SparrowTrack Privacy Policy

This Privacy Policy describes how SparrowTrack, LLC ("SparrowTrack," "we," "us," or "our") collects, uses, stores, discloses, and protects information when individuals or organizations access our website, web application, authenticated workspaces, shared record pages, and related services (collectively, the "Service").

SparrowTrack is a business-to-business software platform that helps organizations create, manage, organize, and share operational records relating to handoffs, shipments, pickups, transfers, inspections, photos, item condition, accountability, and related workflows.

By accessing or using the Service, users acknowledge the practices described in this Privacy Policy.

SparrowTrack primarily provides services to companies, organizations, and their authorized personnel.

Where SparrowTrack provides services to a customer organization, that organization is generally responsible for the information its users submit to the Service, including event records, item records, photos, notes, references, and related operational content.

Depending on applicable law, a customer organization may act as the controller or business, and SparrowTrack may act as a processor or service provider with respect to certain information processed on its behalf.

Customer organizations and their authorized users are responsible for:

• determining what information is entered into the Service
• ensuring they have authority to submit, upload, view, and share such information
• ensuring user accounts are used only by authorized personnel
• complying with applicable laws, regulations, customer policies, and internal procedures
• reviewing records for accuracy, completeness, and suitability
• maintaining their own operational, regulatory, and recordkeeping responsibilities

SparrowTrack may provide organization-based access and user account functionality. Administrative tools, retention settings, sharing settings, and available permission features may vary depending on product version, configuration, and features enabled at the time of use.

Depending on how the Service is used, we may collect:

a. Account and Identity Information

• Name
• Business email address
• Authentication identifiers
• Organization membership
• User role and permission status
• Session identifiers

b. Organization Information

• Company or organization name
• Workspace identifiers
• Subscription status
• Configuration settings
• Operational preferences

c. Operational Records and User Content

• Event records
• Item records
• References and identifiers
• Notes and comments
• Status fields
• Timestamps
• Change history
• Shared record content
• Uploaded photos and files

d. Technical Information

• Usage analytics
• Session activity
• Security logs
• Error logs
• Device type
• Browser type
• Operating system
• IP address

e. Communications Information

• Demo requests
• Waitlist / early access submissions
• Support requests
• Sales communications
• Feedback submissions

f. Payment Information

If billing is enabled, limited subscription or billing information may be processed through third-party payment providers. SparrowTrack does not store full payment card details unless expressly stated.

We may automatically collect limited technical and usage information when users access the Service, such as:

• Login activity
• Browser type
• Device type
• Operating system
• IP address
• Session or request metadata
• Error reports
• Security events
• Performance diagnostics

This information may be collected directly by SparrowTrack or by trusted third-party infrastructure and service providers used to operate the Service.

SparrowTrack may use browser storage technologies, authentication tokens, local storage, session mechanisms, or similar technical tools necessary to support secure login, account access, fraud prevention, and normal functionality.

At this time, SparrowTrack may not use traditional marketing or advertising cookies.

Users may adjust browser or device settings that block certain storage technologies, though some functionality may be affected.

If a user grants browser or device permissions, SparrowTrack may access the device camera to capture photos, scan barcodes, or support related workflows initiated by the user.

The Service may also support barcode scanning or scannable text workflows.

Camera access is used only when initiated by the user and is not used for background monitoring.

Uploaded media may contain metadata generated by the user’s device.

SparrowTrack does not intentionally collect, store, or persist precise GPS location data during normal use of the Service.

If uploaded files contain embedded metadata created by the user’s device, such metadata may remain part of the original file unless removed or transformed by system processes.

SparrowTrack uses trusted third-party providers to operate and secure the Service. These providers may process limited information as necessary to perform services on our behalf.

Examples include:

Authentication & Identity Management

Clerk for login, session management, identity verification, and user administration. Privacy Policy: https://clerk.com/legal/privacy

Cloud Hosting, Storage, and Infrastructure

Amazon Web Services (AWS) for backend hosting, databases, storage, networking, backups, and compute resources. Privacy Policy: https://aws.amazon.com/privacy

Frontend Hosting, Deployment & CDN

Vercel for hosting the SparrowTrack frontend, deployments, edge delivery, and related web infrastructure. Privacy Policy: https://vercel.com/legal/privacy-policy

We use commercially reasonable safeguards designed to protect information, which may include administrative and technical measures appropriate to the nature of the Service.

• Encrypted HTTPS/TLS connections
• Authentication controls
• Secure cloud storage configurations
• Backups
• Logging and monitoring
• Restricted administrative access

However, no method of transmission or storage is completely secure, and absolute security cannot be guaranteed.

We use information to provide, operate, maintain, improve, and support the Service.

This includes authenticating users, managing organization access, enabling record creation and sharing, responding to support requests, administering subscriptions, communicating service notices, and protecting the platform.

We may also use information for analytics, troubleshooting, product development, fraud prevention, and compliance with legal obligations.

SparrowTrack does not sell customer data, user data, uploaded records, photos, or operational records for monetary consideration.

We do not use customer data for cross-context behavioral advertising or targeted advertising based on third-party activity.

SparrowTrack is a documentation and workflow platform. Records within the Service depend substantially on information entered, uploaded, or maintained by users and customer organizations.

Incomplete, outdated, or inaccurate entries may lead to incomplete or inaccurate outputs.

Timestamps, notes, photos, and status fields generally reflect submitted information and recorded system activity at the time of entry.

Customer organizations and authorized users are responsible for reviewing records and determining whether they are suitable, complete, and accurate for their intended use.

Unless expressly stated in a separate written agreement signed by SparrowTrack, the Service does not certify, guarantee, determine, or warrant regulatory compliance, maintenance sufficiency, chain of custody certainty, authenticity, safety status, or fitness for purpose.

Customers remain solely responsible for inspections, approvals, operational decisions, and compliance determinations.

We may disclose information to trusted vendors that assist in operating, securing, hosting, supporting, and improving the Service.

Information may also be made available within a customer organization based on authenticated membership, available product settings, and features enabled by that organization.

Authorized users may generate shared record links, exports, or reports. Anyone with access to a valid shared link may be able to view the information made available through that link.

We may also disclose information when required by law, legal process, or in connection with mergers, acquisitions, financing, restructuring, or sale of assets.

The Service may contain links or integrations with third-party websites or services.

We are not responsible for the privacy practices or content of services not controlled by SparrowTrack.

We retain information for as long as reasonably necessary to provide the Service, maintain accounts, preserve backups, resolve disputes, enforce agreements, and comply with legal obligations.

We may also retain archived copies or backups for disaster recovery, security, legal, or operational continuity purposes.

Customers and users are responsible for:

• Protecting passwords and credentials
• Managing internal access
• Controlling shared links
• Ensuring authority to upload records
• Securing endpoint devices
• Maintaining internal compliance procedures

Information may be processed in the United States or other jurisdictions where SparrowTrack or its providers operate. Those jurisdictions may have different data protection laws.

The Service is intended for business use and is not directed to children under 13 years of age.

We do not knowingly collect personal information from individuals under 13.

Depending on applicable law, individuals may have rights to request access, correction, deletion, portability, restriction, or objection regarding certain personal information.

Certain United States residents may have additional rights under applicable state privacy laws.

Where SparrowTrack processes data on behalf of a customer organization, requests may need to be directed first to that organization.

Requests may be sent to support@sparrowtrack.app

We may update this Privacy Policy periodically.

Updated versions will be posted with a revised effective date. Material changes may also be communicated where appropriate.

SparrowTrack, LLC

Email: support@sparrowtrack.app