Effective: May 26, 2026
AssetCare ("we", "our", or "us") is operated by AssetCare. This Privacy
Policy explains what information we collect when you use the AssetCare mobile application
and related services, how we use it, and the choices you have.
By using AssetCare you agree to the practices described in this policy. If you do not
agree, please do not use the app.
1. Information We Collect
Account information
- Email address and hashed password when you register with email.
- Email address provided by Google when you sign in with Google.
- Organization name you enter during onboarding.
- Country code, used to determine your pricing tier.
Asset and tracker data
- Asset names, categories, odometer readings, installation dates, and notes you enter.
- Tracker configurations (maintenance intervals, odometer thresholds).
- Tracker events you log (service records, odometer updates).
- Expense records associated with your assets.
Subscription and payment information
- Your selected subscription plan and billing status.
- For local (Yemen) bank-transfer payments: the sender name and transaction reference you
provide so we can verify the transfer. We do not collect bank account numbers or card
numbers.
- For global payments (Stripe / Google Pay): payment processing is handled entirely by
the third-party provider. We receive only a transaction reference and confirmation
status — we never see or store your card details.
Technical data collected automatically
- Authentication tokens stored securely on your device.
- Locally cached copies of your asset and tracker data (stored in an encrypted on-device
database for offline access).
We do not collect location data, contacts, camera input, or any other
device sensor data.
2. How We Use Your Information
- To create and manage your account and organization.
- To store, sync, and display your assets, trackers, and maintenance records.
- To process subscription payments and verify bank transfers.
- To send push notifications about upcoming or overdue maintenance (only if you grant
notification permission).
- To authenticate you and protect your account (token-based auth with automatic
invalidation on password change or account deletion).
- To improve the reliability and performance of our service.
We do not sell your data, use it for advertising, or share it with
third parties for their own marketing purposes.
3. Data Sharing
We share your information only in the following limited circumstances:
- Google Sign-In (Google LLC) — if you choose to sign in with Google,
Google provides us your email address under their
Privacy
Policy.
- Payment processors — global payments are processed by Stripe and/or
Google Pay under their own privacy policies. We share only the information needed to
complete the transaction.
- Infrastructure providers — our servers run on cloud infrastructure.
Your data is stored in secured databases accessible only to our service.
- Legal obligations — we may disclose information if required by law or
to protect the rights and safety of our users.
4. Data Retention
We retain your account and asset data for as long as your account is active. If you
delete your account:
- Your account is soft-deleted immediately and all active sessions are invalidated.
- You have a 30-day recovery window — logging in within that window
fully restores your account.
- After 30 days, your account and all associated data (assets, trackers, events,
expenses) are permanently deleted from our servers.
Payment records may be retained for up to 7 years to comply with financial regulations.
5. Data Security
- Passwords are stored as bcrypt hashes — we never store plaintext passwords.
- All communication between the app and our servers uses HTTPS/TLS.
- Authentication tokens are stored in your device's secure storage and are scoped to
your account. Changing your password or deleting your account immediately invalidates
all tokens.
- All data is isolated per organization — no user can access another organization's
data.
6. Your Rights
You have the right to:
- Access — view all your data inside the app at any time.
- Correction — update your account and asset data through the app.
- Deletion — delete your account from the app's Settings screen.
All data is permanently erased within 30 days.
- Data portability — Pro and Business subscribers can export their
asset and tracker data in CSV format.
To exercise any right not directly available in the app, or if you have a privacy
concern, contact us at
contact@einvara.com.
7. Children's Privacy
AssetCare is not directed at children under the age of 13 (or the applicable minimum
age in your jurisdiction). We do not knowingly collect personal information from children.
If you believe a child has provided us with personal data, please contact us and we will
delete it promptly.
8. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the
"Effective" date at the top of this page. For significant changes, we will notify you
through the app or by email. Continued use of AssetCare after changes become effective
constitutes your acceptance of the updated policy.
9. Contact Us
If you have questions or requests regarding your privacy, please reach out:
AssetCare
Email:
contact@einvara.com