Privacy Policy

1. Scope

This Policy applies to personal data processed through KeepTrack websites, support channels, and KeepTrack Cloud. If you self-host KeepTrack, you are the data controller for your deployment, except where we process limited data to provide support or project operations.

2. Data we collect

Depending on how you use KeepTrack, we may collect:

Account data: name, email, login credentials, authentication metadata. Service data: inventory entries, photos, files, tags, reminders, locations, automation settings, and household/member records you submit. Device and usage data: IP address, browser/device information, log events, product analytics events, and diagnostic telemetry. Billing data: subscription status and payment metadata from payment providers (we do not store full payment card numbers). Communications: support requests and related correspondence.

3. How we use data

We use personal data to provide and secure KeepTrack, authenticate users, process transactions, respond to support requests, analyze product reliability, prevent abuse, and comply with legal obligations.

Where lawful, we may use limited usage information to improve features, documentation, and service performance.

4. Legal bases (EEA/UK where applicable)

Where GDPR or similar laws apply, our legal bases include contract performance, legitimate interests (security, fraud prevention, product improvement), legal compliance, and consent when required.

5. Self-hosted deployments

For self-hosted deployments, your organization controls infrastructure, data storage, backups, access controls, and retention settings. We generally do not access self-hosted content unless you explicitly request support access or share logs/files with us.

6. Sharing and disclosures

We do not sell personal data. We may share data with service providers that support hosting, analytics (including PostHog where configured), communications, security, and billing, subject to contractual safeguards.

We may also disclose data when required by law, to enforce our terms, or to protect rights, safety, and security.

7. International data transfers

If personal data is transferred across borders, we use appropriate safeguards required by applicable law, such as contractual protections.

8. Data retention

We retain personal data for as long as needed to provide services, meet legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type and operational need.

When data is no longer required, we delete it or de-identify it where feasible.

9. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal data. No system is completely secure, and we cannot guarantee absolute security.

10. Your privacy rights

Depending on your location, you may have rights to access, correct, delete, or export personal data, and to object to or restrict certain processing. You may also have rights related to automated decision-making and to withdraw consent where processing is based on consent.

U.S. state residents may have additional rights (for example, rights to know, delete, correct, and opt out of certain data uses). We will not discriminate against you for exercising applicable privacy rights. To submit a privacy request, contact support@keeptrack.at.

11. Cookies and similar technologies

We may use cookies or similar technologies for authentication, session management, security, and analytics. KeepTrack may also use local browser storage for settings and analytics preferences (for example, opt-out status). If Do Not Track is enabled, analytics are disabled where supported. You can control cookies through browser settings, but some features may not function properly without required cookies.

12. Children's privacy

KeepTrack is not directed to children under 13 (or older minimum age where required by local law). We do not knowingly collect personal data from children in violation of applicable law.

13. Third-party services

KeepTrack may link to or integrate with third-party services. Their privacy practices are governed by their own policies, not this Policy.

14. Changes to this Policy

We may update this Privacy Policy. If we make material changes, we will update the effective date and provide notice where required by law.

15. Contact

For privacy requests, subprocessor information, or data processing questions (including DPA requests), contact support@keeptrack.at.