Last updated: April 7, 2026

This Privacy Policy describes how Stokio ("we", "us", "our") collects, uses, and protects your personal information when you use the Stokio platform ("Service").

1. Information We Collect

Account Information

When you register, we collect your name, email address, and password. If you register a store, we also collect the store name and business details you provide.

Business Data

As you use the Service, you may enter business data including products, inventory records, customer information, sales transactions, purchase orders, and supplier details. This data is stored to provide the Service and remains under your ownership.

Payment Information

Payments are made via bank transfer. We do not collect or store credit card numbers or bank account details.

Usage Data

We automatically collect information about how you interact with the Service, including:

IP address and approximate location
Browser type and operating system
Pages visited and features used
Error logs and performance data

2. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve the Service
Authenticate your identity and manage your account
Process your subscription and manage billing
Send important service notifications (account security, billing, downtime)
Monitor and prevent abuse or unauthorized access
Analyze usage patterns to improve features and performance
Respond to your support requests

3. Data Sharing

We do not sell your personal information. We share data only with:

Infrastructure providers — cloud hosting and database services necessary to operate the Service
Error monitoring — services like Sentry that help us detect and fix issues (no business data is shared, only technical error information)
Legal requirements — when required by law, court order, or governmental authority

4. Data Security

We implement industry-standard security measures to protect your data, including:

Encryption of data in transit (TLS/HTTPS)
Encryption of sensitive data at rest
Password hashing using bcrypt
JWT-based authentication with short-lived access tokens
Role-based access control within the platform
Multi-tenant data isolation (each store's data is separated)

While we take reasonable precautions, no system is 100% secure. We encourage you to use strong passwords and protect your account credentials.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you cancel your subscription or delete your account:

Your data will be retained for up to 30 days to allow for reactivation
After the retention period, your data will be permanently deleted
Aggregated, anonymized data may be retained for analytics purposes

6. Your Rights

Depending on your location, you may have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your data
Export your data in a portable format
Object to or restrict certain processing of your data

To exercise these rights, contact us at privacy@stokio.net.

7. Cookies and Local Storage

We use browser local storage to persist your authentication session, theme preference, and language preference. We do not use third-party tracking cookies on the Service.

8. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

9. International Data Transfers

Your data may be processed and stored in servers located outside your country of residence. By using the Service, you consent to this transfer. We ensure that appropriate safeguards are in place to protect your data in compliance with applicable laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

If you have questions about this Privacy Policy or how we handle your data, contact us at privacy@stokio.net.