Zero Tolerance Labs

Zero Tolerance Labs

Privacy Policy

Effective Date: June 5, 2026  ·  Last Updated: June 5, 2026

This Privacy Policy describes how Zero Tolerance Labs LLC ("ZTL," "we," "us," or "our") collects, uses, stores, and protects information through the client portal and related services available at vault.zerotolerancelabs.com and quote.zerotolerancelabs.com (the "Service").

This Service is a business-to-business (B2B) client portal. It is not directed at consumers or the general public. Access is by invitation only.

1. Information We Collect

Information You Provide

  • Account information: Your name and email address, provided when we create your account (accounts are created by ZTL; there is no self-registration).
  • Label files: Label artwork you upload for review and approval (PDF, PNG, or JPG files).
  • Quote requests: Product formulation details, quantities, and specifications you submit through the quoting tool.
  • Communications: Any messages or information you provide when contacting us.

Information Generated Through Your Use

  • Audit logs: We log actions taken within the Service (e.g., document views, downloads, label submissions, quote interactions) for security and operational purposes. These logs include your user ID, the action performed, and a timestamp.
  • Authentication data: Login timestamps and session information managed by our authentication provider.

Information From Our Business Systems

To provide the Service, we pull information from ZTL's internal systems into your portal view:

  • Order and payment data from our accounting system (QuickBooks Online) — invoice numbers, amounts, payment status, and dates.
  • Quality documents (e.g., Certificates of Analysis) from our quality management system.
  • Manufacturing data from our production management system (InstantGMP) — used internally by ZTL operations staff; not displayed to clients.

Automatically Collected Information

  • Analytics: We use Google Analytics (via Google Tag Manager) to collect anonymized usage data such as pages visited, session duration, browser type, and device type. This data is aggregated and not linked to your identity.
  • Cookies: We use cookies strictly for authentication (maintaining your login session). We do not use advertising cookies or third-party tracking cookies.

2. How We Use Your Information

We use the information we collect to:

  • Operate and provide the Service, including displaying your quotes, documents, labels, and order information.
  • Authenticate your identity and enforce access controls (ensuring you only see data associated with your organization).
  • Process and review label submissions, including scanning uploaded files for malware.
  • Generate and deliver manufacturing quotes.
  • Maintain audit logs for security, compliance, and operational integrity.
  • Communicate with you about your account or the Service.
  • Improve the Service based on aggregated usage patterns.

We do not sell your information. We do not use your information for advertising. We do not use your data to train machine learning models.

3. How We Share Your Information

Service Providers

We use third-party service providers to operate the Service. These providers process data on our behalf and are contractually obligated to protect it:

  • Supabase (US East) — Database, authentication, file storage
  • Vercel (US) — Application hosting
  • Resend — Transactional email (login links, notifications)
  • Cloudmersive — Virus scanning of uploaded files (scanned in transit, not stored)
  • Inngest — Background task processing
  • Google Analytics — Anonymized usage analytics
  • HubSpot — Customer relationship management
  • Intuit (QuickBooks Online) — Accounting data source (read-only)
  • InstantGMP — Manufacturing data source (internal use only)

Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

With Your Organization

Information associated with your account is visible to authorized members of your Client organization, as well as to ZTL operations staff. Your organization's account administrator may be able to see activity associated with your account.

4. How We Protect Your Information

We implement the following security measures:

  • Access control: Role-based access controls enforce that you only see data associated with your organization. Row-level security policies are enforced at the database level.
  • Authentication: Login sessions are managed via secure, HTTP-only cookies. Magic-link authentication means no passwords are stored for most users.
  • Encryption: Data is encrypted in transit (TLS/HTTPS). Data at rest is encrypted by our database provider (Supabase).
  • File scanning: All client-uploaded files are scanned for malware before acceptance. Uploads that fail scanning are rejected.
  • Audit logging: Privileged actions are logged for accountability and incident investigation.
  • Invite-only access: Accounts are created by ZTL; there is no public registration.

5. Data Retention

  • Account data is retained for the duration of our business relationship with your organization, plus any period required by law or regulation.
  • Documents and labels are retained as long as they are relevant to active or recent manufacturing engagements. Documents may be archived (hidden from your view) but are not automatically deleted.
  • Audit logs are retained indefinitely for compliance and security purposes.
  • Quote data is retained for the duration of our business relationship.
  • Analytics data is retained according to Google Analytics' standard retention settings.

We do not currently offer a self-service data deletion mechanism. To request deletion of your data, contact us at info@zerotolerancelabs.com.

6. Your Rights

Depending on your jurisdiction, you may have rights regarding your personal information, including:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate information.
  • Deletion: Request deletion of your personal information, subject to our legal retention obligations.
  • Portability: Request your data in a structured, machine-readable format.

To exercise any of these rights, contact us at info@zerotolerancelabs.com. We will respond within 30 days.

California Residents

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA). We do not sell personal information. For CCPA-specific requests, contact us at info@zerotolerancelabs.com.

7. Cookies

We use the following cookies:

  • Supabase auth session — Maintains your login session (session duration / short-lived)
  • Google Analytics (_ga, _gid) — Anonymized usage analytics (up to 2 years)

We do not use advertising cookies. You may disable cookies in your browser settings, but doing so will prevent you from logging into the Service.

8. Children's Privacy

The Service is not directed at individuals under 18. We do not knowingly collect information from minors. If you believe a minor has provided information through the Service, contact us and we will delete it.

9. International Users

The Service is hosted in the United States (US East region). If you access the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to this transfer.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Service or by email. Your continued use after changes take effect constitutes acceptance of the revised policy.

11. Contact

Zero Tolerance Labs LLC
2362 Industrial Dr.
Neenah, WI 54956
info@zerotolerancelabs.com

This Privacy Policy was last updated on June 5, 2026.