New: Get started with InventoryOS in under 5 minutes. Start Free Trial →

Privacy Policy

Effective date: February 1, 2026
Last updated: February 1, 2026

1. Introduction

InventoryOS LLC ("we," "our," or "us") operates the device inventory management platform available at inventory-os.com (our marketing website) and app.inventory-os.com (our application). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

By using InventoryOS, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

We collect several types of information to provide and improve our service:

  • Account information: Name, email address, password (stored in hashed form using industry-standard bcrypt), and organization name when you create an account.
  • Device data: Hostname, IP address, MAC address, operating system, hardware specifications, and installed software lists. This data is collected via the InventoryOS agent that you install on managed devices. The agent runs on your infrastructure and sends inventory data to our platform for storage and display.
  • Usage data: Login times, feature usage, dashboard interactions, and similar analytics to help us understand how you use the platform.
  • Billing data: Payment processing is handled by Stripe. We do not store full credit card numbers. We store only the last four digits, billing address, and transaction references as needed for billing and support.
  • Cookies and analytics: Session cookies for authentication (required to stay logged in). We may use optional analytics to improve the product. You can disable non-essential analytics if preferred.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the InventoryOS platform
  • Perform device inventory management and software compliance monitoring
  • Process billing, manage subscriptions, and handle account administration
  • Improve our product through aggregated analytics and feature usage patterns
  • Detect and prevent security incidents, fraud, and abuse
  • Send service-related communications (e.g., account notifications, security alerts)
  • Respond to support requests and communicate with you about the service

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

  • Service providers: We work with trusted third parties who assist in operating our platform, including Stripe (payments), Vercel (hosting), and email providers. These providers are contractually bound to protect your data and use it only for the services they provide to us.
  • Legal requirements: We may disclose information if required by law, such as in response to valid legal requests (subpoenas, court orders, or government demands), or to protect our rights, privacy, safety, or property.
  • Business transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

5. Data Security

We take the security of your data seriously. We implement technical and organizational measures including:

  • Encryption in transit: All data transmitted between your devices and our servers uses TLS/HTTPS.
  • Encryption at rest: Data stored in our systems is encrypted at rest.
  • Hashed passwords: Passwords are hashed using bcrypt and are never stored in plain text.
  • Scoped API keys: API access uses least-privilege principles so that keys have only the permissions they need.
  • Regular security reviews: We conduct periodic security assessments and updates to our practices.

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to industry best practices.

6. Data Retention

  • Account data: Retained while your account is active. If you request account deletion, we will delete your data within 30 days, except where we must retain information for legal or regulatory purposes.
  • Device telemetry: Device inventory and telemetry data are retained for 12 months, after which they are automatically purged.
  • Billing records: Retained as required by tax, accounting, and other regulations (typically 7 years, depending on jurisdiction).

7. Your Rights

Depending on where you live, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your account and associated data.
  • Export: Request an export of your data in a portable format.
  • Opt out of marketing: Unsubscribe from marketing emails at any time using the link in our emails.

For users in the European Economic Area (EEA) and UK, you may additionally have:

  • Right to restrict processing: Request that we limit how we use your data in certain circumstances.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing.

To exercise any of these rights, contact us at hello@inventory-os.com. We will respond within 30 days. You also have the right to lodge a complaint with a supervisory authority in your country.

8. Cookies

We use cookies as follows:

  • Essential cookies: Required for authentication and session management. These cannot be disabled if you wish to use the application.
  • Analytics cookies: Optional cookies that help us understand product usage. You can disable these in your account settings or browser.
  • No third-party advertising cookies: We do not use cookies for third-party advertising or tracking for ads.

9. Children's Privacy

InventoryOS is not intended for use by children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us at hello@inventory-os.com, and we will take steps to delete such information.

10. International Data Transfers

Our servers and service providers may be located in the United States or other countries outside your jurisdiction. If you access InventoryOS from outside the United States, your information may be transferred to, stored, and processed in the United States or elsewhere. By using our services, you consent to such transfer. For users in the EEA and UK, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or other approved mechanisms where required.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we may also send an email notification to the address associated with your account. Your continued use of InventoryOS after such changes constitutes acceptance of the updated policy. We encourage you to review this page periodically.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

InventoryOS LLC
Email: hello@inventory-os.com
Website: inventory-os.com