privacyPolicy

1. privacyIntro

Caskra OÜ ("Caskra", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our production management software service.

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using Caskra, you consent to the practices described in this policy.

2. privacyController

3. privacyDataCollected

privacyAccountData

• Name and email address
• Organization/company name
• Password (encrypted)
• Two-factor authentication settings

privacyProductionData

• Batch records and production data
• Inventory information
• Recipes and formulations
• Quality control measurements
• Customer and supplier information you enter

privacyTechnicalData

• IP address
• Browser type and version
• Device information
• Usage patterns and feature interactions
• Error logs for debugging

4. privacyLegalBasis

We process your data based on:

• Contract: To provide you with our services as per our agreement
• Legitimate Interest: To improve our services, prevent fraud, and ensure security
• Consent: For analytics and marketing (you can withdraw consent anytime)
• Legal Obligation: To comply with applicable laws and regulations

🍪 5. privacyCookies

We use cookies and similar technologies to enhance your experience. You can manage your cookie preferences at any time.

6. privacyRetention

• Account data: Until you delete your account + 30 days
• Production data: Until you delete it or your account
• Analytics data: 26 months (Google Analytics default)
• Error logs: 90 days
• Backup data: Up to 90 days after deletion

7. privacySharing

We may share your data with:

• Service providers: Hosting (Vercel), database (Nile), payment (Stripe)
• Analytics: Google Analytics, PostHog (with consent only)
• Legal requirements: When required by law or to protect our rights

We do not sell your personal data to third parties.

8. privacyRights

Under GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a machine-readable format
• Object: Object to processing based on legitimate interest
• Withdraw consent: Withdraw consent for analytics at any time

To exercise these rights, contact us at privacy@caskra.com

9. privacySecurity

We protect your data using:

• HTTPS encryption for all data in transit
• Encrypted database storage
• Two-factor authentication option
• Regular security audits
• Access controls and audit logs

10. privacyTransfers

Your data may be processed outside the EU/EEA. When this happens, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions. Our primary service providers (Vercel, Nile, Stripe) maintain EU-compliant data processing agreements.

11. privacyUpdates

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.

12. privacyContact

For any privacy-related questions or to exercise your rights:

You also have the right to lodge a complaint with your local data protection authority (e.g., Estonian Data Protection Inspectorate).