spouliot/PowderCoatingLogix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Scott Pouliot
2026-04-23 21:38:24 -04:00
commit 63e12a9636
1762 changed files with 1672620 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/PowderCoating.Web/Views/Home/Accessibility.cshtml
+111
View File
@@ -0,0 +1,111 @@
@{
ViewData["Title"] = "Accessibility Statement";
}
<div class="container py-5" style="max-width:860px">
<h1 class="h3 fw-bold mb-1"><i class="bi bi-universal-access me-2 text-primary"></i>Accessibility Statement</h1>
<p class="text-muted small mb-4">Last Updated: April 9, 2026</p>
<p class="lead mb-4">
Powder Coating Logix is committed to making our platform accessible to all users, including those with
disabilities. We believe that every person running a powder coating business deserves full access to
the tools that help them succeed.
</p>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Our Commitment</h2>
<p>
We strive to conform to the <strong>Web Content Accessibility Guidelines (WCAG) 2.1, Level AA</strong>,
published by the World Wide Web Consortium (W3C). These guidelines explain how to make web content
more accessible to people with disabilities, including visual, auditory, physical, speech, cognitive,
language, learning, and neurological disabilities.
</p>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">What We've Done</h2>
<ul>
<li class="mb-1"><strong>Semantic HTML:</strong> We use proper heading hierarchy, landmark elements (<code>&lt;nav&gt;</code>, <code>&lt;main&gt;</code>, <code>&lt;footer&gt;</code>), and ARIA attributes to convey structure to screen readers.</li>
<li class="mb-1"><strong>Keyboard navigation:</strong> Core workflows can be completed using keyboard navigation alone.</li>
<li class="mb-1"><strong>Color contrast:</strong> Text and interactive elements meet minimum contrast ratios against their backgrounds.</li>
<li class="mb-1"><strong>Focus indicators:</strong> Visible focus outlines are preserved on interactive elements.</li>
<li class="mb-1"><strong>Form labels:</strong> All form inputs have associated labels and descriptive error messages.</li>
<li class="mb-1"><strong>Responsive design:</strong> The application adapts to different screen sizes and supports browser zoom up to 200% without loss of functionality.</li>
<li class="mb-1"><strong>Alternative text:</strong> Images that convey information include descriptive alt text.</li>
<li class="mb-1"><strong>Bootstrap 5:</strong> Our UI framework includes built-in accessibility features that we build on.</li>
</ul>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Known Limitations</h2>
<p>
We are actively working to improve accessibility across all areas of the application. Some areas
that we know are not yet fully conformant include:
</p>
<ul>
<li class="mb-1"><strong>Complex charts and graphs</strong> (in Reports) — visual data is not yet accompanied by tabular data alternatives. We plan to add data table equivalents in a future release.</li>
<li class="mb-1"><strong>Drag-and-drop interfaces</strong> (Job Priority Board, Oven Scheduler) — these currently lack keyboard-accessible equivalents. Workarounds exist via the standard list views.</li>
<li class="mb-1"><strong>PDF exports</strong> — generated PDFs (invoices, work orders) are not currently tagged for screen reader accessibility.</li>
<li class="mb-1"><strong>Third-party components</strong> — the Stripe payment element and some calendar widgets are third-party and may not fully conform to WCAG 2.1 AA.</li>
</ul>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Assistive Technology Compatibility</h2>
<p>
We test the core application with the following assistive technologies:
</p>
<ul>
<li>NVDA with Firefox (Windows)</li>
<li>VoiceOver with Safari (macOS and iOS)</li>
<li>Keyboard-only navigation (Chrome, Edge, Firefox)</li>
</ul>
<p class="small text-muted">
Other combinations may work but have not been formally tested.
</p>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Need Help?</h2>
<p>
If you experience any accessibility barriers while using Powder Coating Logix, or if you need
content in a different format, please contact us:
</p>
<address class="ps-3">
<strong>Powder Coating Logix — Accessibility</strong><br />
Email: <a href="mailto:support@powdercoatinglogix.com">support@powdercoatinglogix.com</a><br />
Subject line: <em>Accessibility Request</em>
</address>
<p>
We aim to respond to accessibility requests within <strong>2 business days</strong>.
