Privacy Policy

1. Information We Collect

We collect information you provide directly to us, including:

• Account information — name, email address, and password when you register
• Company information — company name, slug, timezone, and currency preferences
• Asset data — all inventory, maintenance records, and related information you enter
• Team data — names and email addresses of team members you invite
• Usage data — how you interact with the Service (pages visited, features used, timestamps)
• Payment data — billing details processed securely through Stripe (we never store card numbers)

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process transactions and send related information (receipts, invoices)
• Send administrative messages, updates, and security alerts
• Respond to your comments and questions
• Monitor and analyse usage patterns to improve user experience
• Detect, prevent, and address technical issues and abuse

We do not sell your data to third parties. We do not use your data for advertising.

3. Data Storage and Security

Your data is stored on secure servers provided by Supabase (PostgreSQL database hosted on AWS). We implement industry-standard security measures including encryption at rest and in transit (TLS), access controls, and regular security audits.

While we take commercially reasonable steps to protect your data, no security system is impenetrable. In the event of a data breach affecting your personal information, we will notify you as required by applicable law.

4. Data Retention

We retain your data for as long as your account is active. If you delete your account, your data will be retained for 30 days (to allow recovery in case of accidental deletion) before being permanently and irreversibly deleted from our systems.

You can export all your data at any time from the Settings page before deleting your account.

5. Cookies

We use the following cookies:

• Session cookies — required for authentication, expire when you close your browser
• Preference cookies — store your language and theme preferences (e.g. locale), expire after 1 year

We do not use tracking or advertising cookies.

6. Third-Party Services

We use the following third-party services:

• Supabase — database and authentication
• Stripe — payment processing (subject to Stripe's Privacy Policy)
• Vercel — hosting and infrastructure

Each of these services has their own privacy policy. We only share data with them as necessary to provide the Service.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the data we hold about you
• Correction — request correction of inaccurate data
• Deletion — request deletion of your account and associated data
• Portability — export your data in a machine-readable format
• Objection — object to processing of your data in certain circumstances

To exercise any of these rights, please contact us at privacy@regystrator.com.

8. GDPR Compliance

For users in the European Economic Area (EEA), we process your personal data under the following legal bases: performance of a contract (to provide the Service), legitimate interests (to improve the Service and prevent fraud), and consent (for optional communications). You have the right to lodge a complaint with your local data protection authority.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a notice within the Service at least 14 days before the changes take effect. Your continued use of the Service after changes become effective constitutes your acceptance of the revised policy.

10. Contact

For any privacy-related questions or requests, please contact us at privacy@regystrator.com.