Inventory management built for every team, location, and industry.

Use Cases

Workspace Management

Isolate operations with independent workspaces.

Multi-Location Tracking

Manage stock across branches, warehouses, and zones.

AI Inventory Management

AI-powered import, reorder calculations, and demand alerts.

All use cases

Industries

Retail

Multi-location stock tracking for stores and ecommerce.

Restaurant

Perishable inventory, expiry tracking, and kitchen zones.

Warehouse

Bin-level tracking, cycle counts, and fulfillment control.

Manufacturing

Raw materials, WIP tracking, and production kits.

Medical

Lot traceability, expiry monitoring, and clinical supply.

Construction

Job-site material tracking and tool management.

All industries

Pricing Sign In Start Free Trial

Privacy Policy

Effective Date: April 6, 2026

Stocklyst ("we", "our", or "us") provides an inventory management platform available as a web application and mobile app. This Privacy Policy explains how we collect, use, store, and protect your information when you use our services.

Data Controller

The data controller responsible for your personal data is:

Wajud FZCO
RA08-CB04, N418 Street, JAFZA
Dubai, United Arab Emirates
Email: support@stocklyst.com

1. Information We Collect

Account Information

When you create an account, we collect your email address and optionally your full name and profile photo. We use passwordless authentication — a 6-digit verification code is sent to your email each time you sign in. We do not collect or store passwords.

Business Data

You provide business data including company details, branch locations, storage zones, inventory items (names, SKUs, descriptions, pricing, quantities, product images), stock transfers, and bundles. This data is created and managed entirely by you and your team.

Usage Data

We collect search queries within the app to improve search results and identify demand patterns. We maintain activity logs that record actions taken within the platform (such as creating items, completing transfers, or adjusting quantities) for audit trail purposes. These logs may include your IP address and browser user agent.

AI Connector Data

If you intentionally connect Stocklyst to an AI assistant such as ChatGPT or Claude, the tool calls you trigger may send selected account, workspace, inventory, report, and user-management data to that provider so it can process your request and generate a response. Only the data needed for the tool call you initiate is sent.

Device Information

Our mobile app requests camera access solely for barcode scanning. We do not collect location data, device identifiers, or biometric information. The mobile app stores a local copy of your data on your device for offline functionality.

2. How We Use Your Information

To provide and operate the inventory management service
To authenticate your identity and maintain your session
To sync data between your devices (web and mobile)
To send verification codes and team invitation emails
To maintain audit trails for your business records
To calculate stock levels, reorder points, and demand alerts
To fulfill optional AI assistant requests when you connect Stocklyst to services like ChatGPT or Claude
To enforce rate limits and prevent abuse
To analyze search queries within the app to identify unmet demand and improve results

We do not sell your data. We do not use your data for advertising. We do not share your data with third parties for marketing purposes.

3. Data Storage and Security

Your data is stored in a PostgreSQL database hosted by Supabase with row-level security (RLS) policies that isolate each company's data. Product images are stored in Supabase Storage. All data is encrypted in transit (TLS) and at rest.

Session tokens are stored in HTTP-only secure cookies. The mobile app stores an encrypted local copy of your data in SQLite for offline access.

4. Third-Party Services

We use the following third-party services to operate Stocklyst:

Supabase — Database hosting, authentication, and file storage
Resend — Transactional email delivery (verification codes, team invitations)
Vercel — Web application hosting
Expo (EAS) — Mobile app build and distribution
Google Analytics 4 — Web analytics service provided by Google LLC that uses cookies to measure site traffic, usage patterns, and user behavior. Loaded only with your consent via our cookie banner. See Google's Privacy Policy.
Google Ads — Advertising platform provided by Google LLC used for conversion tracking. Cookies are set only with your consent via our cookie banner. See Google's Privacy Policy.
Vercel Analytics — Privacy-focused web analytics to understand usage patterns. Loaded only with your consent via our cookie banner.
Vercel Speed Insights — Performance monitoring to measure page load times and identify bottlenecks. Loaded only with your consent via our cookie banner.
Sentry — Error monitoring service that receives error details and anonymized session data to help us identify and fix issues.
OpenAI — Optional AI assistant provider used only when you choose to connect Stocklyst to ChatGPT. OpenAI processes the tool inputs and outputs needed to answer the requests you send through that connector.
Anthropic — Optional AI assistant provider used only when you choose to connect Stocklyst to Claude. Anthropic processes the tool inputs and outputs needed to answer the requests you send through that connector.

These services process data only as necessary to provide their respective functions. Each service maintains its own privacy policy and security practices.

5. Cookies and Local Storage

Authentication Cookies

We use HTTP-only secure cookies to maintain your authentication session. These are essential for the service to function and cannot be disabled.

Local Storage

We use browser localStorage to store your preferences (selected branch, view mode, sort order) and your cookie consent choice.

Analytics Cookies

Vercel Analytics and Speed Insights are loaded only after you provide explicit consent via our cookie consent banner. If you reject analytics cookies, these services are never loaded and no analytics data is collected.

Error Monitoring

Sentry error monitoring runs automatically under our legitimate interest in maintaining service reliability. It collects error details and anonymized session data but does not use tracking cookies.

Managing Your Preferences

You can change your cookie preferences at any time by clicking the "Cookie Settings" link in the footer of any page. The cookie consent banner will reappear, allowing you to update your choice.

For a complete list of all cookies used on this site, their purposes, and durations, see our Cookie Policy.

6. Data Retention

Your account and business data is retained for as long as your account is active. Activity logs and audit trails are retained indefinitely for business compliance purposes. Verification codes expire and are deleted after 10 minutes. Team invitations and ownership transfer tokens expire after 7 days.

7. Legal Basis for Processing (GDPR)

We process your data under the following legal bases:

Contract — Processing your account information and business data is necessary to provide the inventory management service you signed up for.
Consent — Analytics cookies (Vercel Analytics and Speed Insights) are loaded only after you provide explicit consent via our cookie banner. You may withdraw consent at any time using the "Cookie Settings" link in the footer of any page.
Legitimate Interest — Error monitoring (Sentry) and security logging are necessary to maintain service reliability, investigate issues, and protect against abuse.

8. Your Rights

You have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your account and associated data
Export your business data

To exercise any of these rights, contact us at support@stocklyst.com.

9. Your California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

Categories of Personal Information Collected

Identifiers (email address, name, IP address)
Commercial information (inventory data, business records)
Internet or electronic network activity (search queries, activity logs, browser user agent)
Professional or employment-related information (company name, role)

Sale and Sharing of Personal Information

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We have not sold or shared personal information in the preceding 12 months.

Your Rights

As a California resident, you have the right to:

Know what personal information we collect, use, and disclose about you
Request deletion of your personal information
Opt out of the sale or sharing of your personal information
Not be discriminated against for exercising your privacy rights
Correct inaccurate personal information

To exercise any of these rights, contact us at support@stocklyst.com. We will verify your identity before processing your request. We will respond within 45 days of receiving your verified request.

10. Children's Privacy

Stocklyst is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised effective date.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

support@stocklyst.com

Start Free Trial