Effective upon app store launch.
Privacy Policy
This Privacy Policy describes how Where's My Wrench ("we", "our", or "us") collects, uses, and shares information about you when you use our tool tracking application ("Service"), whether through our mobile apps (iOS and Android), web application, or website. If you do not agree with this policy, please do not use our Service.
wheresmywrench.com/privacy.
We recommend reading this Privacy Policy in full to ensure you are fully informed. However, if you only want to access a particular section, you can click on the relevant link below to jump to that section.
Table of Contents
- 1. About Where's My Wrench
- 2. Information We Collect
- 3. How We Use Your Information
- 4. Legal Basis for Processing (European Users)
- 5. How We Share Your Information
- 6. Cookies and Tracking Technologies
- 7. Data Retention
- 8. Your Data Protection Rights
- 9. Data Security
- 10. International Data Transfers
- 11. Children's Privacy
- 12. Changes to This Policy
- 13. How to Contact Us
🔑 Key Privacy Points
- Offline First: Your tool data works 100% offline by default
- Optional Sync: Cloud features are completely optional - you control what's shared
- Analytics for Improvement: We collect usage analytics by default to improve the product (you can opt out anytime)
- Business Insights: We may analyze anonymized, aggregated data for business purposes
- Data Retention: We retain data for a minimum of 2 years for business and legal purposes
- Your Control: You can export or delete your data at any time
- No Personal Data Sales: We never sell your identifiable personal information
1. About Where's My Wrench
Where's My Wrench is a tool inventory management application designed to help individuals and businesses track, organize, and manage their tools and equipment. Our Service uses machine learning for tool recognition, offers offline-first functionality, and provides optional cloud synchronization.
Our core features include:
- Visual tool identification using AI/ML
- Comprehensive tool categorization and organization
- Photo documentation and storage
- Location tracking for tools
- Multi-user support for teams
- Offline-first architecture with optional cloud sync
2. Information We Collect
The personal information we collect falls into the following categories:
Information You Provide
Account and Profile Information
When you create an account, we collect:
- Email address (for authentication and communication)
- Password (encrypted using bcrypt)
- Name (optional, for personalization)
- Profile photo (optional)
- Time zone and language preferences
- Account type (Free, Pro, or Business tier)
Subscription and Payment Information
If you upgrade to a paid plan:
- Subscription tier (Pro: $5/month, Business: $20/month)
- Billing address and contact information
- Payment method (processed by Stripe - we don't see card numbers)
- Transaction history and invoices
- Usage metrics relevant to your plan limits
Tool and Inventory Data
When you use our Service, you may provide:
- Tool names, descriptions, and categories
- Tool photos and documentation
- Purchase information and values (optional)
- Location and storage information
- Maintenance records and notes
- Custom tags and organization data
Communications
When you contact us, we collect:
- Support inquiries and feedback
- Feature requests and bug reports
- Survey responses (optional)
- Email correspondence
Feedback System Data
When you submit feedback through our in-app system:
- Feedback type (bug, feature request, improvement, compliment)
- Priority level you assign
- Optional rating (1-5 stars)
- Your feedback message
- Device information (platform, app version)
- Account email (if logged in, for response purposes)
Information We Collect Automatically
Usage Analytics
We collect analytics data to understand how our Service is used:
- Features used and frequency
- Session duration and engagement metrics
- Error reports and crash data
- Performance metrics (load times, sync duration)
- Search queries (anonymized)
- Tool categories and counts (aggregated)
- App version and platform information
| Data Type | Purpose | Can Opt Out? |
|---|---|---|
| Feature Usage | Product improvement | ✅ Yes |
| Crash Reports | Bug fixes & stability | ✅ Yes |
| Performance Metrics | Speed optimization | ✅ Yes |
| Account Security | Fraud prevention | ❌ No |
Device Information
We automatically collect certain device information:
- Device type and model
- Operating system and version
- Screen resolution and size
- App version and build number
- Network type (WiFi/cellular)
- Approximate location (country/region from IP)
- Browser type (web version)
Information from Third Parties
We may receive information from:
- Payment Processors: Transaction confirmations from Stripe (we don't store payment details)