Please describe the barrier you encountered and what you were trying to do — this helps us
prioritize fixes and provide an immediate workaround where possible.
</p>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Formal Complaints</h2>
<p>
If you are not satisfied with our response to your accessibility request, you may contact the relevant
supervisory authority in your jurisdiction. In the United States, the Department of Justice Civil Rights
Division handles ADA-related complaints.
</p>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Ongoing Improvement</h2>
<p>
Accessibility is not a one-time checkbox — it is an ongoing commitment. We review and improve
accessibility with each release. If you notice a regression or have a suggestion, please let us know.
</p>
</section>
<hr />
<p class="text-muted small text-center mt-4">
&copy; @DateTime.UtcNow.Year Powder Coating Logix &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="TermsOfService" class="text-decoration-none">Terms of Service</a> &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="Privacy" class="text-decoration-none">Privacy Policy</a>
</p>
</div>
src/PowderCoating.Web/Views/Home/DataProcessingAddendum.cshtml
+286
View File
@@ -0,0 +1,286 @@
@{
ViewData["Title"] = "Data Processing Addendum";
}
<div class="container py-5" style="max-width:860px">
<h1 class="h3 fw-bold mb-1">Data Processing Addendum (DPA)</h1>
<p class="text-muted small mb-4">Effective Date: April 9, 2026 &nbsp;&middot;&nbsp; Last Updated: April 9, 2026</p>
<div class="alert alert-permanent alert-info d-flex gap-2 mb-4" role="alert">
<i class="bi bi-info-circle-fill flex-shrink-0 mt-1"></i>
<div>
This Data Processing Addendum ("DPA") forms part of the <a asp-controller="Home" asp-action="TermsOfService">Terms of Service</a>
between Powder Coating Logix ("Processor") and you, the Customer ("Controller"). It applies where you
submit personal data of your own customers or employees to the Service, making us a data processor on
your behalf. This DPA is designed to satisfy requirements under GDPR, CCPA, and similar data protection laws.
</div>
</div>
<nav class="mb-5">
<p class="fw-semibold mb-2 small text-muted text-uppercase" style="letter-spacing:.05em">Contents</p>
<ol class="small ps-3">
<li><a href="#dpa-1" class="text-decoration-none">Definitions</a></li>
<li><a href="#dpa-2" class="text-decoration-none">Roles of the Parties</a></li>
<li><a href="#dpa-3" class="text-decoration-none">Subject Matter &amp; Duration</a></li>
<li><a href="#dpa-4" class="text-decoration-none">Nature &amp; Purpose of Processing</a></li>
<li><a href="#dpa-5" class="text-decoration-none">Types of Personal Data &amp; Data Subjects</a></li>
<li><a href="#dpa-6" class="text-decoration-none">Processor Obligations</a></li>
<li><a href="#dpa-7" class="text-decoration-none">Controller Obligations</a></li>
<li><a href="#dpa-8" class="text-decoration-none">Sub-Processors</a></li>
<li><a href="#dpa-9" class="text-decoration-none">Data Subject Rights</a></li>
<li><a href="#dpa-10" class="text-decoration-none">Security Measures</a></li>
<li><a href="#dpa-11" class="text-decoration-none">Data Breach Notification</a></li>
<li><a href="#dpa-12" class="text-decoration-none">International Transfers</a></li>
<li><a href="#dpa-13" class="text-decoration-none">Return &amp; Deletion of Data</a></li>
<li><a href="#dpa-14" class="text-decoration-none">Audits</a></li>
<li><a href="#dpa-15" class="text-decoration-none">Governing Law</a></li>
</ol>
</nav>
<hr class="mb-5" />
<section id="dpa-1" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">1. Definitions</h2>
<ul>
<li><strong>"Controller"</strong> means you, the Customer, who determines the purposes and means of processing personal data.</li>
<li><strong>"Processor"</strong> means Powder Coating Logix, which processes personal data on behalf of the Controller.</li>
<li><strong>"Personal Data"</strong> means any information relating to an identified or identifiable natural person entered into the Service.</li>
<li><strong>"Processing"</strong> means any operation performed on Personal Data, including collection, storage, retrieval, use, disclosure, or deletion.</li>
<li><strong>"Data Subject"</strong> means the natural person to whom the Personal Data relates.</li>
<li><strong>"Sub-Processor"</strong> means any third party engaged by Processor to process Personal Data on behalf of Controller.</li>
<li><strong>"Applicable Data Protection Law"</strong> means the GDPR, CCPA, and any other applicable privacy legislation.</li>
</ul>
</section>
<section id="dpa-2" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">2. Roles of the Parties</h2>
<p>
You are the Controller of Personal Data you enter into the Service. Powder Coating Logix is the Processor.
