Privacy Policy

FluxVantage provides a multi-tenant warehouse management platform. This policy explains what data we handle when you use the service, why we handle it, and how it is protected. It applies to our website, the application, and the APIs we expose.

We act as a processor for the operational data your organization stores in the platform, and as a controller for the account and contact data we collect to run the business relationship.

We collect the following categories of data:

• Account data: names, work email addresses, roles, and authentication credentials of your users.
• Operational data: the inventory, orders, shipments, receipts, and related records your organization stores in the platform.
• Usage data: log and telemetry data such as IP address, device and browser metadata, and the actions taken in the application.
• Billing data: the plan, billing contacts, and payment metadata required to invoice your subscription.

We use the data we collect to:

• Provide, secure, and operate the platform for your organization.
• Authenticate users and enforce role-based access and tenant isolation.
• Diagnose issues, monitor performance, and prevent abuse.
• Communicate with you about your account, support requests, and material changes to the service.
• Meet legal, accounting, and audit obligations.

We do not sell personal data, and we do not use your operational data to train models for other customers.

Your operational data is isolated from other customers at the database layer using PostgreSQL Row-Level Security. Access is scoped to your tenant on every query, and our staff access to customer data is limited, logged, and granted only when required to operate the service or respond to a support request you initiate.

We share data only as needed to run the service: with infrastructure and subprocessor vendors that host and support the platform, with integration providers you choose to connect (for example, a sales channel or carrier), and where required by law.

Each subprocessor is bound by contractual obligations to protect data consistent with this policy. A current list of subprocessors is available on request.

We retain account and operational data for as long as your subscription is active. After termination, data is retained for a limited wind-down window so you can export it, then deleted or anonymized on a defined schedule unless a longer period is required by law. Audit logs are retained on their own bounded schedule.

We protect data with encryption in transit (TLS 1.3) and at rest, least-privilege database roles, authenticated encryption for stored secrets, and SOC 2-aligned operational controls. No system is perfectly secure, but security is designed into the platform rather than added afterward. See our Security page for detail.

Depending on your jurisdiction, you may have rights to access, correct, export, or delete personal data, and to object to or restrict certain processing. Account administrators can manage most user data directly in the application. For other requests, contact us and we will respond within the time required by applicable law.

Questions about this policy or your data can be sent to privacy@fluxvantage.com. We will respond promptly and route the request to the right team.