← Back to PYLR

Privacy Policy

Last Updated: July 14, 2026

1. Introduction

PYLR (“we,” “us,” or “our”) operates the PYLR platform (getpylr.com), a business-to-business wine and beverage distribution management platform. This Privacy Policy describes how we collect, use, and protect information from users of our platform.

PYLR is a B2B platform. All users are business users—employees of wholesale distributors, suppliers, and related businesses. We do not offer consumer-facing services.

2. Information We Collect

We collect information necessary to provide and operate the PYLR platform:

Account Information

  • Full name
  • Business email address
  • Business phone number
  • Role and organizational affiliation

Business Data

  • Orders, invoices, and fulfillment records
  • Inventory and product catalog data
  • Customer and account records
  • Sales activity and reporting data
  • Supplier and purchasing information

Google Sign-In Data

If you choose to link Google for sign-in, we store Google's stable account identifier and your verified Google email address. We use this information only to authenticate an existing PYLR account. Google sign-in does not give PYLR access to Gmail, Calendar, Drive, contacts, or files.

Google Calendar Data

If you choose to connect your Google Calendar, we access calendar events and availability information to sync scheduling between PYLR and Google Calendar. We store OAuth tokens securely to maintain this connection. You can disconnect Google Calendar at any time through your Settings page, which immediately deletes all stored tokens.

3. How We Use Your Information

Your information is used solely for providing and improving the PYLR platform services, including:

  • Operating and maintaining your account
  • Managing orders, inventory, and distribution workflows
  • Synchronizing calendar events and scheduling between PYLR and connected services
  • Generating reports and business analytics
  • Providing customer support
  • Improving platform features and reliability

4. Data Sharing

We do not sell your data. We do not share your information with third parties for their own marketing or commercial purposes.

We share data only with service providers essential to operating the platform:

  • Vercel— application hosting and delivery
  • Supabase— database hosting and authentication
  • Google— optional identity verification and connected Google services

These providers process data on our behalf and are contractually obligated to protect it.

5. Multi-Tenant Data Isolation

PYLR is a multi-tenant platform. Each organization (tenant) operates in an isolated data environment. Your business data is not accessible to other tenants. Access controls and row-level policies ensure that users only see data belonging to their own organization.

6. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of data at rest
  • Secure storage of authentication tokens and credentials
  • Role-based access controls within the platform
  • Tenant-level data isolation

7. Google Services

Sign in with Google

  • Linking requires an existing PYLR account and your current PYLR password
  • We use Google's stable account identifier, not email alone, to authenticate you
  • We do not create a PYLR account or assign company access from a Google account
  • We do not store Google access tokens or refresh tokens for sign-in
  • You can unlink Google at any time under Profile & Account

Google Calendar Integration

PYLR offers optional Google Calendar integration. When you connect your calendar:

  • We access calendar events and free/busy availability to enable scheduling features within PYLR
  • OAuth refresh tokens are stored securely in our database to maintain the connection
  • Calendar data is used exclusively for scheduling functionality within the PYLR platform
  • You can disconnect Google Calendar at any time from your Settings page, which immediately deletes all stored OAuth tokens

Our use of Google API data complies with the Google API Services User Data Policy, including the Limited Use requirements.

8. Data Retention

We retain your business data for the duration of your organization’s active subscription. Account information is retained as long as your account is active. If your organization terminates its use of PYLR, we will delete or anonymize your data within a reasonable period, subject to any legal retention requirements. A Google sign-in link is retained until you unlink it or the associated PYLR account is deleted.

9. Your Rights

As a business user, you or your organization’s administrator can:

  • Access and export your business data through the platform
  • Update your account information
  • Unlink Google sign-in or disconnect third-party integrations
  • Request deletion of your account by contacting us at hello@getpylr.com

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify affected users of material changes via email or an in-app notice. Continued use of the platform after changes take effect constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

PYLR
Email: hello@getpylr.com
Website: getpylr.com

© 2026 PYLR. All rights reserved.