Privacy Policy

We collect the minimum information required to operate the Services:

• Account data — name, work email, company, role, and authentication credentials.
• Customer content — data you or your users upload, sync, or generate within the Services (e.g. shipment records, emissions data, inventory ledgers, consent artifacts).
• Usage and device data — log data, IP address, browser, device identifiers, pages viewed, and actions taken.
• Communications — messages you send to support, sales, or via our forms.
• Cookies — strictly necessary, functional, and analytics cookies. See "Cookies" below.

• Provide, secure, and improve the Services.
• Authenticate users and prevent fraud, abuse, and unauthorised access.
• Provide customer support and respond to enquiries.
• Send service, security, and billing notices, and — with consent or as permitted — product updates.
• Comply with legal obligations and enforce our Terms.

We do not sell personal information, and we do not use customer content to train third-party AI models.

Where applicable law (e.g. GDPR, India's DPDP Act) requires a legal basis, we rely on: performance of a contract, legitimate interests (operating and improving the Services), compliance with legal obligations, and consent (where required, e.g. for certain marketing or cookies).

We share information only with:

• Subprocessors who provide hosting, analytics, email, monitoring, and support tooling, under contractual confidentiality and security obligations.
• Your authorised users and the workspace administrators of your organisation.
• Regulators or authorities where required by law, subpoena, or court order.
• Successors in the event of a merger, acquisition, or asset sale, subject to this policy.

Data may be processed in jurisdictions other than the one in which you reside. Where required, we use appropriate safeguards (e.g. Standard Contractual Clauses) for cross-border transfers.

We retain customer content for as long as your account is active or as needed to provide the Services. We retain limited records longer where required by law (e.g. tax, audit, dispute resolution). On termination, customer content is deleted or anonymised within a commercially reasonable period unless retention is legally required.

Depending on your jurisdiction, you may have the right to access, correct, export, restrict, or delete your personal information, to object to certain processing, and to withdraw consent. Contact us at possitivlabs@gmail.com to exercise these rights. Where Possitiv processes data on behalf of a customer, requests should be directed to that customer.

We implement technical and organisational measures designed to protect personal information. See our Security page for details. No system is perfectly secure; we cannot guarantee absolute security.

We use cookies and similar technologies that are strictly necessary for the Services and, with your consent where required, for analytics and product improvement. You can control cookies through your browser settings.

The Services are intended for business use and not directed to children under 16.

We may update this policy from time to time. Material changes will be communicated through the Services or by email. Continued use of the Services after the effective date constitutes acceptance.

Possitiv · possitivlabs@gmail.com