Privacy Policy

Last Updated: April 2026

At HomeInventory, a service provided by Pedersen Software LLC ("Company", "we", "our", "us"), we understand that you are trusting us with highly sensitive information regarding your personal assets and home. We are committed to securing your data and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your information.

1. Information We Collect

To provide our vault services, we collect the following types of information:

Account Information: When you register, we collect your name, email address, and a master password (which is strictly stored using advanced Argon2id cryptographic hashing).
Vault Data: The core of our service relies on the data you choose to upload. This includes item names, valuations, purchase dates, descriptions, categories, and associated media (photos and digital receipts).
Payment Information: If you upgrade to a "Vault Pro" subscription, your payment details are processed directly by our secure third-party payment processor (Stripe). We do not store or process your full credit card numbers on our servers.
Technical Data: We utilize essential browser cookies (such as Session IDs and CSRF tokens) required strictly for keeping you securely logged in and preventing unauthorized actions on your behalf.

2. How We Use Your Information

We use your information exclusively to operate and maintain the HomeInventory platform. Specifically, we use it to:

Provide the secure database and reporting tools you requested.
Authenticate your login and prevent unauthorized access.
Process subscription payments and communicate billing status.
Send essential operational emails, such as password reset links or security alerts.
Optimize server performance (e.g., automatically resizing and compressing your uploaded images to ensure fast load times).

3. Information Sharing and Disclosure

We do not sell, rent, or trade your personal data or asset lists to third parties or advertisers. We only share data in the following strictly limited circumstances:

Service Providers: We share necessary data with trusted third parties who help us operate our business (e.g., Stripe for payment processing, and secure SMTP providers for sending password reset emails).
Legal Compliance: We may disclose your information if required to do so by law, court order, or to protect the safety and rights of HomeInventory, our users, or the public.

4. Data Security & Storage

Securing your vault is our highest priority. We implement robust technical measures, including:

Encryption: Passwords are never stored in plain text. We utilize Argon2id hashing algorithms.
Access Control: Strict database queries (IDOR prevention) ensure that users can only view, edit, or delete items associated with their unique User ID.
Session Security: We enforce session regeneration and strict cookie handling to mitigate hijacking risks.

Despite these measures, no internet-based system is 100% secure. You are responsible for keeping your master password confidential.

5. Your Data Rights & Portability

You have full control over the data stored in your vault. You maintain the right to:

Edit or Delete: You can permanently delete any item, photo, or record from your vault at any time via your dashboard.
Export: You may download a certified copy of your complete asset inventory in CSV format through the "Account Settings" page.
Account Deletion: If you wish to completely close your account and purge all associated data from our servers, you may request account deletion by contacting our support team.

6. Changes to this Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by email or through a prominent notice within your account dashboard. Continued use of the service after changes implies consent to the updated policy.

7. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact our security team at stephenspcshop@gmail.com.