Privacy Policy

Last updated: April 30, 2026

ConEquip SPS ("SPS", "we", "our") is operated by ConEquip Parts & Equipment LLC, a New York limited liability company located at 3370 Walden Ave, Depew, NY 14043. SPS is a business-to-business tool that lets equipment vendors share their inventory with ConEquip automatically, in place of manually emailing spreadsheets.

This page explains exactly what data we collect, what we do with it, who else sees it, how long we keep it, and how to disconnect or delete it. If anything here is unclear, email [email protected] and we will answer.

Who this applies to

This policy covers vendor users of SPS — the person at your company who creates an SPS account, connects an inventory source (Google Sheets, Microsoft OneDrive, Airtable, or another supported tool), and grants SPS permission to read that source on a recurring basis. ConEquip staff who use SPS internally are covered by ConEquip's general employment privacy practices, which are outside the scope of this document.

Information we collect

When you sign up

  • Name and email address
  • Company name
  • A password (stored as a one-way cryptographic hash, never as plaintext) or, if you sign in with Google or Microsoft, the basic profile information that provider returns to us
  • Optional team-member invitations and contact details you choose to add

From your connected inventory tool

When you connect a third-party tool (such as Google Sheets, Microsoft OneDrive Excel, or Airtable) and select a specific spreadsheet, base, or sheet during setup, SPS reads inventory data from that source. The data we read is limited to the inventory fields you map during setup, which include:

  • SKU / part number
  • Product description
  • Quantity on hand per location
  • Unit price
  • Product condition, category, make, and model (where present)
  • Warehouse location (name, street address, city, state, postal code, country)

We do not read other files, sheets, folders, emails, contacts, or services in your account. We do not modify the source. SPS only ever performs read operations on the source you explicitly selected.

Authentication credentials

When you connect a third-party tool, we receive and store an OAuth refresh token issued by that provider. This token is what lets SPS pull updates on a schedule without prompting you each time. We never see, receive, or store your password for those services. You can revoke the token at any time from your SPS dashboard or directly in the provider's account settings.

Operational metadata

We log standard operational data — upload timestamps, validation outcomes, error messages, and similar — to operate the system reliably and to surface issues back to you (for example, telling you when an upload failed validation).

How we use information

  • To pull recurring inventory snapshots from the source you connected, parse them into a normalized form, and present the inventory to ConEquip's sales team so they can match it against customer demand.
  • To send you operational email about your account — confirmation, password reset, upload outcomes, missed-deadline notices, and similar.
  • For internal monitoring and quality-control reporting on vendor onboarding, upload health, and data completeness.

We do not sell your data.

How we share information

  • ConEquip employees and contractors who need access to operate SPS or to use the inventory data for sales activities.
  • ConEquip's internal ERP system (Odoo), which receives parsed inventory records so they can be matched against ConEquip's product catalog.
  • Infrastructure providers we rely on to host SPS — currently DigitalOcean for the application, database, and object storage. These providers process data on our behalf under their own privacy and security commitments and may not use your data for any other purpose.
  • When required by law, or to protect rights, safety, or property — for example, in response to a valid legal demand.

We do not share your data with advertisers, marketing networks, data brokers, or any third party for that party's own commercial use.

Google API user data

SPS's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Concretely: when you connect a Google account to SPS, we request only the minimum scopes needed to read the spreadsheet you select. SPS does not access any other file, document, email, calendar event, or service in your Google account, and does not transfer Google user data to any third party for advertising, profiling, or any unrelated commercial purpose.

How long we keep data

SPS does not automatically delete inventory data. Each daily pull updates per-SKU records, so current quantities and prices reflect your latest data, while historical SKUs and stock records remain in our system for as long as your account is active. Operational metadata about each daily pull (such as per-row processing details) may be moved to compressed long-term storage over time but is not automatically removed.

OAuth refresh tokens are kept until you disconnect the source, revoke access from your provider, or delete your account.

You can request deletion of your account and associated data at any time (see "Your rights and choices" below).

Your rights and choices

  • Disconnect a source. Revoke SPS's access at any time from your SPS dashboard, or directly from your Google, Microsoft, or Airtable account settings. Once disconnected, we stop pulling new data immediately.
  • Delete your account and data. Email [email protected] with a deletion request. We will comply within 30 days, except for the minimum records we must retain to comply with legal, accounting, or contractual obligations.
  • Export your data. Email [email protected] to request a copy of your inventory and account data.
  • Update your information. Update profile information from your account settings, or email us if you need help.

Security

  • All connections to SPS are encrypted in transit.
  • Passwords are stored as one-way cryptographic hashes — the plaintext is never persisted.
  • Sensitive credentials and stored data are encrypted at rest.
  • Production access is limited to authorized ConEquip personnel with a business need.
  • We use industry-standard protections against common web vulnerabilities and monitor production for anomalous activity.

No system is perfectly secure. If we discover a breach affecting your data, we will notify you without undue delay, consistent with applicable law.

Children

SPS is a business-to-business tool and is not intended for or directed at children under 16. We do not knowingly collect personal information from children. If you believe we have done so, contact us and we will delete it.

International users

SPS is operated from the United States and our infrastructure is hosted in the United States. By using SPS or connecting an inventory source, you consent to your data being transferred to and processed in the United States, which may have data protection laws different from those in your jurisdiction.

Changes to this policy

When we make material changes to this policy we will update the "Last updated" date at the top and, where appropriate, notify active vendors by email. Continued use of SPS after a change means you accept the revised policy.

Contact

Privacy questions, deletion requests, or any other concerns:

ConEquip Parts & Equipment LLC
3370 Walden Ave
Depew, NY 14043
Email: [email protected]