- Business Partners: When using team features, your organization may provide information
- App Stores: Installation and update metrics from Google Play and Apple App Store
3. How We Use Your Information
We use your information for the following purposes:
Service Delivery
- Provide core tool tracking functionality
- Enable cloud synchronization (if activated)
- Process tool recognition and categorization
- Generate reports and insights about your inventory
- Send important service notifications
Product Improvement
- Analyze feature usage to prioritize development
- Identify and fix bugs and performance issues
- Train and improve our ML models (using anonymized data)
- Develop new features based on usage patterns
- Optimize user experience and workflows
Business Operations
- Generate aggregated insights about tool usage patterns
- Create industry benchmarks and reports
- Support business development and partnerships
- Develop anonymized market insights for licensing
- Comply with legal and regulatory requirements
- Protect against fraud and abuse
Communications
- Send service updates and important notices
- Respond to support requests
- Share product updates and new features (if subscribed)
- Conduct user research and surveys (optional)
3.1 Automated Decision-Making and ML
We use machine learning and automated systems in the following ways:
Tool Recognition
- What it does: Analyzes photos to identify and categorize tools
- How it works: Uses pattern recognition and computer vision
- Data used: Photo pixels, colors, shapes (processed locally first)
- Human review: All suggestions can be overridden by you
- Accuracy: Currently 70-75%, improving with usage
Smart Recommendations
- Purpose: Suggest relevant tools, accessories, and maintenance items
- Based on: Your tool inventory, usage patterns, and category preferences
- Affiliate disclosure: Some recommendations include affiliate links that support our Service
- Control: You can disable recommendations in Settings
3.2 Push Notifications and Communications
Push Notifications
If you enable push notifications, we may send:
- Maintenance reminders for your tools
- Sync completion confirmations
- Security alerts (unusual login activity)
- Important service updates
- Feature announcements (can disable)
Email Communications
| Type | Purpose | Can Unsubscribe? |
|---|---|---|
| Transactional | Password reset, security alerts | ❌ No (required) |
| Product Updates | New features, improvements | ✅ Yes |
| Tips & Tricks | Usage tips, best practices | ✅ Yes |
| Promotional | Special offers, upgrades | ✅ Yes |
4. Legal Basis for Processing (European Users)
If you are in the European Economic Area (EEA) or United Kingdom, we process your information only where we have a legal basis:
Contract Performance
We process data necessary to provide the Service you requested:
- Account creation and authentication
- Tool data storage and synchronization
- Customer support
Legitimate Interests
We process data based on our legitimate business interests:
- Product analytics and improvement
- Security and fraud prevention
- Business insights from aggregated data
- Direct marketing to existing customers
Consent
We process data based on your consent for:
- Marketing communications to non-customers
- Optional features like location services
- Participation in research studies
Legal Obligations
We process data to comply with legal requirements:
- Tax and accounting records
- Response to legal requests
- Regulatory compliance
5. How We Share Your Information
We share your information only in the following circumstances:
Service Providers
We work with trusted third parties who help us operate our Service:
- Infrastructure: Cloud hosting providers (for sync features)
- Analytics: Error tracking and performance monitoring
- Communications: Email service providers
- Payment Processing: Stripe (we don't see card details)
- Support: Customer support tools
Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or control.
Aggregated and Anonymized Data
Legal Requirements
We may disclose information if required to:
- Comply with legal obligations
- Respond to valid legal requests
- Protect rights, property, or safety
- Investigate fraud or security issues
With Your Consent
We may share information with your explicit consent, such as:
- Team sharing features
- Public tool catalogs (if you choose to publish)
- Integration with third-party services you authorize
6. Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Keep you logged in
- Remember your preferences
- Understand how you use our Service
- Improve performance
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication, security | Session/1 year |
| Functional | Preferences, settings | 1 year |
| Analytics | Usage patterns, improvements | 2 years |
You can control cookies through your browser settings. Note that disabling cookies may limit some features.
