Legal

Privacy Policy

Last updated: May 2026

Crema is a coffee discovery app. We built it to help you find great independent coffee shops wherever you are. This policy explains what information we collect, how we use it, and what we don't do with it.

The short version: we collect what we need to make the app work, we don't sell your data, and we don't use it for advertising.

What we collect

Account information

When you sign in with Google, we receive your name, email address, and profile photo from Google. We store this to identify your account and personalize your experience. We do not receive or store your Google password.

Usage data

When you use Crema, we store the actions you take: shops you save, shops you mark as visited, trip lists you build, and reviews you write. This data is tied to your account and is what makes the app useful to you across devices.

Location (mobile app only)

The iOS app requests location permission to show nearby coffee shops and to surface trip alerts when you arrive near a saved shop. Location is used in the moment — we do not store a history of your location or track you in the background without your knowledge.

Technical information

Like any web service, our servers receive standard technical data when you make requests: IP address, browser type, device type, and pages visited. This is used for operating and improving the service, not for tracking you individually.

How we use it

We use the information we collect to:

  • Operate your account and sync your saved shops, visits, and trip lists across devices
  • Show you relevant coffee shops based on your location (when you permit it)
  • Display your reviews and visit history
  • Improve the app and fix bugs
  • Send you important service updates (not marketing emails)

We do not use your data for targeted advertising. We do not build advertising profiles. We do not sell your information to third parties.

Third-party services

Crema uses a small number of third-party services to operate. Each has its own privacy practices.

  • Google— used for sign-in (OAuth). When you sign in with Google, Google's own privacy policy governs what they collect on their end.
  • Neon— our database host. Your account and usage data is stored on Neon's infrastructure (AWS, US East region).
  • Vercel— our web hosting provider. Web traffic passes through Vercel's servers.
  • Google Places API — we use this to source shop listings, photos, hours, and reviews. Shop data is fetched from Google, cached in our database, and displayed in the app.

We do not share your personal information with any of these services beyond what is necessary to operate the app.

Data retention

We keep your account data for as long as your account exists. If you delete your account, we delete your personal information and usage data within 30 days. Some aggregated, anonymized data (like review counts) may be retained.

Your rights

You can:

  • Access the information we hold about you
  • Correct inaccurate information
  • Request deletion of your account and associated data
  • Export your data (saved shops, trip lists, reviews)

To exercise any of these rights, email us at hello@cremaapp.com.

Children

Crema is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.

Changes to this policy

We may update this policy as the app evolves. If we make material changes, we'll note the updated date at the top of this page. Continued use of Crema after changes means you accept the updated policy.

Contact

Questions about this policy or your data? Email hello@cremaapp.com.

← Back to Crema