GoldSteel
Sign inStart Free Trial

Privacy Policy

Last updated: February 9, 2026

1. Introduction

GoldSteel ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use the GoldSteel jewelry inventory management platform. By accessing or using our service, you agree to the practices described in this policy.

2. Information We Collect

We collect the following types of information to provide and improve our service:

  • Account Information — Your name, email address, and authentication credentials used to create and manage your GoldSteel account.
  • Inventory Data — Jewelry items, categories, sales records, and related business data you enter into the platform.
  • Usage Data — Anonymous analytics about how you interact with the platform, including page views, feature usage, and session information.
  • Payment Information — Subscription and billing data processed securely by Stripe. GoldSteel does not store your credit card numbers or full payment details.

3. How We Use Your Data

We use the information we collect for the following purposes:

  • Provide and maintain the GoldSteel inventory management service, including live metal pricing and automatic cost calculations.
  • Calculate jewelry pricing based on metal costs, labor, stone costs, and your configured margin settings.
  • Process subscription payments and manage your billing through Stripe.
  • Improve the platform by analyzing aggregated, anonymized usage patterns.
  • Send essential service communications such as account notifications, subscription updates, and security alerts.

4. Data Storage and Security

Your data is stored in a PostgreSQL database managed by Supabase, hosted on secure cloud infrastructure. All data is encrypted at rest and in transit via HTTPS. Supabase Row Level Security (RLS) policies are enforced at the database level, ensuring that each user can only access their own data. No other user or unauthorized party can view your inventory, sales, or account information.

5. Payment Processing

All payment processing is handled by Stripe, a PCI DSS Level 1 compliant payment processor. GoldSteel never receives, stores, or has access to your full credit card number or payment method details. We store only your Stripe customer ID and subscription ID to manage your account and billing status.

6. Cookies and Tracking

GoldSteel uses a limited number of cookies and tracking technologies:

  • Authentication Cookies — Essential cookies managed by Supabase to maintain your login session. These are required for the service to function.
  • Vercel Analytics — Anonymous, aggregated usage metrics to help us understand how the platform is used and where to make improvements.
  • No Advertising Cookies — We do not use any third-party advertising cookies or tracking pixels. Your data is never sold to advertisers.

7. Third-Party Services

We rely on the following trusted third-party services to operate GoldSteel:

  • Supabase — Database hosting, authentication, and Row Level Security.
  • Stripe — Secure payment processing and subscription management.
  • Vercel — Application hosting, deployment, and anonymous analytics.
  • Metals Price API Providers — Real-time precious metal pricing data for gold, silver, and platinum.

Each of these services maintains their own privacy policies and security practices. We encourage you to review their respective policies for more information.

8. Data Retention

We retain your personal data and inventory information for as long as your account remains active. If you choose to delete your account, we will remove your personal data and associated inventory records within 30 days of the deletion request. Certain anonymized, aggregated data may be retained beyond this period for analytical purposes, but it will not be identifiable to you.

9. Your Rights

You have the following rights regarding your data:

  • Export Your Data — Download your inventory and sales data at any time via CSV export from the dashboard.
  • Request Account Deletion — Contact us to request complete deletion of your account and all associated data.
  • Update Personal Information — Modify your name, email, and other account details through your settings page.
  • Opt Out of Marketing — Unsubscribe from any non-essential communications at any time. Essential service notifications (such as billing and security alerts) cannot be opted out of.

10. Data Security Measures

We take the security of your data seriously and implement the following measures:

  • All data transmitted between your browser and our servers is encrypted via HTTPS (TLS).
  • Supabase Row Level Security (RLS) ensures strict data isolation between users at the database level.
  • Sensitive credentials, such as third-party API tokens, are stored using AES-256-GCM encryption.
  • We follow regular security practices including dependency updates, vulnerability monitoring, and secure coding standards.

11. Children's Privacy

GoldSteel is a business tool designed for professional jewelers and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a user under 18, we will take steps to delete that information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal and regulatory reasons. If we make material changes, we will notify you via email at the address associated with your account. We encourage you to review this policy periodically. Your continued use of GoldSteel after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please reach out to us through our contact page.