We process your Personal Data only on your documented instructions, as set forth in this DPA and the Terms of Service.
</p>
<p>
For data related to your own account (registration, billing), Powder Coating Logix acts as an independent
Controller and its processing is governed by the <a asp-controller="Home" asp-action="Privacy">Privacy Policy</a>.
</p>
</section>
<section id="dpa-3" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">3. Subject Matter &amp; Duration</h2>
<p>
The subject matter of processing is the operation of the Powder Coating Logix platform on your behalf.
Processing continues for the duration of your active subscription and for up to 90 days post-termination
(the data export window), after which Personal Data will be deleted per Section 13.
</p>
</section>
<section id="dpa-4" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">4. Nature &amp; Purpose of Processing</h2>
<p>
We process Personal Data for the following purposes, strictly on your instructions:
</p>
<ul>
<li>Storing and retrieving customer records, job details, quotes, and invoices;</li>
<li>Sending transactional emails and SMS to your customers on your behalf (quote approvals, invoice delivery, payment receipts);</li>
<li>Generating reports and analytics based on your business data;</li>
<li>Providing AI-powered features (photo quoting, scheduling suggestions) using data you explicitly submit;</li>
<li>Maintaining audit logs for compliance and security purposes.</li>
</ul>
</section>
<section id="dpa-5" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">5. Types of Personal Data &amp; Data Subjects</h2>
<div class="table-responsive">
<table class="table table-bordered align-middle">
<thead class="table-light">
<tr><th>Data Subject Category</th><th>Types of Personal Data</th></tr>
</thead>
<tbody>
<tr>
<td>Your customers (individuals)</td>
<td>Name, email address, phone number, mailing address, job history, invoice and payment records</td>
</tr>
<tr>
<td>Your commercial customers (contacts)</td>
<td>Contact name, business email, phone, billing address</td>
</tr>
<tr>
<td>Your shop workers</td>
<td>Name, role, contact information, job assignment history</td>
</tr>
<tr>
<td>Your account users</td>
<td>Name, email address, role, activity logs (governed by Privacy Policy)</td>
</tr>
</tbody>
</table>
</div>
</section>
<section id="dpa-6" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">6. Processor Obligations</h2>
<p>As Processor, we will:</p>
<ul>
<li>Process Personal Data only on your documented instructions and not for any other purpose;</li>
<li>Ensure that persons authorized to process Personal Data are bound by confidentiality obligations;</li>
<li>Implement and maintain appropriate technical and organizational security measures (see Section 10);</li>
<li>Assist you in fulfilling your obligations to respond to Data Subject rights requests (see Section 9);</li>
<li>Assist you in ensuring compliance with security, breach notification, and data protection impact assessment obligations;</li>
<li>Delete or return all Personal Data upon termination (see Section 13);</li>
<li>Make available all information necessary to demonstrate compliance with this DPA and cooperate with audits (see Section 14);</li>
<li>Promptly notify you if we believe any instruction violates Applicable Data Protection Law.</li>
</ul>
</section>
<section id="dpa-7" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">7. Controller Obligations</h2>
<p>As Controller, you are responsible for:</p>
<ul>
<li>Ensuring you have a lawful basis for processing Personal Data and for sharing it with us;</li>
<li>Providing any required notices to Data Subjects about how their data will be processed;</li>
<li>Ensuring Personal Data is accurate, relevant, and limited to what is necessary;</li>
<li>Complying with all Applicable Data Protection Laws with respect to Personal Data you submit to the Service.</li>
