StoreBase ("we," "our," or "us") is an independent mobile application developed and operated by an individual developer. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services (collectively, the "Service").
Important: By using StoreBase, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.
1. Information We Collect
1.1 Information You Provide Directly
When you create an account and use our Service, we collect:
Account Information: Email address, first name, last name, profile image (optional)
Business Information: Company name, store information, business address, timezone preferences
Financial Data: Transaction records, invoices, sales data, purchase orders, inventory data, cash flow records, bank account information (encrypted)
Employee Data: Employee names, salaries, work schedules, attendance records (if you use HR features)
Counterparty Information: Customer and supplier names, contact information, transaction history
1.2 Authentication Information
When you sign in using third-party services:
Google Sign-In: Email, name, profile picture (with your permission)
Usage Data: App features used, timestamps, crash reports, performance data
Location Data: Store location (if you enable location services for store check-in features)
2. How We Use Your Information
We use the collected information for:
Service Delivery: To provide and maintain our financial management, inventory, and HR features
Account Management: To create and manage your account, authenticate users
Business Analytics: To generate financial reports, sales analytics, inventory optimization recommendations
Communication: To send service-related notifications, push notifications for important events (employee limit reached, shift reminders, etc.)
Security: To detect and prevent fraud, unauthorized access, and security vulnerabilities
Service Improvement: To analyze usage patterns, fix bugs, and improve app performance
Legal Compliance: To comply with legal obligations and enforce our Terms of Service
3. How We Share Your Information
3.1 Third-Party Service Providers
We share information with trusted service providers who assist us in operating our Service:
Supabase (Database & Authentication): Stores your data securely with encryption. Data is hosted on Supabase's Singapore servers. Supabase Privacy Policy
Sentry (Error Monitoring): Receives anonymized crash reports and error logs to improve app stability. Sentry Privacy Policy
Firebase (Google): We use Firebase Analytics and Firebase Crashlytics (provided by Google) to collect anonymized crash reports and app usage analytics to improve app performance. Firebase Privacy Policy
RevenueCat: We use RevenueCat to manage in-app subscriptions and purchases. RevenueCat processes subscription status and purchase history linked to your account. RevenueCat Privacy Policy
3.2 Service Transfers
In the event that StoreBase is sold or transferred to another party, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.
3.3 Legal Requirements
We may disclose your information if required by law or in response to valid requests by public authorities (e.g., court orders, subpoenas).
3.4 What We DO NOT Do
We DO NOT sell your personal information to third parties
We DO NOT share your financial data with advertisers
We DO NOT use your data for marketing purposes without your consent
4. Data Security
We implement industry-standard security measures to protect your information:
Encryption: Data is encrypted in transit (TLS/SSL) and at rest
Authentication: Secure authentication using industry-standard protocols (OAuth 2.0, JWT)
Access Control: Row-Level Security (RLS) policies ensure users can only access their own company data
Regular Audits: We conduct regular security audits and vulnerability assessments
Important: While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
5. Data Retention
Active Accounts: We retain your data as long as your account is active
After Account Deletion: Data is permanently deleted within 30 days of account deletion request
Legal Requirements: Some data may be retained longer if required by law (e.g., tax records)
Backup Data: Backup copies are deleted within 90 days
6. Your Privacy Rights
Depending on your location, you may have the following rights:
6.1 General Rights
Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and data
Export: Download your data in a portable format
Withdraw Consent: Opt-out of optional data collection
6.2 Region-Specific Rights
For EU/EEA Users (GDPR):
Right to data portability
Right to restrict processing
Right to object to processing
Right to lodge a complaint with a supervisory authority
For California Users (CCPA):
Right to know what personal information is collected
Right to know whether personal information is sold or disclosed
Right to opt-out of the sale of personal information (we do not sell data)
Right to non-discrimination for exercising privacy rights
For Korean Users (PIPA):
개인정보 열람 요구권 (Right to access personal information)
개인정보 정정·삭제 요구권 (Right to correct or delete personal information)
개인정보 처리정지 요구권 (Right to suspend processing)
7. Children's Privacy
StoreBase is not intended for users under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our Service, you consent to the transfer of your information to:
Singapore (Supabase database infrastructure)
United States (Sentry error monitoring, Firebase analytics and crash reporting, RevenueCat subscription management)
We ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) for international transfers.
9. Cookies and Tracking Technologies
Our mobile app does not use cookies. However, we use:
Local Storage: To store session data and user preferences on your device
Analytics: Anonymized usage data to improve app performance (via Sentry)
10. Third-Party Links
Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be effective immediately upon posting. We will notify you of significant changes via:
In-app notification
Email to your registered address
Notice on our website
Your continued use of the Service after changes constitutes acceptance of the updated policy.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: