Privacy Policy

Last updated: April 2026

MillTrak, Inc. ("MillTrak", "we", "us", or "our") is committed to protecting the privacy of our users. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information. By using MillTrak, you agree to the practices described below.

1. What Data We Collect

Account Information

When you create an account, we collect your name, email address, company name, phone number, and role. This information is necessary to provide you with access to MillTrak and personalize your experience.

Usage Data

We collect information about how you interact with MillTrak, including pages visited, features used, session duration, and device information (browser type, operating system, screen resolution). This helps us improve the product.

Shop Data

The data you enter into MillTrak, including quotes, jobs, customers, invoices, materials, quality records, and all related business information. This data belongs to you and is stored securely on your behalf.

Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers, bank account details, or other sensitive financial information on our servers. We only receive confirmation of payment status and the last four digits of your payment method for display purposes.

2. How We Use Data

  • Provide the Service: Your data is used to operate MillTrak, including generating quotes, tracking jobs, managing inventory, and processing invoices.
  • Improve the Product: Aggregated and anonymized usage data helps us understand which features are most valuable and where to focus development.
  • Transactional Emails: We send emails related to your account, such as invoices, quote notifications, password resets, and important service updates.
  • We Never Sell Your Data: Your data is never sold, rented, or shared with third parties for advertising or marketing purposes. Period.

3. Data Storage & Security

All data is stored on infrastructure hosted by Amazon Web Services (AWS) in the United States, managed through Supabase. We implement industry-standard security measures including:

  • AES-256 encryption for all data at rest
  • TLS 1.3 for all data in transit
  • SOC 2 certified infrastructure and operational practices
  • Regular security audits and penetration testing
  • Automated daily backups with point-in-time recovery

4. Data Ownership

Your data belongs to you. MillTrak is a tool that stores and processes your shop data on your behalf. You retain full ownership of all data you enter into the platform.

  • You can export all of your data at any time in standard formats (CSV, JSON).
  • If you cancel your subscription, your data is retained for 30 days so you can export it.
  • After the 30-day retention period, all data is permanently deleted from our servers and backups.

5. Third-Party Services

We use the following third-party services to operate MillTrak. Each service only receives the minimum data necessary to perform its function:

Stripe

Payment processing. Handles all credit card and ACH transactions. We never see or store your full card number.

Supabase

Authentication, database, and user management. Handles sign-in, sign-up, session management, and data storage.

Resend

Transactional email delivery. Sends invoices, quote notifications, password resets, and system alerts.

Anthropic

AI features including RFQ email parsing via Claude. Only the content of forwarded RFQ emails is sent for processing. We do not share your shop data, customer information, or pricing.

PostHog

Product analytics. Collects anonymized usage data to help us improve MillTrak. You can opt out of analytics tracking at any time.

Sentry

Error monitoring. Captures application errors and performance data to help us identify and fix bugs quickly.

6. Cookies

MillTrak uses essential cookies only by default. These are necessary for authentication, security (CSRF protection), and locale preferences. We do not use advertising cookies, Facebook pixels, Google Ads tracking, or any third-party advertising technology.

If you opt in to analytics, we use PostHog cookies to understand how the product is used. You can opt out of analytics cookies at any time from your account settings. See our Cookie Policy for full details.

7. GDPR Compliance

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):

  • Right to Access: Request a copy of all personal data we hold about you.
  • Right to Correction: Request correction of any inaccurate personal data.
  • Right to Deletion: Request deletion of your personal data from our systems.
  • Data Portability: Request your data in a structured, commonly used, machine-readable format.
  • Data Processing Agreement: A DPA is available upon request for enterprise customers.

To exercise any of these rights, contact us at privacy@milltrak.com.

8. Contact

For any questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: privacy@milltrak.com

Company: MillTrak, Inc.

This Privacy Policy was last updated in April 2026. We may update this policy from time to time. We will notify you of any material changes by email or through a notice within the MillTrak application.