Gantry Cloud Privacy Policy
This policy explains what we collect, how we use it, and the controls available to your team when using Gantry Cloud and Cargo Hold.
1) Who this applies to
This policy applies to users of Gantry Cloud, including workspace owners, team members, and invited users. If you are a merchant using Gantry to process customer orders, you are responsible for your own customer-facing notices and lawful basis for processing order data.
2) Data we collect
Workspace account data
- User email, role, and account timestamps
- Workspace profile details such as workspace name, slug, and owner email
- Basic authentication artifacts such as hashed passwords, never plain-text passwords
Operational fulfillment data
- Order records and order items from connected channels such as Stripe, Shopify, and WooCommerce
- Shipping data, tracking numbers, shipment statuses, and label metadata
- Inventory, bins, stock movements, package splits, pick sessions, scans, and audit trails
System and reliability data
- Audit logs for important account and fulfillment actions
- Ingestion event logs for webhook processing and retry status
- Application-level telemetry needed to support queueing, retries, and reliability
3) Sensitive billing and payment data
Billing payments for Gantry subscriptions are handled by Stripe. We do not store full card numbers, CVCs, or complete payment instrument data in Gantry application storage.
4) How we use data
- Provide fulfillment operations, including orders, labels, tracking, notifications, inventory workflows, and reporting
- Maintain account security, fraud detection signals, and administrative access control
- Operate the platform safely and reliably through queue processing, webhook validation, and issue handling
- Generate reporting and exports requested by authorized workspace users
5) Multi-tenant data isolation
Gantry is designed as a multi-tenant platform where records are isolated by tenant/workspace identifiers. Access paths, reporting endpoints, exports, and inventory workflows are scoped to the authenticated tenant context.
Database-level row isolation is used as an additional protection layer for tenant-owned records.
No software platform can claim zero risk. We continuously harden authorization paths, queries, and controls to reduce cross-tenant exposure risk.
6) Security controls
- Encrypted transport through HTTPS for app access and provider integrations
- Secret encryption at rest for integration credentials stored by Gantry
- Webhook signature/token validation for supported inbound integrations
- Role-based access model and permission checks
- CSRF protection for browser state changes
- MFA and step-up checks for sensitive privileged actions
- Audit logging for high-value administrative and operational actions
7) Data retention and deletion
Data is retained for active workspace operation, compliance needs, and support continuity. Workspace owners can request closure and data lifecycle actions through account controls and support workflows.
8) Data sharing and subprocessors
We do not sell customer data. We share data only as required to provide the service, such as with shipping, tracking, billing, storefront, and communications providers configured by the workspace. Examples may include Stripe, Shippo, Resend, Shopify, and WooCommerce.
9) International processing
Depending on infrastructure and configured providers, data may be processed in multiple regions. By using Gantry, you acknowledge this operational reality and should evaluate regional compliance requirements for your own business.
10) Your controls
- Manage user access and reporting permissions
- Configure and disconnect integrations
- Export workspace data for portability
- Request account support for data lifecycle and policy questions
11) Children's data
Gantry is a business platform and is not intended for use by children.
12) Policy updates
We may update this policy as the platform evolves. Material changes will be reflected with a new "Last updated" date.
13) Contact
For privacy and security questions, contact your Gantry workspace support channel or your designated account owner.