, secrets management with automatic credential rotation, and least-privilege access controls enforced through automated infrastructure tooling.

In the event of a data breach affecting your personal data, we will notify you within 72 hours of becoming aware of the breach, consistent with applicable law.

7. Your rights

You have the right to access, correct, or request deletion of your personal data at any time. To exercise any of these rights, contact us at privacy@sophiapropria.com. We will respond to your request within thirty (30) days.

8. California privacy rights

California residents may have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to delete personal information, and the right to opt out of sale of personal information. We do not sell your personal information. To exercise your California privacy rights, contact us at privacy@sophiapropria.com.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will provide notice of material changes through the platform or by email to the address associated with your account. Continued use of Saporio after the effective date of a revised policy constitutes acceptance of the updated terms.

10. Contact

Questions, concerns, or requests related to this Privacy Policy may be directed to:

Sophia Propria LLC
Attn: Privacy
2108 N Street, Suite 16028
Sacramento, CA 95816
privacy@sophiapropria.com