</ul>
</section>
<section id="dpa-8" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">8. Sub-Processors</h2>
<p>
You grant us general authorization to engage Sub-Processors. Our current Sub-Processors are:
</p>
<div class="table-responsive">
<table class="table table-bordered table-sm align-middle">
<thead class="table-light">
<tr><th>Sub-Processor</th><th>Purpose</th><th>Location</th></tr>
</thead>
<tbody>
<tr><td>Microsoft Azure</td><td>Cloud hosting and database</td><td>United States</td></tr>
<tr><td>Stripe, Inc.</td><td>Payment processing</td><td>United States</td></tr>
<tr><td>Twilio / SendGrid</td><td>Email and SMS delivery</td><td>United States</td></tr>
<tr><td>Anthropic, PBC</td><td>AI photo quoting features</td><td>United States</td></tr>
</tbody>
</table>
</div>
<p>
We will notify you of any intended changes to Sub-Processors (additions or replacements) by updating
this page with at least <strong>14 days' notice</strong>. If you object to a new Sub-Processor,
you may terminate the Service with a pro-rated refund for the unused portion of your subscription.
</p>
</section>
<section id="dpa-9" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">9. Data Subject Rights</h2>
<p>
If a Data Subject contacts us directly with a rights request (access, rectification, erasure, portability,
objection), we will promptly redirect them to you as the Controller, unless we are legally required to respond
directly. We will assist you in responding to rights requests within the timeframes required by applicable law.
</p>
<p>
Most Data Subject rights can be fulfilled through your admin panel (editing or deleting customer records,
exporting data). For requests we cannot fulfill through the UI, contact us at
<a href="mailto:privacy@powdercoatinglogix.com">privacy@powdercoatinglogix.com</a>.
</p>
</section>
<section id="dpa-10" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">10. Security Measures</h2>
<p>
We implement the following technical and organizational measures to protect Personal Data:
</p>
<ul>
<li><strong>Encryption in transit:</strong> All data transmitted between your browser and our servers uses TLS 1.2+.</li>
<li><strong>Encryption at rest:</strong> Database and file storage encrypted using AES-256.</li>
<li><strong>Access controls:</strong> Role-based access; employees access Personal Data only on a need-to-know basis.</li>
<li><strong>Multi-tenancy isolation:</strong> Your data is logically isolated from other customers at the database level.</li>
<li><strong>Authentication:</strong> Bcrypt password hashing; two-factor authentication available.</li>
<li><strong>Monitoring:</strong> Infrastructure-level anomaly detection and logging via Azure Monitor.</li>
<li><strong>Vendor security:</strong> All Sub-Processors are evaluated for security standards before engagement.</li>
</ul>
<p>
See our <a asp-controller="Home" asp-action="Security">Security page</a> for additional detail.
</p>
</section>
<section id="dpa-11" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">11. Data Breach Notification</h2>
<p>
In the event of a Personal Data breach affecting your Customer Data, we will notify you without undue
delay and, where feasible, within <strong>72 hours</strong> of becoming aware of the breach. Notification
will be sent to the primary contact email on your account and will include:
</p>
<ul>
<li>A description of the nature of the breach, including categories and approximate number of Data Subjects and records affected;</li>
<li>Contact details for our data protection point of contact;</li>
<li>Likely consequences of the breach;</li>
<li>Measures taken or proposed to address the breach and mitigate its effects.</li>
</ul>
<p>
You are responsible for notifying the relevant supervisory authority and affected Data Subjects as required
by Applicable Data Protection Law.
