Privacy Policy

CrateOS, Inc. ("CrateOS," "we," "us," or "our") is a Delaware corporation that provides software for warehouse execution infrastructure, including automation, exception handling, and operational visibility.

This Privacy Policy explains how we collect, use, disclose, and retain personal information for website visitors, prospects, customers, and users of our Platform.

Privacy is an ongoing responsibility. We review this Privacy Policy at least annually and may update it from time to time as our services and legal obligations evolve.

CrateOS has designated a privacy contact to handle requests and questions related to personal data practices.

• CrateOS, Inc.
• Attn: Privacy
• Email: privacy@crateos.ai
• Website: crateos.ai

We collect personal information you provide directly, information collected automatically from your interactions with our websites and services, and information provided by your organization or authorized integrations.

• Professional profile details such as name, role, employer, and work contact information.
• Account and authentication information, including SSO or OAuth identifiers where applicable.
• Operational context and workflow details provided through forms, onboarding, or support channels.
• Platform usage data such as feature interactions, event timestamps, and service diagnostics.
• Data from connected systems you authorize, such as WMS, ERP, ticketing, identity, and communication platforms.
• Device and browser metadata, including IP address, browser type, and general geolocation inferred from IP.

Like most websites, crateos.ai collects certain information automatically and stores it in logs.

We use this information to maintain site performance, understand traffic trends, improve user experience, and secure our website.

• IP address and approximate region
• Browser, device, and operating system details
• Referrer URLs and page interaction history
• Session behavior and aggregate traffic metrics

We use cookies and similar technologies for authentication, session continuity, security controls, and analytics.

You may control cookie behavior through browser settings. Disabling cookies may impact functionality of certain Platform features.

When customers use the Platform, we process information required to deliver and support contracted services.

• Account, tenant, and workspace administration data
• Workflow records, exception events, and operational telemetry
• System integration metadata and API transaction logs
• Support and customer success communications
• Billing and subscription records for paid plans

We do not sell personal information. We share personal information only as needed to operate our business and provide the Platform.

• Infrastructure, security, analytics, and support vendors acting on our instructions
• Integration partners and third-party services you connect or authorize
• Payment processors for subscription and billing workflows
• Professional advisors and auditors under confidentiality obligations
• Authorities or counterparties when required by law, legal process, or to protect rights and safety
• Successors in the event of merger, acquisition, financing, or asset transfer

CrateOS is headquartered in the United States, and information we collect may be processed and stored in the United States.

If you access the Platform from outside the United States, you acknowledge that your information may be transferred to and processed in the United States where privacy laws may differ from those in your jurisdiction.

Depending on your jurisdiction, you may have rights regarding your personal information, including rights to access, correct, delete, or restrict certain processing.

To exercise rights, contact us at privacy@crateos.ai. We may need to verify your identity and authority before processing requests.

• Right to know what personal data we collect and how we use it
• Right to request correction of inaccurate personal data
• Right to request deletion, subject to legal exceptions
• Right to request a copy of personal data where applicable
• Right to object to or restrict certain processing where legally available

We implement administrative, technical, and organizational safeguards designed to protect personal information, including encryption in transit, access controls, and monitoring.

No security measure is perfect, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your credentials and notifying us of suspected unauthorized activity.

CrateOS is not currently SOC 2 certified.

We retain personal information for as long as necessary to provide services, maintain records, comply with legal obligations, resolve disputes, and enforce agreements.

For customer service data, retention periods follow contractual terms and documented operational needs. Following termination, customer data is generally retained for up to 30 days to allow export and transition unless a different period is required by law or contract.

The Platform is intended for business use and is not directed to children. We do not knowingly collect personal information from individuals under 16 years of age.

If we learn that we have collected personal information from a child in violation of applicable law, we will take reasonable steps to delete it.

If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices, contact CrateOS at privacy@crateos.ai or legal@crateos.ai.

If you are not satisfied with our response, you may have the right to contact the applicable privacy or data protection authority in your jurisdiction.