We collect only what's needed to run the Service: account info (email, name, organization), catalog images and product data you upload, scan images, and usage records (counts, timestamps) for billing.
Processing happens on our infrastructure (Supabase for storage and auth, Vercel for application hosting) and on third-party embedding providers (Replicate for our v1 CLIP pipeline, Modal for our v2 FashionSigLIP pipeline). These providers receive only the image bytes needed to compute a vector; they do not receive your org name, user emails, or any billing info.
We use Stripe to process payments — we never see or store full card numbers. We use Resend to send transactional email (trial notices, payment-failed alerts, overage alerts). We use Sentry for error reporting; Sentry receives stack traces and structured context we attach (org ID, query ID) but never image bytes or card numbers.
You can request export or deletion of your organization's data by emailing privacy@inventorywhale.com. We'll respond within 30 days. Deleting your organization from the app also removes catalog rows, embeddings, scan history, and storage objects.
We don't sell your data. We don't train third-party models on your catalog. We don't share your data with advertising networks.
Cookies: Supabase Auth sets an HTTP-only session cookie on login; it is required for the app to work. We don't set analytics or advertising cookies.
Questions? Email privacy@inventorywhale.com.
This page is a placeholder to unblock billing setup — a full policy covering subprocessor list, retention windows, and jurisdictional rights will replace it before we ship general availability.