</p>
</section>
<section id="dpa-12" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">12. International Data Transfers</h2>
<p>
The Service is operated in the United States. All Sub-Processors listed in Section 8 are also based in
the United States. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland,
Personal Data will be transferred to the United States. We rely on the following transfer mechanisms:
</p>
<ul>
<li>Standard Contractual Clauses (SCCs) as approved by the European Commission, incorporated herein by reference; and/or</li>
<li>The EU-U.S. Data Privacy Framework where applicable.</li>
</ul>
<p>
Contact <a href="mailto:privacy@powdercoatinglogix.com">privacy@powdercoatinglogix.com</a> to request
a copy of the applicable SCCs.
</p>
</section>
<section id="dpa-13" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">13. Return &amp; Deletion of Data</h2>
<p>
Upon termination of the Service, you may export your Customer Data via the Data Export feature
(Settings &rsaquo; Data Export) for up to <strong>90 days</strong> after the termination date.
After that period, all Customer Data will be securely deleted from active systems.
</p>
<p>
Backup copies may persist for up to an additional 30 days before being purged from backup rotation.
We will confirm deletion in writing upon request.
</p>
</section>
<section id="dpa-14" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">14. Audits</h2>
<p>
Upon written request and with at least <strong>30 days' notice</strong>, we will provide you with
information reasonably necessary to demonstrate our compliance with this DPA. We may satisfy this
obligation by providing a summary of our security practices or relevant third-party audit reports
(e.g., SOC 2 Type II, when available) rather than granting direct access to our systems.
</p>
<p>
Any audit must be conducted during business hours, at your expense, and in a manner that does not
unreasonably disrupt our operations.
</p>
</section>
<section id="dpa-15" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">15. Governing Law</h2>
<p>
This DPA is governed by the same law and jurisdiction as the Terms of Service. In the event of a
conflict between this DPA and the Terms of Service, this DPA governs with respect to the subject
matter of data processing.
</p>
<p>
Questions about this DPA: <a href="mailto:privacy@powdercoatinglogix.com">privacy@powdercoatinglogix.com</a>
</p>
</section>
<hr />
<p class="text-muted small text-center mt-4">
&copy; @DateTime.UtcNow.Year Powder Coating Logix &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="TermsOfService" class="text-decoration-none">Terms of Service</a> &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="Privacy" class="text-decoration-none">Privacy Policy</a>
</p>
</div>
src/PowderCoating.Web/Views/Home/Error.cshtml
+72
View File
@@ -0,0 +1,72 @@
@{
ViewData["Title"] = "Error";
}
<div class="container mt-5">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card border-danger">
<div class="card-header bg-danger text-white">
<h4 class="mb-0">
<i class="bi bi-exclamation-triangle-fill"></i> An Error Occurred
</h4>
</div>
<div class="card-body">
<h5 class="card-title">We're sorry, something went wrong.</h5>
<p class="card-text">
An unexpected error has occurred while processing your request.
The error has been logged and our team will look into it.
</p>
@if (Context.TraceIdentifier != null)
{
<div class="alert alert-secondary mt-3">
<strong>Request ID:</strong> <code>@Context.TraceIdentifier</code>
<br />
<small class="text-muted">Please provide this ID when contacting support.</small>
</div>
}
<div class="mt-4">
<h6>What you can do:</h6>
<ul>
<li>Try refreshing the page</li>
<li>Go back to the <a asp-controller="Dashboard" asp-action="Index">Dashboard</a></li>
<li>If the problem persists, contact your system administrator</li>
</ul>
</div>
<div class="mt-4">
<a asp-controller="Dashboard" asp-action="Index" class="btn btn-primary">
<i class="bi bi-house-door"></i> Go to Dashboard
</a>
<button onclick="history.back()" class="btn btn-secondary">
<i class="bi bi-arrow-left"></i> Go Back
</button>
</div>
</div>
<div class="card-footer text-muted">
<small>
<i class="bi bi-info-circle"></i>
Errors are logged and monitored. The technical team has been notified.
