Back to Inventro

Privacy Policy

Last Updated: January 24, 2026

This Privacy Policy explains how Inventro Inc. (“Inventro”, “we”, “us”) collects, uses, and protects personal information related to Tenants, Tenant staff, and website visitors in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable Canadian provincial privacy legislation.

1. Accountability

Inventro is responsible for the personal information under its control. Our Privacy Officer can be reached at legal@inventro.com. We are committed to the ten fair information principles set out in PIPEDA.

2. Information Collected

We collect the following categories of personal information:

  • Account information: Name, email address, business name, and phone number provided during registration
  • Authentication data: Hashed passwords and OAuth tokens (e.g., Google sign-in)
  • Usage data: Feature usage patterns, session duration, and actions taken within the platform
  • Technical data: IP address, browser type, device type, operating system, and referring URL
  • Billing information: Plan selection and billing cycle (payment processing is handled by third-party providers)

3. Purpose of Collection and Use

Personal information is collected and used for the following identified purposes:

  • Providing, operating, and maintaining the Services
  • Authenticating users and securing accounts
  • Processing transactions and sending transactional emails
  • Improving platform performance and user experience
  • Communicating service updates, security alerts, and support messages
  • Complying with legal obligations and enforcing our Terms

We will not use personal information for purposes beyond those identified without obtaining further consent.

4. Consent

By creating an account and using the Services, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy. You may withdraw consent at any time by contacting us, subject to legal or contractual restrictions. We will inform you of the implications of withdrawal.

5. Cookies and Tracking Technologies

Inventro uses the following technologies on its website and platform:

  • Essential cookies: Required for authentication, session management, and security. These cannot be disabled.
  • Local storage: Used to store user preferences (e.g., dismissed banners, theme settings)

Inventro does not currently use third-party analytics cookies, advertising trackers, retargeting pixels, or social media tracking scripts. If this changes, this policy will be updated and consent will be obtained where required.

6. Third-Party Processors (Subprocessors)

Inventro uses the following vetted subprocessors to deliver the Services:

  • Amazon Web Services (AWS) — Cloud hosting, data storage (S3), and email delivery (SES). Data is processed in Canada and the United States.

Personal information is never sold to third parties. Subprocessors are contractually bound to process data only as instructed by Inventro and to maintain appropriate security measures. This list will be updated as subprocessors change.

7. Security Safeguards

We implement administrative, technical, and organizational safeguards proportionate to the sensitivity of the information, including:

  • Encryption in transit (TLS) and at rest (AES-256)
  • Hashed and salted password storage
  • Tenant-level data isolation
  • Role-based access controls
  • Regular security reviews and monitoring

8. Retention and Disposal

Personal data is retained for the duration of your active account. Upon account termination:

  • Account and booking data is retained for up to thirty (30) days to allow recovery, then permanently deleted
  • Financial records may be retained for up to seven (7) years as required by Canadian tax law
  • Security and audit logs may be retained for up to one (1) year

9. Your Rights Under PIPEDA

You have the right to:

  • Access your personal information held by Inventro
  • Correct inaccurate or incomplete information
  • Withdraw consent to the collection, use, or disclosure of your information
  • Request deletion of your personal information, subject to legal retention requirements
  • Export your data in a machine-readable format
  • File a complaint with the Office of the Privacy Commissioner of Canada if you believe your rights have been violated

We will respond to access and correction requests within thirty (30) days.

10. International Transfers

Your personal information may be processed in Canada and the United States through our cloud infrastructure provider (AWS). Appropriate contractual safeguards are in place to ensure your information receives a comparable level of protection.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-platform notification at least thirty (30) days before taking effect.

12. Contact

For privacy inquiries, access requests, or complaints:

Inventro Inc.
Privacy Officer
Ontario, Canada
Email: legal@inventro.com

If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada.