Privacy Policy

The controller for this private portal is LASSERRE & PAPILLON SAS, trading as BTC Wine, registered in France under SIREN 810 579 847, with its registered office at 6 rue Notre Dame, 33000 Bordeaux, France.

Contact: contact@btc-wine.com.

VAT number: FR90810579847.

This private portal is separate from any public Shopify e-commerce site operated by BTC Wine. The public site may have its own terms and privacy information where applicable.

• client account identity and contact details, including billing or delivery information where needed
• portal users, roles, invitations and password reset data
• private offers, proformas, final invoices and related commercial history
• wine holdings, storage locations and logistics requests such as shipment or transfer requests
• client comments, operational history and admin notes used to provide the service
• transactional emails and delivery status information
• Excel or CSV import data used by authorised administrators
• security logs, audit information and technical data required to protect the platform
• AI-assisted wine import or enrichment data after minimisation

• provide and operate the BTC Wine Private Cellar Portal
• manage private client accounts, authorised users and access rights
• prepare and manage offers, proformas, final invoices and commercial documents
• manage wine holdings, storage, dispatches and logistics requests
• send transactional emails requested by the service
• secure the platform, prevent abuse and maintain reliable operations
• support internal administration, troubleshooting and client service
• assist authorised administrators with wine import and enrichment workflows

AI may be used to assist authorised administrators with wine import and enrichment. Before AI processing, the application minimises the data sent and excludes personal columns such as email, address, phone, client names, free comments and internal notes where they are detected.

The AI workflow is not used for client profiling and is not intended to make automated decisions producing legal or similarly significant effects for clients.

The provider list may be updated as the service evolves. Exact legal provider details must be confirmed before publication.

• Railway: API and PostgreSQL hosting
• Vercel: frontend hosting
• BTC Wine mail infrastructure / GSI Network: transactional email services
• OpenAI: AI assistance for wine import and enrichment
• GitHub, Inc.: source code hosting and engineering workflow
• Cloudflare: domain name system (DNS) services
• Shopify: public e-commerce site operated separately where applicable

• final invoices are kept for applicable accounting and tax requirements
• client accounts, holdings, requests and commercial history are kept during the client relationship and for a reasonable archive period to be confirmed
• password reset and invitation tokens expire quickly and are subject to technical purge scripts
• raw import files are not intended to be stored durably by the portal
• raw AI prompts and responses are not intended to be stored by the application
• security and technical logs are retained for limited periods required for security, troubleshooting and platform reliability
• frontend runtime logs are retained for a short period according to the Vercel plan and configuration
• database backups may be created manually and retained according to the hosting provider configuration

The portal uses restricted access, role-based account access, httpOnly authentication cookies, production secure cookie settings, rate limiting, data minimisation, strict portal projections and maintenance scripts for temporary data.

Subject to applicable law, you may request access, rectification, erasure, restriction, objection and portability where applicable. To exercise these rights, contact contact@btc-wine.com.

Requests are usually answered within one month, subject to applicable law and possible extension for complex requests.

The portal currently uses necessary authentication and session cookies. No analytics or tracking cookies are used at this stage. If analytics are added later, this policy may be updated and additional consent controls may be required.

Last updated: June 2026.