Privacy Policy
Placeholder — full policy will replace this content.
What we collect
When you sign up for Brewello, we collect your email address and the Square merchant ID you authorize. When customers order through your branded app, we store the order metadata (items, totals, pickup info) in your Firebase project.
Credit card storage
Brewello does not store credit card information. When customers save a card for future orders, the card is stored by Square (PCI Level 1 compliant). Brewello receives only a reference ID. We never see, transmit, or store full card numbers, CVVs, or expiration dates.
Customers consent to card storage with Square at the moment of saving a card in your branded app.
Square OAuth tokens
Your Square access and refresh tokens are encrypted with AES-256 before they touch our database. We rotate access tokens automatically every 7–14 days per Square's requirements.
Disconnecting
You can revoke Brewello's access at any time from the dashboard or from your Square dashboard. We delete encrypted tokens and merchant association records immediately on revoke.
Contact
Questions about this policy? Email contact@brewello.com.