Inventory Inventory Logo
Inventory Inventory
Privacy Policy

Effective date: May 2, 2026  ·  Last updated: May 2, 2026

1. Who We Are

Pandacat Inc. ("Company", "we", "us", or "our") operates the Inventory Inventory application and related services (collectively, the "Service"). Our contact address for privacy matters is privacy@pandacat.ca.

This Privacy Policy explains what information we collect, why we collect it, how we use and protect it, and your rights regarding your information. By using our Service you agree to the practices described in this Policy.

2. Information We Collect

2.1 Account Information

When you sign in via Google Sign-In, Google provides us with your name, email address, Google profile photo URL, and a unique Google account identifier. We use this information to create and manage your account. We may also store optional profile fields you enter directly, such as your first name, last name, phone number, and industry.

2.2 Identity Verification Data

Before accessing any paid subscription tier or paid add-on for the first time, we require a one-time identity verification. During this process we collect:

  • A verification photograph — a single image you capture using your device camera showing your face and a government-issued photo ID document (such as a driver's licence, passport, or national identity card) held together.
  • Verification metadata — the date and time of each attempt, the number of attempts made, and the outcome of automated and manual review.

How this data is processed: Your verification photograph is first submitted to an automated AI visual-inspection system (Google Gemini) to determine whether a face and a photo ID are both clearly visible. We do not extract, create, store, or use any biometric template, facial geometry measurement, or biometric identifier from your photograph. If the automated check cannot confirm your submission (after two attempts), the photograph is uploaded to secure, access-restricted cloud storage and reviewed manually by an authorised platform administrator.

Access: Verification photographs stored for manual review are accessible only to authorised Pandacat Inc. administrators. They are stored in a path separate from other user-uploaded content and are not publicly accessible.

Retention: If your verification is approved automatically, no photograph is stored in long-term storage. If your verification is approved after manual review, the photograph may be retained for up to 90 days following approval for audit and security purposes, after which it is permanently deleted. If a platform administrator resets your verification status, the associated photograph record is removed from our systems.

2.3 Login and Security Information

Each time you sign in to the Service, we record and retain the following information in your account record:

  • Your IP address at the time of sign-in
  • The date and time of sign-in
  • A truncated user-agent string identifying your browser and operating system

We retain a rolling record of up to 30 most-recent login events. Older events are automatically overwritten. This information is used exclusively for platform security, fraud detection, and account integrity. Authorised platform administrators may access this information for the purposes of security monitoring.

2.4 Inventory and User Content

We store all inventory data you create through the Service, including item names, descriptions, quantities, prices, barcodes, and images you upload. This content is stored in your account and is not shared with other users. Images you upload are stored in cloud storage and may be served publicly via a URL to enable display within the application.

2.5 Camera and Media Access (Shelf Watch)

The Shelf Watch feature requires access to your device camera. We use the browser-native getUserMedia API to capture a live video stream on your device. Still-frame captures from this stream may be sent to our AI processing service (Google Gemini) to count or identify items on a shelf. We do not record, store, or retain continuous video footage from your camera. Frame captures sent for AI analysis are processed transiently and are not retained after analysis is complete. Your camera is only accessed while a Shelf Watch session is actively running and with your explicit initiation.

The remote-view feature of Shelf Watch uses peer-to-peer (WebRTC) technology. Video streams are transmitted directly between the broadcaster and the viewer and are not routed through or stored on our servers, although signalling data used to establish the connection is temporarily processed by our infrastructure.

2.6 Payment Information

All payment processing is performed by Stripe, Inc. We do not collect, transmit, or store your payment card details. We receive from Stripe a customer identifier, subscription identifiers, subscription status, and billing period dates, which we store to manage your account features. Your financial information is governed by Stripe's Privacy Policy.

2.7 API Keys

If you generate a developer API key, we store a hashed or generated token associated with your account. For security reasons, the full API key is shown to you only once at the time of generation. You are responsible for its security.

2.8 Usage and Technical Data

We collect general technical and usage data to operate and improve the Service, including page interactions, feature usage patterns, error logs, and performance metrics. This data is aggregated or anonymised where possible.

2.9 reCAPTCHA Enterprise

We use Google reCAPTCHA Enterprise to protect the Service from automated abuse. This service collects hardware and software information such as device and application data, and sends it to Google for analysis. This collection is subject to the Google Privacy Policy and Terms of Service.

3. How We Use Your Information

  • To create, maintain, and authenticate your account
  • To verify your identity before granting access to paid features
  • To provide and deliver the features of the Service you have subscribed to
  • To process payments and manage your subscription
  • To detect and prevent fraud, abuse, and unauthorised access
  • To monitor the security and integrity of the platform
  • To send transactional communications related to your account or subscription
  • To comply with legal obligations
  • To enforce our Terms of Service
  • To improve and develop the Service

Legal bases for processing (GDPR): We process your personal data on the following legal bases: (a) performance of a contract — to provide the Service you have signed up for; (b) legitimate interests — for security, fraud prevention, and platform integrity; (c) compliance with legal obligations; and (d) your explicit consent, particularly for identity verification and camera access.

4. Platform Administration and Monitoring

Authorised Pandacat Inc. administrators have technical access to account data for the purposes of platform security, identity verification review, fraud investigation, and compliance. Specifically, administrators may access:

  • Your account profile information (name, email, industry)
  • Your subscription status and plan details
  • Your login history (IP addresses, timestamps, user agents)
  • Your inventory item list (names and quantities)
  • Your active Shelf Watch session count
  • Your identity verification status and, where applicable, your verification photograph

Administrator access is restricted to a single authorised individual. Administrator access to your data is logged and is used solely for legitimate operational and security purposes, not for commercial profiling.

