Privacy Policy

StopCount, Inc. (“StopCount,” “we,” “us,” or “our”) is a Delaware corporation that builds a logistics operations platform for last-mile delivery contractors and the properties they serve. This Privacy Policy explains what information we collect, how we use it, and the choices you have. It applies to the StopCount marketing site at stopcount.com, the StopCount Drop product, and related services.

For questions about this Policy, contact us at hello@stopcount.com.

We collect information you give us, information generated by your use of the Service, and a limited set of technical information from your device.

• Account information. When an ISP or DSP owner, manager, or driver creates an account, we collect identifiers such as name, email address, phone number, employer or DSP affiliation, role, and authentication credentials.
• Delivery operational data. To run the Service we collect tracking numbers, package dimensions and counts, locker compartment assignments, GPS coordinates and timestamps for stops, route metadata, scan events, and similar telemetry generated during deliveries.
• Device and usage data. We log device identifiers, operating system and browser information, IP address, language, timestamps, page and in-product events, and diagnostic logs to operate, secure, and improve the Service.
• Communications. When you contact us — for example, through the contact form, the demo request flow, or email — we keep the message and associated metadata so we can respond.

We use the information we collect to:

• Operate, maintain, and secure the StopCount platform.
• Provide analytics, dashboards, and operational reporting to customers about their own fleets and properties.
• Improve the product — including performance, reliability, and new features — using a combination of usage analytics and aggregated, de-identified data.
• Provide customer support and respond to requests, questions, and reports.
• Send transactional and service-related communications (for example, account, billing, and security notices) and, where permitted, occasional product updates.
• Comply with legal obligations and enforce our Terms of Service.

We do not sell personal information. We share information only as described below.

• Carrier APIs. We exchange tracking numbers and related metadata with carrier systems to enrich tracking and confirm package status.
• Locker system APIs. We exchange compartment, package, and authorization data with parcel locker system APIs to coordinate compartment assignments and pre-opens at the property.
• Infrastructure providers. We use trusted vendors such as Supabase (database and authentication) and Vercel (hosting and edge runtime) to run the Service. They process information on our behalf under contractual data-protection terms.
• Within your organization. Account owners and authorized administrators of an ISP, DSP, or property can see information generated by users in their organization, consistent with their role.
• Legal and safety. We may disclose information if we reasonably believe it is necessary to comply with law, lawful requests from authorities, or to protect the rights, safety, or property of StopCount, our users, or others.
• Business transfers. If StopCount is involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to this Policy.

We keep personal information for as long as your account is active and for the period needed to provide the Service, comply with legal and tax obligations, resolve disputes, and enforce our agreements. Operational delivery data may be retained for longer in aggregated or de-identified form for analytics and product improvement. On a verified deletion request, we will delete or anonymize personal information except where retention is required by law.

We use technical and organizational safeguards designed to protect information from loss, misuse, and unauthorized access. These include:

• Encryption of data at rest and in transit (TLS 1.2+).
• Multi-tenant isolation enforced at the database layer using Postgres row-level security (RLS), so one customer cannot access another customer’s data.
• Encrypted storage of third-party credentials (such as carrier and locker-system API keys) used by the Service on a customer’s behalf.
• Least-privilege access controls and audit logging for production systems.
• Regular review of dependencies, infrastructure configuration, and security practices.

No system can be guaranteed to be perfectly secure. If we become aware of a security incident affecting your information, we will notify you as required by applicable law.

Depending on where you live, you may have rights with respect to your personal information, including the right to:

• Access the personal information we hold about you.
• Correct inaccurate or incomplete information.
• Request deletion of your personal information, subject to limited exceptions.
• Receive a portable copy of personal information you provided to us.
• Object to or restrict certain processing, including processing based on legitimate interests, where applicable.

These rights apply to the extent provided by laws including the EU and UK General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as amended. To exercise a right, email hello@stopcount.com. We may need to verify your identity before acting on a request. We will not discriminate against you for exercising these rights.

We use a small set of cookies and similar technologies to keep sessions active, remember preferences, secure the Service, and understand aggregated usage. We do not use cookies or trackers to sell information to third parties or to power third-party advertising. Most browsers let you control cookies through their settings; blocking some cookies may affect how parts of the Service work.

The Service is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please email us so we can delete it.

StopCount is based in the United States, and the infrastructure we use to operate the Service is located in the United States and other countries. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States. By using the Service you consent to that transfer, and we will protect your information as described in this Policy and in line with applicable law.

We may update this Privacy Policy from time to time. If we make a material change, we will provide reasonable notice — for example, by updating the “Effective date” below and, where appropriate, by emailing the account owner or posting an in-product notice. Your continued use of the Service after the update constitutes acceptance of the revised Policy.

If you have any questions about this Policy or our privacy practices, contact us at hello@stopcount.com.