Privacy Policy

This is a sample privacy policy template for illustration purposes. Replace with policy reviewed by your own legal counsel before production use.

1. Who we are

Klovio, Inc. ("Klovio," "we," "us," "our") operates the inventory management software available at klovio.app and via our iOS and Android applications (collectively, the "Services"). This Privacy Policy explains how we collect, use, share, and protect personal information when you use the Services.

2. Information we collect

2.1 Information you provide

• Account information: name, email, company name, role, and password (hashed).
• Billing information: payment card details (processed by Stripe; we never store full card numbers).
• Inventory data: the SKUs, quantities, locations, and operational data you enter into the Services.
• Support communications: emails, chat messages, and support tickets.

2.2 Information we collect automatically

• Usage data: features used, pages visited, scan events, performance metrics.
• Device data: IP address, browser type, operating system, mobile device identifiers.
• Log data: timestamps, error messages, API call records (retained 90 days).
• Cookies: see our Cookie Policy.

3. How we use information

• To provide, maintain, and improve the Services.
• To process billing and subscriptions.
• To send service announcements and security notifications (you cannot opt out of these).
• To send product updates and marketing (opt-in; unsubscribe anytime).
• To detect and prevent fraud, abuse, and security incidents.
• To comply with legal obligations.

4. Legal basis for processing (GDPR)

For users in the European Economic Area, we process personal data under the following legal bases:

• Contract: to provide the Services you've subscribed to.
• Legitimate interest: to improve the Services, prevent abuse, and communicate with customers.
• Consent: for marketing communications and non-essential cookies.
• Legal obligation: for tax, accounting, and regulatory requirements.

5. How we share information

We do not sell your personal information. We share information only with:

• Subprocessors that provide infrastructure (AWS), payments (Stripe), analytics (PostHog), error tracking (Sentry), customer support (Intercom), and email (Postmark). Full list in our Data Processing Agreement.
• Integration partners when you connect them (Shopify, QuickBooks, Xero, etc.). We only share the data needed for the integration.
• Authorities when required by valid legal process (subpoena, court order). We push back on overbroad requests.
• Acquirers in the event of a merger, acquisition, or asset sale — with the same protections applied.

6. Data retention

We retain your data for as long as your account is active. After cancellation:

• Account and inventory data: deleted within 60 days unless you request earlier deletion.
• Backups: retained for an additional 30 days, then deleted.
• Billing records: retained for 7 years to comply with tax law.
• Support communications: retained for 2 years.

7. Your rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data ("right to erasure").
• Export your data in a machine-readable format.
• Object to or restrict certain processing.
• Withdraw consent for marketing communications.
• Lodge a complaint with your local data protection authority.

To exercise any right, email privacy@klovio.app. We respond within 30 days.

8. International data transfers

Klovio is headquartered in the United States. If you access the Services from outside the US, your data may be transferred to and processed in the US. For EU/EEA/UK users, we use Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for transfers.

9. Security

We implement industry-standard technical and organizational measures to protect your data, including AES-256 encryption at rest, TLS 1.3 in transit, role-based access controls, and SOC 2 Type II compliance. See our Security page for details.

10. Children

The Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If you believe we have, contact us immediately.

11. Changes to this policy

We may update this Privacy Policy. Material changes will be communicated by email at least 30 days before taking effect. The "Last updated" date at the top reflects the most recent revision.

12. Contact us

Klovio, Inc.
600 Congress Ave, Suite 1200
Austin, TX 78701, United States

Privacy inquiries: privacy@klovio.app
EU representative: eu-rep@klovio.app