Legal

Privacy Policy

Last Updated: May 14, 2026

Welcome to Topa!

This Privacy Policy explains how Topa App LLC (“Topa,” “we,” “us,” or “our”) collects, uses, stores, shares, and protects your information when you use the Topa! mobile application, website, and related services (collectively, the “Service”).

By using the Service, you agree to the practices described in this Privacy Policy.

If you have questions about this Privacy Policy, you may contact us at hello@topaapp.com.

1. Who We Are

Topa App LLC is a Florida limited liability company located in the United States.
Website: gettopa.app
Contact: hello@topaapp.com
When this Privacy Policy refers to "Topa," "we," "us," or "our," it refers to Topa App LLC.

2. Eligibility & Age Restriction

Topa! is intended only for individuals who are at least twenty-one (21) years old and legally permitted to consume alcohol in their jurisdiction.

We do not knowingly collect personal information from individuals under the age of 21. If we become aware that a person under 21 has provided personal information through the Service, we may delete the information and terminate associated accounts.

The Service is not directed to children under 13, and we do not knowingly collect personal information from children in violation of the Children's Online Privacy Protection Act (COPPA).

3. Information We Collect

Account Information

When you create an account, we may collect:

  • your email address;
  • display name;
  • authentication provider information; and
  • account preferences.

If you sign in using Apple or Google authentication, we receive only the information those providers make available to us, such as your name and email address. We do not receive or store your Apple or Google passwords.

Bar, Recipe & App Data

We collect and store information you choose to add to the Service, including:

  • bottle inventory;
  • fill levels;
  • pantry items;
  • glassware;
  • tools;
  • saved cocktails;
  • custom recipes;
  • favorites;
  • social interactions; and
  • app preferences.

This information may be synced across your devices through cloud storage services.

Camera & AI Processing Data

When you use AI-powered scanning features, the Service may access your camera or photos to process:

  • bottle recognition;
  • recipe scanning; or
  • image analysis.

Images submitted through scanning features may be transmitted to third-party AI providers for real-time processing.

Images submitted through scanning features are processed in real time and are not retained by Topa after processing is completed except where temporary retention is necessary for security, debugging, fraud prevention, legal compliance, system reliability, or operational integrity.

Usage & Analytics Data

We may collect technical and usage information such as:

  • device type;
  • operating system;
  • app version;
  • crash logs;
  • browser type;
  • approximate geographic region;
  • session activity; and
  • interactions with the Service.

We use analytics tools to better understand how users interact with the Service and to improve performance, features, and reliability.

Marketing & Communications Data

If you join a waitlist, subscribe to updates, or otherwise opt into marketing communications, we may collect:

  • your email address;
  • communication preferences; and
  • records of consent.

You may unsubscribe from marketing communications at any time.

Device & Technical Information

We may collect limited technical information including:

  • IP address;
  • device identifiers;
  • language settings;
  • time zone;
  • network information; and
  • diagnostic information.

This information helps us maintain security, improve functionality, troubleshoot issues, and prevent abuse.

4. How We Use Information

We may use collected information to:

  • create and manage accounts;
  • authenticate users;
  • sync app data across devices;
  • provide cocktail, inventory, and recipe features;
  • process AI-powered scanning requests;
  • provide customer support;
  • process subscriptions and billing;
  • improve app functionality and performance;
  • monitor security and prevent abuse;
  • send transactional communications;
  • send marketing communications where permitted;
  • comply with legal obligations; and
  • enforce our Terms of Service.

We do not sell your personal information.

5. Third-Party Services & Processors

We work with trusted third-party providers to operate and improve the Service.

These providers may process information on our behalf subject to their own terms and privacy policies.

Supabase

We use Supabase for:

  • authentication;
  • database hosting;
  • cloud storage; and
  • infrastructure services.

Information stored through Supabase may include account information, inventory data, preferences, and User Content.

Supabase infrastructure may operate in the United States, European Union, or other jurisdictions.

Anthropic (Claude Vision API)

When you use AI scanning features, submitted images may be processed by Anthropic through its Claude Vision API.

According to Anthropic's publicly stated API policies at the time of processing, API-submitted content is not used for model training absent separate agreement.

We encourage users to review Anthropic's privacy documentation directly for current practices.

Resend

We use Resend to deliver transactional and marketing emails, including:

  • account confirmations;
  • password reset emails;
  • receipts; and
  • newsletters.

