Privacy Policy
Effective date: May 4, 2026
Last updated: May 5, 2026 — added Stripe refunds + dispute tracking
1. Who We Are
JewelTrak ("JewelTrak," "we," "us," or "our") is a cloud-based jewelry store management software platform operated by JewelTrak, based in Florida, United States. Our application is accessible at app.jeweltrak.com. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.
2. Information We Collect
Account & Billing Information
When you register for JewelTrak, we collect your name, business name, email address, and a password. Billing information (credit card number, expiration date, billing address) is collected and processed directly by our payment processor, Stripe, Inc. JewelTrak does not store raw payment card data.
Business Data You Enter
All inventory records, customer profiles, sales orders, repair tickets, appraisals, memos, and other operational data you enter into JewelTrak is your data. We store it on your behalf in an isolated, schema-scoped PostgreSQL database — no other JewelTrak customer can access your data.
Customer Data from Connected Sales Channels
If you choose to connect a third-party sales channel such as Shopify, JewelTrak imports order and customer information from that channel solely to populate JewelTrak invoices, inventory records, and fulfillment workflows on your behalf. The customer data we may ingest from these channels includes customer name, email address, shipping and billing address, and phone number — only the fields needed to fulfill the order on your behalf. This data is stored in your isolated tenant database and is treated identically to data you enter directly into JewelTrak. We do not access, ingest, or process customer fields beyond what is required for the connected workflow (e.g., we do not collect IP address, geolocation, browser fingerprint, or marketing-consent flags from connected channels).
Customer Payment Data (Stripe Connect)
If you connect a Stripe account to accept customer card payments, payments flow directly between your customer and your Stripe account; JewelTrak never holds funds and never sees full card numbers, CVV, or other sensitive cardholder data. Stripe handles all PCI-DSS-regulated information directly. From Stripe we receive only the metadata required to reconcile payments with JewelTrak invoices: the Stripe payment intent ID, charge ID, customer ID, payment method type (e.g. "card", "us_bank_account"), card brand, last four digits, and payment status. We store these on your isolated tenant database. We do not store or transmit full card numbers or CVV to or from any system under our control.
When the merchant chooses to email a payment link to a customer, JewelTrak sends the email via Resend (see Third-Party Services below) using the customer's email address from your tenant data. The hosted payment page itself is operated by Stripe.
In-person (Stripe Terminal): if the merchant uses a paired Stripe Terminal reader (e.g. Stripe Reader S710) to take a card payment in person, the customer's card data is read directly by the reader and transmitted by Stripe — JewelTrak never sees card details. We receive only the same reconciliation metadata as for online payments (payment intent ID, charge ID, card brand, last four digits, payment status). The reader's location identifier and an operator label (e.g. "Front counter") are also stored on your tenant database so receipts can be attributed.
Refunds and disputes: when a refund is issued (either from inside JewelTrak or directly on the Stripe dashboard), we store the Stripe refund ID, refund amount, and refund reason on your tenant database. When a customer disputes (chargebacks) a charge, we store the Stripe dispute ID, dispute amount, reason, status, and evidence-submission deadline so the merchant can see the dispute in JewelTrak and link to Stripe's dashboard for evidence submission. Evidence submission itself happens entirely on Stripe; JewelTrak does not store any evidence documents.
Usage & Technical Data
We may collect standard server logs including IP addresses, browser type, pages visited, and timestamps for the purpose of security monitoring and service reliability. We do not sell this data or use it for advertising.
3. How We Use Your Information
- • To provision and operate your JewelTrak account and database
- • To process subscription billing through Stripe
- • To send transactional emails related to your account (password resets, billing receipts)
- • To provide customer support when you contact us
- • To monitor platform security and performance
- • To comply with legal obligations
We do not sell your personal information or business data to any third party. We do not use your data to train AI models.
4. Third-Party Services
JewelTrak uses the following third-party services to operate the platform. Each is subject to its own privacy policy.
| Service | Purpose |
|---|---|
| Neon (PostgreSQL) | Database hosting — your isolated tenant schema |
| Vercel | Application hosting and global CDN |
| Cloudflare | Image storage, file storage (PDFs), and DNS |
| Stripe | JewelTrak subscription billing; and — if you connect Stripe to a store — customer-facing payment processing (cards, ACH, Apple/Google Pay, BNPL) on your own Stripe Connect Standard account, with funds settled directly to your bank. Stripe handles all cardholder data; JewelTrak does not store full card numbers. |
| Resend | Transactional email delivery |
| Intuit QuickBooks | Optional integration — only if you choose to connect |
| Shopify | Optional sales-channel integration — order, customer, and inventory sync; only if you choose to connect a Shopify store |
5. Data Storage & Security
Your data is stored in a dedicated, isolated PostgreSQL schema within our cloud database provider (Neon). Each JewelTrak customer account is completely separated at the database level — no shared tables exist between tenants. All data is encrypted in transit using TLS 1.2 or higher. Our infrastructure providers maintain SOC 2 compliance and encrypt data at rest.
OAuth tokens for third-party integrations (such as QuickBooks Online) are stored encrypted in your tenant database and are never accessible to other customers or exposed in application responses.
6. Data Retention
We retain your account and business data for as long as your subscription is active. If you cancel your subscription, your data remains available for 30 days during which you may request an export. After 30 days, your data is permanently deleted. You may request deletion at any time by contacting us at info@jeweltrak.com.
7. Cookies & Sessions
JewelTrak uses session cookies solely to maintain your authenticated login session. We do not use advertising cookies or tracking pixels. No third-party advertising networks have access to your session.
8. Your Rights
You have the right to access, correct, or delete your personal information at any time. To exercise these rights, contact us at info@jeweltrak.com. Requests are typically fulfilled within 10 business days.
9. Children's Privacy
JewelTrak is a business-to-business software platform intended for adults operating retail businesses. We do not knowingly collect personal information from anyone under 18 years of age.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page and notify active subscribers by email if the changes are material. Continued use of JewelTrak after any changes constitutes your acceptance of the updated policy.
11. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us:
JewelTrakFlorida, United States
info@jeweltrak.com
(863) 991-0396