Privacy Policy
Effective date: February 17, 2026 · Last updated: February 17, 2026
EGGlogU 360 is a poultry farm management tool. Your farm data is yours. We built this platform to help you run your operation, not to monetize your information. This policy explains exactly what we collect, why, and what we do (and don't do) with it.
1. What Data We Collect
Account information
- Email address
- Name
- Organization name
- Password (stored as a bcrypt hash; we never see your plaintext password)
Farm operational data
This includes all data you enter into the platform:
- Production records (egg counts, mortality, flock data)
- Health records (symptoms, treatments, vaccinations)
- Feed records (consumption, suppliers, costs)
- Environmental data (temperature, humidity)
- Biosecurity logs (visitors, pest sightings, disinfection)
- Financial records (sales, expenses, client data)
- Traceability data (QR codes, batch tracking)
Technical data
- Browser type and version (for compatibility)
- Device type (for responsive layout)
- Language preference
2. How We Use Your Data
- Provide the service: Store, process, and display your farm data so you can manage your operation.
- Sync across devices: Keep your cloud and offline (IndexedDB) data in sync.
- Improve the product: Aggregate, anonymized usage patterns help us understand which features matter most. We never look at individual farm data for this purpose.
- Send service notifications: Account confirmations, billing receipts, security alerts, and important product updates. No marketing spam.
3. What We Don't Do
We do not sell your data. Not to advertisers, data brokers, or anyone else.
We do not share your data with third parties for marketing purposes.
We do not access your farm data without your explicit permission. If you contact support and grant us access, we may view your data solely to resolve your issue.
We do not train AI models on your individual farm data.
4. Data Storage
| Location | Technology | Purpose |
|---|
| Cloud | PostgreSQL | Primary data storage, synced across devices |
| Your device | IndexedDB | Offline mode, local cache for PWA functionality |
Cloud data is hosted on secured infrastructure with HTTPS encryption in transit. Local IndexedDB data resides on your device and is subject to your device's own security.
5. Cookies and Local Storage
We use minimal cookies and local storage:
- JWT authentication token: Keeps you logged in. Stored in local storage. Expires and is refreshed automatically.
- Language preference: Remembers your selected language.
We do not use tracking cookies, analytics cookies, or third-party advertising cookies.
6. Data Retention
- Active accounts: Your data is retained as long as your account is active.
- Cancelled accounts: Upon account deletion, all your data is permanently removed from our servers within 30 days.
- Billing records: We may retain minimal billing records as required by law (payment amounts and dates, not card details).
7. Your Rights
You have the right to:
- Access all data associated with your account at any time.
- Export your data in standard formats (CSV, JSON) from within the application.
- Delete your data and account at any time. This action is irreversible.
- Correct any inaccurate data through the application interface.
8. Third-Party Services
We use a limited number of third-party services to operate the platform:
| Service | Purpose | Data shared |
|---|
| Stripe | Payment processing | Email, billing info (card data goes directly to Stripe, not our servers) |
| Resend | Transactional email | Email address, message content |
| Google OAuth | Optional social login | Email, name (only if you choose to sign in with Google) |
These services have their own privacy policies. We only share the minimum data required for each service to function.
9. Children
EGGlogU 360 is not intended for users under the age of 16. We do not knowingly collect personal information from children. If you believe a child under 16 has created an account, please contact us and we will delete it promptly.
10. Security
We take reasonable measures to protect your data:
- HTTPS: All data transmitted between your device and our servers is encrypted with TLS.
- Password hashing: Passwords are hashed using bcrypt. We never store plaintext passwords.
- JWT tokens: Authentication tokens are signed and have expiration times.
- Access control: Multi-tenant architecture ensures users can only access data belonging to their organization.
No system is 100% secure. If you discover a security vulnerability, please report it to [email protected].
11. GDPR (European Union Users)
If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):
- Legal basis: We process your data based on contractual necessity (providing the service you signed up for) and legitimate interest (improving the platform).
- Data portability: You can request a copy of your data in a machine-readable format.
- Right to erasure: You can request deletion of all your personal data.
- Right to restriction: You can request that we limit how we process your data.
- Right to object: You can object to data processing based on legitimate interest.
- Supervisory authority: You have the right to lodge a complaint with your local data protection authority.
To exercise any of these rights, contact us at [email protected].
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email and update the "Last updated" date at the top of this page. Continued use of the platform after changes take effect constitutes acceptance of the updated policy.
13. Contact
For questions, concerns, or data requests related to this Privacy Policy, contact us at:
Email: [email protected]