Privacy policy

Ostler is an inventory management service operated by Empreus (“we”, “us”), based in Australia. This policy explains what we collect, why, and the choices you have. It applies to the Ostler website and app.

What we collect

• Account & company details — your name, email, and the company information you enter at onboarding (legal name, ABN, phone, address, accounts email).
• Your business data — the products, stock, locations, suppliers, assets, purchase orders and related records you create in Ostler.
• Billing data — plan, subscription status and invoices. Card details are handled by Stripe; we never see or store full card numbers.
• Usage & technical data — log and device information, and strictly-necessary cookies used to keep you signed in.

How we use it

• To provide and operate the service for your organisation.
• To process subscriptions and send invoices and service emails.
• To provide support and to maintain, secure and improve Ostler.
• To meet legal and accounting obligations.

We do not sell your data. Newsletter subscribers can unsubscribe at any time.

Service providers

We share data only with the processors needed to run Ostler:

• Supabase — database, authentication and file storage.
• Vercel — application hosting.
• Stripe — subscription payments.
• Resend — transactional email.
• Xero — only if you connect it, to sync the data you choose.

Security & tenancy

Each organisation’s data is isolated with row-level security, encrypted in transit and at rest, and access is least-privilege. See our Security page for detail.

Your rights

You can access, correct, export or delete your data at any time — exports are free, forever. To request deletion of your account and associated data, contact us. We retain data while your account is active and for a reasonable period afterward to meet legal obligations.