</small>
</div>
</div>
@if (Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") == "Development")
{
var logFileName = $"logs/errors-{DateTime.Now:yyyyMMdd}.txt";
<div class="alert alert-warning mt-3">
<strong><i class="bi bi-code-slash"></i> Development Mode:</strong>
Check the error logs at <code>@logFileName</code> for details.
</div>
}
</div>
</div>
</div>
<style>
.card-header i {
font-size: 1.2em;
}
</style>
src/PowderCoating.Web/Views/Home/Index.cshtml
+308
View File
@@ -0,0 +1,308 @@
@{
ViewData["Title"] = "Welcome";
Layout = null; // Use custom layout for login page
}
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Powder Coating Logix - Login</title>
<!-- Bootstrap 5 CSS -->
<link href="~/lib/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<!-- Bootstrap Icons -->
<link rel="stylesheet" href="~/lib/bootstrap-icons/font/bootstrap-icons.css">
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
padding: 2rem;
}
.login-container {
width: 100%;
max-width: 450px;
}
.login-card {
background: white;
border-radius: 1.5rem;
box-shadow: 0 20px 60px rgba(0, 0, 0, 0.3);
padding: 3rem;
position: relative;
overflow: hidden;
}
.login-card::before {
content: '';
position: absolute;
top: 0;
left: 0;
right: 0;
height: 5px;
background: linear-gradient(90deg, #667eea 0%, #764ba2 100%);
}
.logo-container {
text-align: center;
margin-bottom: 2rem;
}
.logo {
width: 70px;
height: 70px;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
border-radius: 1rem;
display: inline-flex;
align-items: center;
justify-content: center;
margin-bottom: 1rem;
box-shadow: 0 10px 30px rgba(102, 126, 234, 0.4);
}
.logo i {
font-size: 2rem;
color: white;
}
.welcome-title {
font-size: 1.75rem;
font-weight: 700;
color: #1f2937;
margin-bottom: 0.5rem;
}
.welcome-subtitle {
color: #6b7280;
font-size: 0.95rem;
}
.form-label {
font-weight: 500;
color: #374151;
margin-bottom: 0.5rem;
}
.form-control {
padding: 0.75rem 1rem;
border-radius: 0.75rem;
border: 2px solid #e5e7eb;
font-size: 0.95rem;
transition: all 0.2s;
}
.form-control:focus {
border-color: #667eea;
box-shadow: 0 0 0 4px rgba(102, 126, 234, 0.1);
}
.input-group-text {
background: white;
border: 2px solid #e5e7eb;
border-right: none;
border-radius: 0.75rem 0 0 0.75rem;
color: #6b7280;
}
.input-group .form-control {
border-left: none;
border-radius: 0 0.75rem 0.75rem 0;
}
.btn-login {
width: 100%;
padding: 0.875rem;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
border: none;
border-radius: 0.75rem;
color: white;
font-weight: 600;
font-size: 1rem;
transition: all 0.3s;
margin-top: 1.5rem;
}
.btn-login:hover {
transform: translateY(-2px);
box-shadow: 0 10px 30px rgba(102, 126, 234, 0.4);
}
.form-check {
margin: 1rem 0;
}
.form-check-label {
color: #6b7280;
font-size: 0.9rem;
}
.forgot-password {
text-align: center;
margin-top: 1.5rem;
}
.forgot-password a {
color: #667eea;
text-decoration: none;
font-size: 0.9rem;
font-weight: 500;
}
.forgot-password a:hover {
text-decoration: underline;
}
.features {
margin-top: 2rem;
padding-top: 2rem;
border-top: 1px solid #e5e7eb;
}
.feature-item {
display: flex;
align-items: center;
gap: 0.75rem;
color: #6b7280;
font-size: 0.875rem;
margin-bottom: 0.75rem;
}
.feature-item i {
color: #667eea;
font-size: 1.125rem;
}
.demo-credentials {
background: #f3f4f6;
border-radius: 0.75rem;
padding: 1rem;
margin-bottom: 1.5rem;
border-left: 4px solid #667eea;
