Privacy Policy

1. Introduction

GrainTrackr (“we”, “us”, or “our”) operates this Service. This Privacy Policy explains how we collect, use, disclose, and protect personal information in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.

2. Information We Collect

We collect the following categories of information:

• Account information: name, email address, and password (stored as a one-way hash)
• Facility information: business name, address, phone number, and logo
• Operational data: customer records, sales orders, scale tickets, invoices, and employee information you enter into the Service
• Billing information: subscription status and payment method details (payment data is handled by Stripe and not stored on our servers)
• Usage data: log data, IP addresses, browser type, and pages visited

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve the Service
• Process payments and manage your subscription
• Send transactional emails (invoices, password resets, billing notices)
• Respond to support requests and feedback
• Comply with legal obligations

We do not sell your personal information to third parties. We do not use your operational data for advertising purposes.

4. Data Sharing and Disclosure

We may share your information with:

• Stripe: for payment processing. Stripe's privacy policy governs their handling of your payment data.
• SendGrid: for transactional email delivery.
• Neon / PostgreSQL hosting provider: your data is stored on encrypted servers.
• Legal authorities: when required by law or to protect our legal rights.

5. Data Retention

We retain your account and operational data for as long as your account is active. If you close your account, we will delete your personal information within 30 days, except where we are required to retain it by law.

6. Security

We implement industry-standard security measures including encrypted data transmission (TLS), bcrypt password hashing, and access controls. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

7. Your Rights (PIPEDA)

Under PIPEDA, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Withdraw consent to the collection or use of your personal information (subject to legal and contractual restrictions)
• Request deletion of your account and associated data

To exercise these rights, contact us at spencer@graintrackr.com. We will respond within 30 days.

8. Cookies and Tracking

GrainTrackr uses session cookies strictly necessary for authentication. We do not use third-party tracking cookies or advertising cookies.

9. Children's Privacy

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by email or by posting a notice in the application. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact

For privacy-related inquiries or to exercise your rights, contact our Privacy Officer at: spencer@graintrackr.com