7. Data Retention
Retention Periods
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Data | Duration of account + 2 years | Service delivery, legal requirements |
| Tool Data | Until deletion request + 30 days backup | Data recovery, sync integrity |
| Analytics Data | 2 years minimum | Product improvement, business insights |
| Support Communications | 3 years | Service quality, legal protection |
| Legal Records | As required by law | Regulatory compliance |
Deletion
When you request account deletion:
- Personal identifiers are removed within 30 days
- Anonymized analytics data may be retained
- Backups are purged within 90 days
- Legal records retained as required
8. Your Data Protection Rights
Depending on your location, you have the following rights:
Access and Portability
- Access: Request a copy of your personal data
- Portability: Receive your data in a machine-readable format
- Export: Download your tool data anytime from the app
Control and Correction
- Update: Correct inaccurate personal information
- Delete: Request deletion of your data (subject to legal requirements)
- Restrict: Limit how we process your data
- Object: Opt out of certain processing activities
Marketing and Analytics
- Unsubscribe: Opt out of marketing emails anytime
- Analytics Opt-Out: Disable analytics in Settings → Privacy
- Cookie Preferences: Manage through browser settings
Specific Regional Rights
How to Exercise Your Rights
To exercise any of these rights:
- Use in-app privacy controls where available
- Email us at privacy@wheresmywrench.com
- Include your account email and specific request
- We'll respond within 30 days
9. Data Security
We implement appropriate technical and organizational measures to protect your data:
Technical Safeguards
- Encryption in transit (TLS/SSL)
- Encryption at rest for sensitive data
- Bcrypt password hashing
- Regular security audits
- Secure development practices
Operational Safeguards
- Access controls and authentication
- Regular backups
- Incident response procedures
- Employee training
- Vendor security assessments
9.1 Data Breach Notification
In the event of a data breach that may affect your personal information:
- Assessment: We'll investigate immediately to determine scope and impact
- Notification Timeline: Within 72 hours to authorities (if required)
- User Notification: Via email and in-app alert if your data is affected
- Information Provided: Nature of breach, data involved, and steps to protect yourself
- Our Actions: Remediation steps and security improvements implemented
9.2 Service Providers and Subprocessors
We work with the following categories of service providers who may process your data:
| Category | Provider Examples | Purpose | Location |
|---|---|---|---|
| Cloud Infrastructure | Self-hosted servers | Data storage, processing | US, Germany |
| Email Service | Brevo (SendinBlue) | Transactional emails | France |
| Payment Processing | Stripe | Subscription billing | US |
| Error Tracking | Sentry | Crash reporting | US |
| Analytics | Self-hosted solution | Usage metrics | US |
All service providers are bound by data processing agreements to protect your information.
9.3 Do Not Track Signals
Your browser may offer a "Do Not Track" (DNT) option. Currently:
- There's no industry standard for DNT signal handling
- We don't specifically respond to DNT signals
- You can control tracking through our Settings → Privacy options
- Analytics can be disabled regardless of DNT status
9.4 Beta Features and Testing Programs
If you participate in beta testing or early access programs:
- Additional Data: We may collect extra debugging and performance data
- Feedback: Your feedback and bug reports help improve features
- Experimental Features: May have different privacy implications (we'll notify you)
- Opt-in Only: Beta features require explicit consent
- Exit Anytime: You can leave beta programs in Settings
9.5 Links to Other Services
- Affiliate Links: Product recommendations may include affiliate tracking
- Social Media: Sharing features may send data to social platforms
- App Stores: Downloads through Google Play or Apple App Store are subject to their policies
10. International Data Transfers
Your data may be transferred to and processed in countries other than your own:
- Our servers are located in the United States and Germany
- We use standard contractual clauses for EU data transfers
- Service providers may process data globally
- We ensure appropriate safeguards are in place
11. Children's Privacy
Our Service is not directed to children under 16. We do not knowingly collect personal information from children under 16. If you are under 16:
- Please do not use our Service
- Do not provide any personal information
- Have a parent or guardian contact us
If we learn we've collected data from a child under 16, we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes:
- We'll update the version number and date at the top
- For significant changes, we'll notify you via email or in-app
- Continued use after changes constitutes acceptance
- Previous versions are archived for reference
13. How to Contact Us
If you have questions about this Privacy Policy or our data practices:
Data Protection Officer
Email: privacy@wheresmywrench.com
Mail: Where's My Wrench
Attn: Privacy Team
Tampa, Florida 33606
United States
Response Times
- General inquiries: 3-5 business days
- Data requests: Within 30 days
- Security issues: Within 24 hours
Supervisory Authorities
If you're in the European Economic Area and believe we haven't adequately addressed your concerns, you have the right to lodge a complaint with your local data protection authority.