Privacy Policy

Effective Date: 1st May 2025
Last Updated: 1st May 2025

At ToolStack, your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website and mobile applications (collectively referred to as “ToolStack”).

1. Who We Are

ToolStack (“we”, “our”, or “us”) is a platform designed to help individuals and tradespeople track, manage, and document tools, receipts, and serial numbers for insurance, maintenance, and theft reporting purposes. We are based in the United Kingdom and comply with the UK General Data Protection Regulation (UK GDPR) and the EU GDPR, where applicable.

2. What Information We Collect

When using the ToolStack Website:

  • Name, email, and account details (if submitted via forms)
  • IP address and device/browser information (via cookies or analytics)
  • Page visits and interactions (if analytics is enabled)

When using the ToolStack App:

  • User profile details (name, email)
  • Tool information: photos, serial numbers, receipts, value, notes
  • Location data (only when capturing tool location and with your consent)
  • Face ID or biometric access (optional, on-device only)

We do not collect any unnecessary personal data, nor do we sell your data to third parties.

3. How We Use Your Data

We use your data to:

  • Provide and maintain the core functionality of ToolStack
  • Store your tool records securely and allow backup/restoration
  • Communicate with you regarding support or updates
  • Generate reports (e.g., inventory or theft PDFs)
  • Improve our services (if anonymized usage analytics are enabled)
  • Comply with legal or regulatory obligations

4. Legal Bases Under GDPR

We process your data under the following lawful bases:

  • Consent: For features like location tracking or biometric login
  • Contract: To deliver services you’ve requested
  • Legal obligation: Where required by law
  • Legitimate interest: For app functionality and limited analytics

5. Data Retention

We retain your data only as long as necessary for its intended purpose. Tool records and backups may be archived or deleted after extended inactivity or upon user request. You can delete your data at any time from within the app.

6. Data Sharing and Third Parties

We do not sell or rent your data. We may share limited data with:

  • Cloud storage or backup providers (for sync and restore)
  • Law enforcement, only when legally required

All processors are GDPR-compliant and bound by strict confidentiality agreements.

7. Your Rights Under GDPR

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion (“right to be forgotten”)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent (where applicable)

To exercise your rights, contact us at: privacy@toolstack.co.uk

8. Cookies & Tracking (Website Only)

Our website uses cookies for basic functionality and limited analytics. You can manage cookies through your browser settings.

9. Data Security

We follow industry best practices, including encryption, secure authentication, and on-device storage for sensitive information. Face ID or biometric data is never uploaded to our servers.

10. International Data Transfers

If any data is transferred outside the UK/EU (e.g., to U.S.-based cloud providers), we ensure such transfers comply with GDPR using Standard Contractual Clauses or equivalent safeguards.

11. Changes to This Policy

We may update this Privacy Policy. Changes will be posted here with a revised “Last Updated” date.

Scroll to Top