5. AI Processing and Third-Party Providers

Certain features of the Service transmit user content to third-party AI services for processing. This includes but is not limited to:

  • Identity verification photographs — submitted to Google Gemini for automated visual inspection to determine whether a face and photo ID are present.
  • Inventory identification images and voice recordings — submitted to Google Gemini to identify parts, transcribe voice input, and parse file content.
  • Shelf Watch frame captures — submitted to Google Gemini to count or identify items in a monitored area.

All AI processing is performed through Google's Gemini API. Content submitted is used only to provide the specific feature requested and is subject to Google's API data usage policies. We do not use your content to train AI models.

Our Third-Party Service Providers

  • Google LLC — Authentication (Firebase Auth), database (Cloud Firestore), file storage (Cloud Storage), backend functions (Cloud Functions), application hosting, abuse protection (reCAPTCHA Enterprise), and AI processing (Gemini API). Governed by Google's Privacy Policy.
  • Stripe, Inc. — Payment processing and subscription management. Governed by Stripe's Privacy Policy.

6. Data Sharing and Disclosure

We do not sell your personal data. We do not share your personal data with third parties except:

  • With our service providers as described in Section 5, solely to operate the Service
  • When required by applicable law, regulation, court order, or lawful governmental request
  • To protect the rights, property, or safety of Pandacat Inc., our users, or the public, including to prevent fraud or enforce our Terms of Service
  • In connection with a merger, acquisition, or sale of all or a portion of our assets, in which case we will provide notice before your data is transferred and becomes subject to a different privacy policy

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Specific retention periods:

  • Account data: Retained for the life of your account and deleted within 90 days of account termination.
  • Identity verification photographs: Not retained if approved automatically. If reviewed manually, retained for up to 90 days after approval, then permanently deleted.
  • Login history: A rolling window of up to 30 entries is maintained. Older entries are automatically overwritten.
  • Inventory content: Retained until deleted by you or until your account is terminated.
  • Payment records: Retained as required by financial regulations and Stripe's data retention policies.

8. Data Security

We implement commercially reasonable technical and organisational measures to protect your data, including:

  • Encryption in transit (TLS) and at rest for stored data
  • Firestore security rules restricting data access to account owners
  • Firebase App Check and reCAPTCHA Enterprise to protect against automated abuse
  • Separate, access-restricted storage paths for identity verification photographs that are inaccessible to the general public
  • Administrative access gated behind Google authentication with email-level verification

No method of electronic transmission or storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

9. Your Privacy Rights

Rights for All Users

  • Access: You may request a copy of the personal data we hold about you.
  • Correction: You may update certain profile information directly through the Service; for other corrections, contact us.
  • Deletion: You may request deletion of your account and associated personal data by contacting us. We will fulfil deletion requests within 30 days, subject to legal retention requirements.
  • Verification data deletion: You may request deletion of your identity verification photograph and associated data by contacting us. Note that deleting verification data will reset your verification status and require you to re-verify before accessing paid features.

Additional Rights for EEA, UK, and Swiss Residents (GDPR)

  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time without affecting the lawfulness of prior processing
  • Right to lodge a complaint with your local supervisory authority

Additional Rights for California Residents (CCPA / CPRA)

California residents have the right to know what categories of personal information we collect and how it is used, to request deletion of personal information, to opt out of the sale of personal information (we do not sell personal information), and to non-discrimination for exercising these rights. To exercise these rights, contact us at privacy@pandacat.ca.

Categories of personal information collected: identifiers (name, email, IP address); commercial information (subscription data); internet or other electronic network activity; geolocation data (inferred from IP); visual information (verification photograph, uploaded inventory images).

10. Biometric Data Notice

The identity verification process captures a photograph of your face alongside a government-issued ID. We do not extract, derive, create, or store any biometric identifier or biometric information from this photograph, including face geometry, facial scan data, or any mathematical representation of your biometric features. The photograph is used only for visual, human-readable confirmation that a face and an ID document are present. We do not use facial recognition technology to identify or verify your identity through biometric matching.

If you are a resident of Illinois or another jurisdiction with specific biometric privacy laws, please note that because we do not collect biometric identifiers as defined under applicable law (e.g., the Illinois Biometric Information Privacy Act), those specific statutes do not apply to our verification process. However, we treat your verification photograph as highly sensitive personal data and apply the strictest access controls and retention limits described in this Policy.

11. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will take steps to delete it promptly.

12. International Data Transfers

Your information is processed and stored on servers operated by Google LLC, which may be located in the United States or other jurisdictions. If you are located outside the United States, your information is transferred to and processed in the United States and other countries that may have different data protection laws than your jurisdiction. We rely on Google's standard contractual clauses and adequacy decisions where applicable to provide appropriate safeguards for such transfers.

13. Cookies and Tracking Technologies

We use Firebase Authentication session cookies to maintain your logged-in state. These are strictly necessary for the Service to function and do not require separate consent. We do not use third-party advertising cookies or cross-site tracking technologies.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page. For significant changes, we will make reasonable efforts to notify you, such as by displaying a notice within the Service. Your continued use of the Service after the effective date of the revised Policy constitutes your acceptance of the changes.

15. Contact Us

For any questions, requests, or complaints regarding this Privacy Policy or your personal data, please contact our privacy team:

We will respond to all verifiable requests within 30 days.