Privacy Policy

1. Introduction

NGCI Beers ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website ngcibeers.com (the "Site").

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).

2. Information We Collect

2.1 Information You Provide

When you contact us through our contact form, we collect:

• Your name
• Your email address
• The subject and content of your message

This information is only used to respond to your inquiry and is not stored in any database. We do not share this information with third parties.

2.2 Automatically Collected Information

We use Supabase to host our brewery database. Supabase may collect:

• IP addresses (for security and performance)
• Browser type and version
• Device information
• Pages visited and time spent on pages

This data is anonymized and used solely for technical performance and security purposes.

3. Cookies and Tracking

Our website uses minimal cookies:

• Essential cookies: Required for the website to function (e.g., session management)
• Analytics cookies: We do not currently use Google Analytics or other tracking tools

You can control cookies through your browser settings. Disabling essential cookies may affect website functionality.

4. How We Use Your Information

We use collected information to:

• Respond to your inquiries and support requests
• Maintain and improve our website
• Ensure website security and prevent abuse
• Provide you with brewery information

We do NOT:

• Sell or rent your personal information
• Use your information for marketing purposes
• Share your information with third parties (except as required by law)
• Store your personal data in any permanent database

5. Data Retention

Contact form submissions are handled via email and are not stored in our systems. Email correspondence is retained in accordance with standard email retention practices (typically deleted after the inquiry is resolved).

6. Third-Party Services

We use the following third-party services:

• Supabase - Database hosting (PostgreSQL)
  Privacy Policy: https://supabase.com/privacy
• Netlify - Website hosting
  Privacy Policy: https://www.netlify.com/privacy/

7. Your Rights (GDPR)

Under UK GDPR and EU GDPR, you have the following rights:

• Right to access: Request a copy of your personal data
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your personal data
• Right to restrict processing: Request limitation of data processing
• Right to data portability: Request transfer of your data
• Right to object: Object to data processing

To exercise any of these rights, please contact us using the information in Section 10.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information. Our website uses HTTPS encryption, and our database is hosted on secure Supabase servers with industry-standard security measures.

9. International Data Transfers

Our hosting providers (Netlify and Supabase) may process data outside the UK/EU. These transfers are protected by appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

12. Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with: