Invinite Invinite Invinite
Home

Privacy Policy

Last updated: 01 June 2026

Operator: Ricasso Studios Limited (“Invinite”, “we”, “us”, “our”)
Contact: privacy@invinite.io
Website: https://www.invinite.io

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our websites, use the Invinite platform, or otherwise interact with us.

1. Scope and Roles

1.1 When we are a controller

We act as a data controller for personal information we collect about account holders, website visitors, billing contacts, and individuals who communicate with us.

1.2 When we are a processor

We act as a data processor when we store and process customer content on behalf of your organization — for example, inventory records, supplier details, purchase orders, and operational data entered by your team. In those cases, your organization is typically the controller and is responsible for having a lawful basis to provide that data to us. If you need a Data Processing Agreement, contact us at privacy@invinite.io.

2. Information We Collect

2.1 Account and profile information

  • Name and business email address
  • Organization name and settings (country, time zone, currency)
  • Password (stored in hashed form)
  • Role and permission assignments
  • Locale and notification preferences

2.2 Usage and device information

  • Sign-in timestamps and IP addresses
  • Actions performed in the Service, including audit logs
  • Device type, browser, and app version where applicable
  • Product usage events via analytics tools

2.3 Billing information

Subscription plan, billing period, and payment status. Payment method details are collected and processed by Airwallex; we receive limited billing metadata (such as transaction IDs and payment status), not full card numbers.

2.4 Customer Content

Data you and your users submit in the course of using the Service, which may include inventory items, supplier information, transactions, stocktake records, uploaded files (such as invoices or product images), and communications sent through the Service (such as purchase order emails to suppliers). Customer Content may include personal information about your employees or third parties. You control what is entered.

2.5 Communications

Emails and support messages you send us, and email delivery metadata for system emails sent via our email provider.

2.6 Website and marketing

Waitlist sign-ups and cookies or similar technologies (see Section 8).

We do not intentionally collect sensitive personal data. Do not submit such data unless necessary and lawful for your use case.

3. How We Use Information

We use personal information to:

  • provide and operate the Service;
  • manage accounts, billing, and subscriptions;
  • maintain security, prevent fraud, and keep audit trails;
  • respond to support requests;
  • improve the Service through analytics and product development;
  • comply with legal obligations; and
  • send service announcements, security alerts, and billing notices.

We rely on contract performance, legitimate interests, consent (where required), and legal obligation as applicable.

4. How We Share Information

We do not sell your personal information. We share information only as follows:

4.1 Service providers

We use trusted third parties to operate the Service, including:

  • Airwallex — payment processing and subscription billing;
  • Resend — transactional email delivery;
  • PostHog — product analytics and usage measurement;
  • Cloudflare (R2) — file and object storage; and
  • Cloud infrastructure providers — hosting, databases, and backups.

These providers process data on our instructions and under contractual safeguards.

4.2 At your direction

When you use features that send data to third parties (for example, emailing purchase orders to suppliers or POS integrations), sharing occurs at your instruction.

4.3 Legal and safety

We may disclose information if required by law, court order, or government request, or to protect the rights, safety, and security of Invinite, our users, or others.

4.4 Business transfers

If we are involved in a merger, acquisition, or asset sale, personal information may be transferred subject to this Privacy Policy or equivalent protections.

5. International Data Transfers

We may process and store information in countries other than your own, including the United States and other regions where our infrastructure and service providers operate. Where required, we implement appropriate safeguards for cross-border transfers. Your organization may be assigned a server region for Service delivery; this does not necessarily mean all processing (such as analytics or email) occurs exclusively in that region.

6. Data Retention

We retain personal information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements.

  • Account data: retained while your account is active and for a reasonable period afterward.
  • Customer Content: retained according to your plan’s data retention limits and account status.
  • Billing records: retained as required for tax and accounting purposes.
  • Logs and analytics: retained for a limited period appropriate to security and product improvement.

7. Your Rights and Choices

Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing of your personal information, to data portability, and to withdraw consent where processing is consent-based. You may also lodge a complaint with a supervisory authority.

To exercise these rights, contact privacy@invinite.io. We may need to verify your identity. Organization administrators may request export or deletion of Customer Content by contacting us.

8. Cookies and Analytics

We use cookies and similar technologies for essential operation (authentication, session management, security) and analytics (via PostHog) to improve the Service. You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality. Where required by law, we will obtain consent before non-essential cookies.

9. Security

We implement technical and organizational measures designed to protect personal information, including encryption in transit, access controls, and audit logging. No method of transmission or storage is completely secure. You are responsible for maintaining the confidentiality of your credentials and configuring user access within your organization.

10. Children

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children.

11. Third-Party Links

Our websites or documentation may link to third-party sites. We are not responsible for their privacy practices.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised version on our website and update the “Last updated” date. Material changes will be communicated where required by law.

13. Contact Us

For privacy questions, requests, or DPA inquiries:
Ricasso Studios Limited
Email: privacy@invinite.io

See also our Terms & Conditions.

Invinite Invinite Invinite

Inventory intelligence for multi-outlet F&B groups. Know your real COGS. See across every outlet. Make smarter decisions.

Product
  • Features
  • Pricing
  • FAQ
Legal
  • Terms & Conditions
  • Privacy Policy
Support
  • Documentation
  • Contact
© 2026 Ricasso Studios Limited. All rights reserved. Inventory without limits.