Last updated: February 16, 2026
This Privacy Policy describes how Aventronix LLC ("Company," "we," "us," or "our") collects, uses, stores, and shares information when you use PantryLedger ("Service"). By using the Service, you consent to the practices described in this policy.
1.1 Account Information
When you register, we collect your name, email address, phone number, password (hashed), business name, business type, business address, and business phone number.
1.2 Business Data
Through your use of the Service, we collect and store pantry inventory data (item names, quantities, prices, categories, vendors), recipe information, vendor contact details, and analytics derived from this data.
1.3 Receipt Images & OCR Data
When you upload receipt images, we store the images in secure cloud storage (Supabase Storage) and process them using Google Cloud Vision API for optical character recognition. The extracted text, including vendor names, item names, prices, dates, and payment methods, is stored in our database. Receipt images may contain sensitive business information.
1.4 Payment Information
Payment processing is handled by Stripe. We do not store credit card numbers, bank account details, or other financial instrument data on our servers. We store only Stripe customer IDs, subscription IDs, and billing status (plan type, renewal date).
1.5 Usage Data
We may collect standard log data such as IP addresses, browser type, pages viewed, and timestamps for security, analytics, and service improvement purposes.
We use collected information to:
(a) Provide, maintain, and improve the Service; (b) Process receipt images and extract structured data via OCR; (c) Calculate inventory costs, recipe costs, and spending analytics; (d) Process subscription payments through Stripe; (e) Send transactional emails (account confirmation, password reset, billing notices); (f) Respond to support requests; (g) Detect and prevent fraud, abuse, or security incidents; (h) Comply with legal obligations.
We do not sell, rent, or trade your personal or business data. We share data only with:
Supabase Inc. — Database hosting, authentication, and file storage. Data is stored in Supabase-managed PostgreSQL databases with row-level security. Google Cloud (Google LLC) — Receipt images are sent to Google Cloud Vision API for OCR processing. Google's data handling is governed by their Cloud Data Processing Addendum. Stripe Inc. — Payment processing. Stripe handles all payment instrument data per their privacy policy. Vercel Inc. — Application hosting and content delivery. Law enforcement — If required by law, subpoena, court order, or governmental request.
Your data is stored in cloud infrastructure provided by Supabase with servers located in the United States. We implement industry-standard security measures including: encrypted connections (TLS/SSL), row-level security (RLS) policies isolating business data, hashed passwords (bcrypt via Supabase Auth), private storage buckets for receipt images, and environment-variable-secured API keys. However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
We retain your data for as long as your account is active. Upon account deletion, we will delete your personal data and business data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., billing records for tax compliance). Anonymized, aggregate data may be retained indefinitely.
Depending on your jurisdiction, you may have the right to:
(a) Access the personal data we hold about you; (b) Request correction of inaccurate data; (c) Request deletion of your data ("right to be forgotten"); (d) Export your data in a portable format; (e) Withdraw consent for data processing; (f) Object to certain types of processing; (g) Lodge a complaint with a supervisory authority.
To exercise any of these rights, contact us at privacy@aventronix.com. We will respond within 30 days.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your data, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your CCPA rights, contact privacy@aventronix.com.
The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
We use essential cookies for authentication and session management. We do not use third-party advertising cookies or cross-site tracking. Analytics, if implemented, will use privacy-respecting, cookieless solutions.
If you access the Service from outside the United States, your data may be transferred to and processed in the United States. By using the Service, you consent to this transfer.
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the Service at least 30 days before the changes take effect. The "Last updated" date at the top indicates the most recent revision.
For privacy-related inquiries:
Aventronix LLC
Frisco, Texas
Email: privacy@aventronix.com
General: support@aventronix.com