Privacy Policy

Last Updated: December 30, 2025

1. Introduction

MyStorageBuddy ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our storage organization and inventory management service ("Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the Service.

2. Information We Collect

2.1 Personal Information

We collect the following personal information when you register and use our Service:

  • Account Information: Username, email address, password (encrypted)
  • Profile Information: Full name, phone number, address (optional)
  • Payment Information: Billing information processed securely through Stripe (we do not store credit card details)

2.2 User Content

Content you upload to the Service, including:

  • Box inventory descriptions and contents
  • Images of your stored items
  • Location data for boxes
  • Collection names and organization data
  • QR code data and metadata

2.3 Automatically Collected Information

We automatically collect certain information when you use the Service:

  • Usage Data: Pages visited, features used, time spent on the Service
  • Device Information: Browser type, operating system, device identifiers
  • Log Data: IP address, access times, error logs
  • Cookies: Session cookies and preference cookies (see Section 8)

2.4 Third-Party Authentication

If you register using Google OAuth, we receive basic profile information (name, email) from the third-party provider in accordance with your privacy settings on that platform.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Provide the Service: Create and manage your account, store your inventory data, generate QR codes
  • Process Payments: Handle subscription billing and payment processing through Stripe
  • Improve the Service: Analyze usage patterns to enhance features and user experience
  • Customer Support: Respond to your inquiries and provide technical assistance
  • Security: Detect and prevent fraud, abuse, and security incidents
  • Communications: Send service-related notifications, updates, and marketing communications (with your consent)
  • AI Features: Process uploaded images using Google Gemini AI to generate item descriptions
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Service

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share data with third-party service providers who help us operate the Service:

  • Amazon Web Services (AWS): Cloud storage for images and QR codes
  • Stripe: Payment processing (they have their own privacy policy)
  • Google Gemini AI: Image analysis and description generation
  • Email Service Providers: Sending transactional and marketing emails

4.2 Public QR Codes

If you mark a box as "Public," anyone with the QR code link can view that box's contents and images without logging in. Use "Private" boxes to require authentication for viewing.

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Court orders, subpoenas, or legal processes
  • Government or regulatory requests
  • Protection of our rights, property, or safety
  • Investigation of fraud or security issues

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you before your information is transferred and becomes subject to a different privacy policy.

5. Data Storage and Security

5.1 Data Location

Your data is stored on secure servers provided by Amazon Web Services (AWS) and Render.com. Our database and file storage comply with industry-standard security practices.

5.2 Security Measures

We implement appropriate security measures to protect your information:

  • Passwords are encrypted using bcrypt hashing
  • Data transmission is encrypted using SSL/TLS
  • Access controls and authentication mechanisms
  • Regular security updates and monitoring
  • Secure cloud storage with access restrictions

5.3 Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. When you delete your account, we will delete your personal information within 90 days, except where we are required to retain it for legal or regulatory purposes.

5.4 No Guarantee

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

6. Your Rights and Choices

6.1 Access and Update

You can access and update your personal information through your account settings at any time.

6.2 Data Portability

You have the right to request a copy of your data in a structured, machine-readable format. Contact us to make such a request.

6.3 Account Deletion

You can delete your account at any time. This will permanently delete all your data, including boxes, images, and inventory records. This action cannot be undone.

6.4 Marketing Communications

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email or by updating your email preferences in your account settings. You will continue to receive transactional emails related to your account and subscriptions.

6.5 Cookie Preferences

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the Service.

6.6 Do Not Track

We do not currently respond to "Do Not Track" browser signals. We track usage to improve the Service but do not use tracking for advertising purposes.

7. Children's Privacy

Our Service is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

8. Cookies and Tracking Technologies

8.1 What Are Cookies

Cookies are small text files stored on your device that help us provide and improve the Service.

8.2 Types of Cookies We Use

  • Essential Cookies: Required for authentication and basic Service functionality
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Help us understand how users interact with the Service

8.3 Third-Party Cookies

We may use Google Analytics to analyze Service usage. Google Analytics uses cookies to collect anonymous usage data. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

9. International Data Transfers

Your information may be transferred to and stored on servers located in the United States and other countries where our service providers operate. By using the Service, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request information about the categories and specific pieces of personal information we collect
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: We do not sell personal information
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, please contact us through the Help section. We will verify your identity before processing your request.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right of Access: Obtain confirmation of whether we process your data and access to your data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Request restriction of processing under certain circumstances
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to processing of your data for certain purposes
  • Right to Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, please contact us. You also have the right to lodge a complaint with your local data protection authority.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Privacy Policy on this page and updating the "Last Updated" date. We may also send you an email notification for significant changes.

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through:

  • Help Center: Available through the Help section of our website
  • Email: Use the contact form on our website

We will respond to your inquiry within 30 days.

14. Consent

By using the Service, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

Back to Home