Last updated: March 28, 2026
MillSync ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Computerized Maintenance Management System (CMMS) platform ("the Service"). By using the Service, you consent to the data practices described in this policy.
Account Information: When you register, we collect your name, email address, and password (stored in encrypted form). Organization administrators may also provide an organization name and invite code.
Usage Data: We automatically collect information about how you interact with the Service, including pages visited, features used, timestamps, and device information (browser type, operating system, screen resolution).
Operational Data: Data you input into the Service, including machine records, work orders, maintenance schedules, parts inventory, employee information, photos, and any other content you create or upload.
Payment Information: Payment processing is handled entirely by Stripe, our third-party payment processor. We do not store, process, or have access to your full credit card numbers, CVV codes, or bank account details. We only store Stripe customer and subscription identifiers for account management purposes.
We use the information we collect to: (a) provide, operate, and maintain the Service; (b) process your transactions and manage your subscription; (c) communicate with you about your account, including service announcements and support responses; (d) improve and optimize the Service; (e) detect, prevent, and address technical issues and security threats; and (f) comply with legal obligations.
Each organization's data is logically isolated from other organizations within our system. We implement industry-standard security measures, including: encrypted data transmission (TLS/SSL), encrypted password storage (bcrypt hashing), secure session management with JWT tokens, and access controls that restrict data access to authorized users within each organization.
While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
Service Providers: We share limited information with third-party service providers who assist in operating the Service, including Stripe (payment processing), cloud hosting providers (data storage), and email service providers (transactional emails). These providers are contractually obligated to protect your information.
Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change in ownership.
We retain your data for as long as your account is active or as needed to provide the Service. Upon subscription cancellation, your data is retained for 90 days to allow for reactivation. After 90 days, or upon immediate deletion request, all data is permanently and irreversibly deleted from our systems, including backups, within 30 days of the deletion trigger.
We use essential cookies for authentication and session management. These cookies are necessary for the Service to function and cannot be disabled. We may also use analytics tools to understand usage patterns and improve the Service. We do not use cookies for advertising purposes.
Depending on your jurisdiction, you may have the following rights regarding your personal data: (a) the right to access your data; (b) the right to correct inaccurate data; (c) the right to delete your data; (d) the right to restrict processing; (e) the right to data portability; and (f) the right to object to processing. To exercise any of these rights, please contact us through the support ticket system within the application.
The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from the laws of your jurisdiction. By using the Service, you consent to the transfer of your information to the United States and other countries where we operate.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.
If you have questions or concerns about this Privacy Policy or our data practices, please contact us through the support ticket system available within the application, or visit our website at millcoresystems.org.