Privacy Policy

Last updated: March 11, 2026  ·  Candle Supply

1. Who We Are

Candle Supply ("we," "us," or "our") operates the candle inventory management platform at candle.supply. This Privacy Policy explains how we collect, use, and protect your personal information when you use our service.

Contact: admin@candle.supply

2. Information We Collect

Account information: When you register, we collect your name and email address. Your password is stored as a one-way hash — we cannot read it.

Business data you enter: Materials, recipes, production logs, purchases, expenses, events, mileage logs, and any other data you input into the platform. This data belongs to you.

Usage information: We log actions such as logins and data changes for security and audit purposes. We do not collect behavioral analytics or track you across other websites.

Payment information: Billing is handled by PayPal. We do not store your credit card number or full payment details on our servers.

Integration tokens: If you connect a shop (Etsy, Shopify), we store your OAuth access tokens securely to enable the integration. These tokens are encrypted at rest.

3. How We Use Your Information

  • To provide and operate the Candle Supply platform
  • To send account-related emails (password resets, low stock alerts, billing receipts)
  • To respond to your support requests
  • To maintain security and prevent fraud
  • To improve our service based on aggregate, anonymized usage patterns

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Third-Party Services

We use the following third-party services as part of operating Candle Supply:

  • PayPal — for subscription billing. Governed by PayPal's Privacy Policy.
  • Etsy / Shopify — if you enable integrations, your data is exchanged with these platforms per their respective privacy policies.
  • Google Drive — if you use the Drive receipt upload feature, files are stored in your own Google Drive account.

5. Cookies

We use only essential session cookies required to keep you logged in. We do not use advertising cookies, tracking pixels, or third-party analytics cookies. See our Cookie Policy for details.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data is permanently deleted within 24 hours. Anonymized, aggregate data may be retained for statistical purposes.

7. Your Rights

  • Access & Export: You can download all your data at any time from your Profile page.
  • Correction: You can update your name and email in your Profile settings.
  • Deletion: You can permanently delete your account and all associated data from your Profile page.
  • Portability: Your exported data is provided in standard CSV format.

8. Security

We use HTTPS encryption for all data in transit. Passwords are hashed using bcrypt. Access tokens for integrations are encrypted at rest. We follow industry-standard security practices and review them regularly.

9. Children's Privacy

Candle Supply is not directed at children under the age of 13. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes via email. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact

Questions about this Privacy Policy? Email us at admin@candle.supply or use our contact form.

Terms of Service Cookie Policy