Your email address may be processed solely for communication delivery purposes.

Google Analytics

We use Google Analytics on our website to understand website traffic and visitor interactions.

Analytics cookies are used only after consent is obtained through our cookie banner where required by law.

Payment Processors & App Marketplaces

Payments and subscriptions may be processed by:

  • Lemon Squeezy;
  • Apple App Store;
  • Google Play Store; or
  • other authorized payment providers.

These providers may process:

  • payment details;
  • billing addresses;
  • transaction records;
  • taxes; and
  • subscription information.

We do not directly store full payment card information.

6. Data Sharing

We do not sell, rent, or trade personal information.

We may share information only:

  • with service providers necessary to operate the Service;
  • to comply with legal obligations;
  • to protect users, rights, or safety;
  • in connection with investigations or fraud prevention;
  • during mergers, acquisitions, or business transfers; or
  • with your consent.

7. Social Features & User Content

Certain social features of the Service may allow interactions such as:

  • upvotes;
  • shared recipes;
  • public rankings; or
  • profile activity.

Information associated with social interactions may be visible to other users depending on the functionality of the Service.

You are responsible for any content you choose to upload, submit, share, or publish through the Service.

8. Marketing Communications

We send marketing communications only where permitted by law or where you have opted in.

Marketing emails may include:

  • product updates;
  • newsletters;
  • launch announcements; and
  • feature information.

Every marketing email includes an unsubscribe option.

Even if you opt out of marketing emails, we may still send transactional or service-related communications necessary for your account or use of the Service.

9. Cookies, Local Storage & Analytics

Our website may use:

  • cookies;
  • analytics technologies; and
  • local storage technologies.

Analytics tools are activated only after consent where legally required.

The Topa! mobile application does not use browser cookies. However, the app may use local device storage and similar technologies necessary for app functionality, authentication, offline access, caching, and performance.

Tracking & Advertising Data

Topa does not sell your personal information or share personal information with third parties for cross-context behavioral advertising purposes.

We may use analytics and performance monitoring tools, such as Google Analytics, to better understand how users interact with the Service, improve functionality, diagnose issues, and enhance user experience. These tools may collect aggregated, pseudonymous, or device-level usage information.

Topa does not use information collected through the Service to track users across third-party apps or websites for targeted advertising purposes without consent where required by applicable law.

Where legally required, users may be asked to consent to analytics cookies, tracking technologies, or similar technologies before they are activated.

10. Data Retention

We retain personal information for as long as reasonably necessary to:

  • provide the Service;
  • maintain accounts;
  • comply with legal obligations;
  • resolve disputes;
  • enforce agreements; or
  • protect our legitimate business interests.

If you request account deletion, we will delete or anonymize personal information within a reasonable timeframe unless retention is legally required.

Users may request account deletion through the app or by contacting hello@topaapp.com.

11. International Data Transfers

Your information may be processed, stored, or transferred in the United States and other jurisdictions where our service providers operate.

These jurisdictions may have data protection laws different from those in your country of residence.

By using the Service, you acknowledge and consent to such transfers where permitted by applicable law.

Where required by applicable law, we rely on appropriate safeguards for international data transfers, including contractual protections and similar legal mechanisms.

12. Your Privacy Rights

Depending on your jurisdiction, you may have rights regarding your personal information, including:

  • access;
  • correction;
  • deletion;
  • portability;
  • withdrawal of consent;
  • restriction of processing; and
  • objection to certain processing activities.

You may also opt out of marketing communications at any time.

California residents may have rights under the California Consumer Privacy Act (CCPA) and related laws.

Individuals in the European Economic Area, United Kingdom, or similar jurisdictions may have rights under applicable privacy laws including the GDPR.

To exercise privacy rights, contact hello@topaapp.com.

We will respond within the timeframe required by applicable law.

13. Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information.

However, no system, network, or method of electronic transmission or storage can be guaranteed completely secure.

Your use of the Service and transmission of information is at your own risk.

We encourage users to maintain strong passwords and protect account credentials.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically.

When updates are made, we will revise the "Last Updated" date above. We may also provide notice through the Service or by other reasonable means where appropriate.

Continued use of the Service after updates become effective constitutes acceptance of the revised Privacy Policy.

15. Contact Us

Questions, requests, or concerns regarding this Privacy Policy may be directed to:

Topa App LLC

Florida, United States

hello@topaapp.com