Privacy & Cookie Policy | Warehouse Organizer
Last updated:
1. Who we are
This site and service are operated by Warehouse Organizer LLC (“Warehouse Organizer”, “we”, “us”). Our registered address is [TODO: registered business address]. For any privacy question, or to exercise a data right, contact our privacy team at contact@warehouseorganizer.com [TODO: confirm Data Protection Officer / privacy contact and, where applicable, an EU/UK representative under GDPR Art. 27].
2. Our two roles: controller and processor
We handle personal data in two different capacities, and your rights differ accordingly:
- As a controller — for the data of our direct subscribers: the account and billing details of the people and organizations that sign up for Warehouse Organizer. For that data we decide the purposes and means, and this policy governs it directly.
- As a processor — for the personal data our subscribing organizations load into the product about their people and customers (employee HR and time-clock records, and order/contact data). For that data the subscribing organization is the controller, we act only on its documented instructions, and you should direct requests to that organization. We help our customers meet their obligations (see §8, Your rights).
3. What personal data we process, and why
3.1 Account & authentication (controller)
To create and secure your account we process your first and last name, email address, phone number,
company name, a password (stored only as a BCrypt hash — never in plain text), two-factor
authentication state, session identifiers, and expiring security/reset tokens.
Lawful basis: performance of our contract with you (GDPR Art. 6(1)(b)); our
legitimate interest in securing the service (Art. 6(1)(f)).
3.2 Subscription billing (controller; Stripe as processor)
For paid plans we process your subscription and tier state and billing-contact details. Card
and payment details are collected and stored by Stripe, our payment processor — not on our
systems.
Lawful basis: performance of contract (Art. 6(1)(b)); legal obligation to keep
financial records (Art. 6(1)(c)).
3.3 Employee HR records (processor, on behalf of the employer)
Where an organization uses the HR features, we store the HR records it enters about its employees — which may include a government identifier (e.g. SSN), pay rate, emergency-contact details, employment status and type, title/department, a company ID, and uploaded documents. This data is encrypted at the application layer with a per-organization AES-256 key (envelope encryption, with the key-encrypting key held in a key-management service in production). The employing organization is the controller of this data.
3.4 Time & attendance (processor)
Where an organization uses the time-clock feature, we process clock-in/out timestamps, the assigned work location, approval/superior references, and — where geofencing is enabled — the device geolocation (latitude, longitude and accuracy) captured at the punch. Geolocation is used only to validate that a punch occurred at an authorized work location. We automatically purge stored geolocation after a retention window [TODO: state window; default 90 days], keeping the attendance timestamps needed for payroll and labor-law purposes. Because this is processed for the employer, the employer is the controller and is responsible for the lawful basis and for informing its employees.
3.5 Ordering, storefront & trade documents (processor)
Where an organization uses ordering features, we process its customers’ names, shipping/billing addresses, contact details, and order and pricing history to produce orders, invoices and purchase orders. The organization is the controller of this data.
3.6 Security audit logging (controller / processor)
To keep the service accountable and secure we log actions taken against sensitive features: the acting
user, organization/warehouse, action, timestamp, and a trace identifier. Secrets (passwords, tokens,
government IDs) are redacted before the log is stored. Audit records are protected by
a keyed integrity signature and expire automatically after a retention window [TODO: confirm
window; default 365 days].
Lawful basis: our legitimate interest in security, and legal obligation
(Art. 6(1)(f)/(c)).
3.7 Transactional email (controller / processor)
We send operational email — account invites, two-factor codes, password resets and notifications —
through an email provider, processing the recipient address and message content.
Lawful basis: performance of contract; legitimate interests.
4. Cookies & website analytics
We use a small number of strictly necessary cookies and similar storage to run the site — for example to keep you signed in, protect against cross-site request forgery, remember your language, and store your cookie choice. These are required for the service to work and do not need consent.
We also use optional analytics (Google Analytics via Google Tag Manager) to
understand how the site is used. Analytics only runs after you give consent, and
only when analytics is configured at all — it is disabled by default. Until you choose
“Accept” on our cookie banner, analytics storage stays denied (we use Google Consent
Mode v2 to enforce this). Analytics may process your IP address, device/browser information and usage
events.
Lawful basis: your consent (Art. 6(1)(a)).
Changing your choice. You can accept or reject non-essential cookies from the banner
when it appears. To change your decision later, clear this site’s stored data in your browser
(which removes the saved wa-cookie-consent preference); the banner will appear again on
your next visit. You can also block or delete cookies in your browser settings.
5. Who we share data with
We do not sell your personal data. We share it only with service providers (sub-processors) who help us run the product under contract — currently our payment processor (Stripe), email delivery, analytics (Google, only with consent), hosting, and a key-management service. Our current list of sub-processors and their roles is maintained at [TODO: publish sub-processor list URL — see docs/compliance/sub-processors.md]. We may also disclose data where required by law.
6. International transfers
Our providers may process data outside your country. Where personal data is transferred across borders we rely on an appropriate safeguard, such as the EU Standard Contractual Clauses. [TODO: confirm hosting region(s) and the transfer mechanism for any processing outside the EEA/UK.]
7. How long we keep data
We keep account data for the life of the account. When an account is erased, the identity record is anonymized (name, phone and email are tombstoned and the credential cleared) so it can no longer be linked to you. Employee HR and time-clock data is retained per the employing organization’s instructions and is hard-deleted when a user is removed; captured geolocation is purged on the schedule in §3.4. Billing records are kept for the statutory financial-record period [TODO: confirm period]. Audit logs expire on the schedule in §3.6.
8. Your rights
Subject to applicable law, you have the right to access your data and receive a portable copy, to have it corrected or erased, and to restrict or object to certain processing. The product provides tooling that supports these rights:
- Access & portability — an administrator can export a downloadable copy of a user’s account, roles, HR profile and documents, and time-clock history.
- Erasure — removing a user hard-deletes their HR and time-clock data for the organization and, once they belong to no organization, anonymizes the account. Erasing a whole organization crypto-shreds its encryption key, rendering its encrypted data unrecoverable.
- Rectification — profile and HR records can be edited in the application.
How to exercise your rights. If your data was entered by an employer or organization (HR, time-clock or order data), contact that organization — they are the controller and we will support their request. For data we control (your account and billing), email contact@warehouseorganizer.com. You also have the right to complain to your data-protection supervisory authority [TODO: name the lead supervisory authority].
9. How we protect data
We apply layered technical and organizational measures: TLS encryption in transit; per-organization application-layer field encryption (AES-256-GCM) for sensitive HR data; BCrypt password hashing; role-based access control with a deny-by-default authorization model; RS256-signed API tokens; two-factor authentication; rate limiting; security response headers (HSTS, Content-Security-Policy); and redacted, integrity-protected, retained audit logging.
10. Children
Warehouse Organizer is a business tool and is not directed to children. We do not knowingly collect personal data from children.
11. Changes to this policy
We may update this policy as the service, our providers, or the law change. We will revise the “Last updated” date above and, for material changes, provide a more prominent notice.
12. Contact us
Questions about this policy or your data? Email contact@warehouseorganizer.com or write to us at [TODO: registered business address].
This page is provided for transparency and is not legal advice.