Privacy Policy

Last Updated: May 27, 2026

🔐

Zero-Knowledge Architecture

Inventry uses end-to-end encryption. Your asset data (titles, descriptions, serial numbers, VINs, purchase prices, and notes) is encrypted on your device before it ever reaches our servers.

This means we cannot read, access, or share your asset information. Even if our servers were breached, attackers would only find encrypted gibberish that is mathematically impossible to decrypt without your password.

Inventry ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

1. Information We Collect

We collect information you provide directly to us, including:

  • Account Information: Name, email address, password (hashed).
  • Encrypted Asset Data: Descriptions, photos, values, serial numbers, VINs. (We store this as encrypted blobs).
  • Usage Data: Device type, OS version, and subscription status.

2. Technical Security Specification

We employ military-grade security standards to protect your data:

  • Encryption: AES-256-GCM for all asset data.
  • Key Derivation: PBKDF2 (SHA-256) with 100,000+ iterations to derive your encryption key from your password.
  • Storage: Encryption keys are derived on-device and stored in your device's Secure Enclave (iOS Keychain / Android Keystore).
  • Transport: All data is transmitted over TLS 1.3 (HTTPS).
  • Password Reset: Your encryption salt is stored securely on our servers, enabling password reset via email while maintaining encryption.

3. How We Use Your Information

We use your information strictly to:

  • Provide and maintain the Inventry service.
  • Process subscription payments (via Apple/Google).
  • Send critical security alerts or support messages.

We do NOT sell your data to third parties.

4. Third-Party Services

We use trusted infrastructure providers:

  • Supabase: For encrypted cloud database storage.
  • Apple/Google: For processing App Store and Play Store subscriptions.
  • OpenAI: For optional image analysis. (Images are processed ephemerally and not used to train models).
  • Google Ads: We may share hashed email addresses with Google to serve relevant advertising to existing users on Google's ad network. This data is transmitted in hashed form and is not used by Google for any purpose other than audience matching. You can opt out at any time via Google's Ad Settings.

5. Data Retention & Deletion

We retain your encrypted data as long as your account is active. You can request full account deletion at any time from within the app settings. Upon deletion, all your data is permanently removed from our servers immediately.

6. Contact Us

For privacy concerns or security questions, please contact our support team.

Back to Home