We collect: account information (name, email, password hash), inventory data you create (items, containers, locations), photos you upload, usage logs for security and debugging, and payment information (processed by Stripe — we never see your full card details).
We use your data to: provide and improve the Service, send transactional emails (account verification, password resets, low stock alerts), send service announcements, and ensure security. We never sell your data or use it for advertising.
Your data is stored on servers in the UK/EU. We use encryption in transit (HTTPS) and at rest. Passwords are hashed using bcrypt. Backups are taken daily and retained for 7 days. Photos are stored in MinIO object storage with private access controls.
We retain your data for as long as your account is active. When you delete your account, your data is permanently deleted within 30 days. Backup copies may persist for up to 7 days after deletion.
You have the right to: access your data (export via Settings), correct inaccurate data (via Profile settings), delete your data (via Settings → Danger Zone), restrict processing, and data portability. Contact us at [email protected] to exercise these rights.
We use essential cookies for authentication sessions only. We do not use advertising or tracking cookies. You can disable cookies in your browser, but the Service will not function correctly without session cookies.
We use: Cloudflare (CDN and DDoS protection), Stripe (payment processing), and our own infrastructure for all other services. We do not share your data with any other third parties.
For privacy enquiries, contact: [email protected]. We respond within 72 hours for GDPR requests.