← Back

Privacy Policy

Ambition Roast · Last Updated: March 13, 2026

1. Introduction

This Privacy Policy explains how Ambition Roast (“the Service”), operated by Aziz Kara (“we,” “us,” or “our”) in Toronto, Ontario, Canada, collects, uses, and protects your personal information.

We are committed to protecting your privacy and handling your data in accordance with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial legislation.

2. Information We Collect

Information you provide

• Account information: When you sign in via Google or email one-time passcode, we receive your email address from your authentication provider.
• Display name: You may set a display name within the Service.
• Roast data: Coffee names, suppliers, roast parameters (times, temperatures, weights), recipes, roast levels, and notes that you enter.
• Equipment information: Roaster names you add in Settings.

Information collected automatically

• Usage data: We use Cloudflare’s infrastructure, which may collect standard web traffic data such as IP addresses, browser type, and request timestamps for security and performance purposes.
• Analytics: We use Google Analytics 4 (GA4) to understand how the Service is used. GA4 collects usage data such as page views and feature interactions, and may use cookies. See Google’s Privacy Policy. We also use Cloudflare Web Analytics for anonymous, aggregated metrics.

3. How We Use Your Information

We use your information solely to:

• Provide and maintain the Service
• Authenticate your identity
• Store and display your roast history
• Enable data export
• Understand usage patterns to improve the Service

We do not sell, rent, or share your personal information with third parties for marketing purposes.

4. Third-Party Services

The Service relies on the following third-party services:

• Cloudflare: Provides hosting, authentication (Cloudflare Access), database services, and anonymous web analytics. Your data is processed and stored on Cloudflare’s infrastructure. See Cloudflare’s Privacy Policy.
• Google: Used as an authentication provider for sign-in. See Google’s Privacy Policy.
• Google Analytics: Used for usage analytics to help us improve the Service. See Google’s Privacy Policy.

5. Data Storage and Security

Your data is stored in a Cloudflare D1 database. We use industry-standard security measures, including authenticated access controls, to protect your data. However, no method of electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active. You may export your data at any time using the Export CSV feature in Settings. Account deletion functionality is planned for a future release — in the meantime, you may contact us to request deletion of your account and data.

7. Your Rights

Under Canadian privacy law, you have the right to:

• Access your personal information
• Correct inaccurate information
• Request deletion of your data
• Withdraw consent by closing your account
• Export your data via the Service

To exercise any of these rights, contact us at [email protected].

8. Children’s Privacy

The Service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Service. The “Last Updated” date at the top reflects the most recent revision.

10. Contact

If you have questions or concerns about this Privacy Policy or your personal data, you can reach us at [email protected].