}
.demo-credentials p {
margin: 0;
font-size: 0.875rem;
color: #4b5563;
}
.demo-credentials strong {
color: #1f2937;
}
.alert {
border-radius: 0.75rem;
border: none;
padding: 0.875rem 1rem;
font-size: 0.9rem;
}
@@media (max-width: 576px) {
.login-card {
padding: 2rem 1.5rem;
}
.welcome-title {
font-size: 1.5rem;
}
}
</style>
</head>
<body>
<div class="login-container">
<div class="login-card">
<div class="logo-container">
<div class="logo">
<i class="bi bi-lightning-charge-fill"></i>
</div>
<h1 class="welcome-title">Welcome Back</h1>
<p class="welcome-subtitle">Sign in to access Powder Coating Logix</p>
</div>
@if (TempData["Message"] != null)
{
<div class="alert alert-info alert-dismissible fade show">
<i class="bi bi-info-circle me-2"></i>@TempData["Message"]
<button type="button" class="btn-close" data-bs-dismiss="alert"></button>
</div>
}
<div class="demo-credentials">
<p><strong><i class="bi bi-key me-2"></i>Demo Credentials</strong></p>
<p class="mt-2 mb-1"><strong>Email:</strong> admin@powdercoating.com</p>
<p class="mb-0"><strong>Password:</strong> Admin123!</p>
</div>
@if (User.Identity?.IsAuthenticated == true)
{
<div class="alert alert-success">
<i class="bi bi-check-circle me-2"></i>
You're already logged in as <strong>@User.Identity.Name</strong>
</div>
<a href="/Customers" class="btn btn-login">
<i class="bi bi-speedometer2 me-2"></i>Go to Dashboard
</a>
<form asp-area="Identity" asp-page="/Account/Logout" method="post" class="mt-3">
<button type="submit" class="btn btn-outline-secondary w-100">
<i class="bi bi-box-arrow-right me-2"></i>Logout
</button>
</form>
}
else
{
<a href="/Identity/Account/Login" class="btn btn-login">
<i class="bi bi-box-arrow-in-right me-2"></i>Sign In to Your Account
</a>
<div class="forgot-password">
<a href="/Identity/Account/Register">
<i class="bi bi-person-plus me-1"></i>Create an account
</a>
<span class="mx-2">•</span>
<a href="/Identity/Account/ForgotPassword">
<i class="bi bi-question-circle me-1"></i>Forgot password?
</a>
</div>
}
<div class="features">
<div class="feature-item">
<i class="bi bi-shield-check"></i>
<span>Secure and encrypted</span>
</div>
<div class="feature-item">
<i class="bi bi-clock-history"></i>
<span>Real-time job tracking</span>
</div>
<div class="feature-item">
<i class="bi bi-graph-up"></i>
<span>Comprehensive analytics</span>
</div>
</div>
</div>
<div class="text-center mt-4">
<p style="color: rgba(255, 255, 255, 0.8); font-size: 0.875rem;">
© 2024 Powder Coating Logix. All rights reserved.
</p>
</div>
</div>
<!-- Bootstrap 5 JS Bundle -->
<script src="~/lib/bootstrap/js/bootstrap.bundle.min.js"></script>
</body>
</html>
src/PowderCoating.Web/Views/Home/Privacy.cshtml
+272
View File
@@ -0,0 +1,272 @@
@{
ViewData["Title"] = "Privacy Policy";
Layout = "~/Views/Shared/_Layout.cshtml";
}
<div class="container py-5" style="max-width:860px">
<h1 class="h3 fw-bold mb-1">Privacy Policy</h1>
<p class="text-muted small mb-4">Effective Date: April 9, 2026 &nbsp;&middot;&nbsp; Last Updated: April 9, 2026</p>
<div class="alert alert-permanent alert-info d-flex gap-2 mb-4" role="alert">
<i class="bi bi-info-circle-fill flex-shrink-0 mt-1"></i>
<div>
Your privacy matters to us. This Privacy Policy explains what information Powder Coating Logix collects,
how we use it, and what choices you have. By using the Service you agree to the collection and use of
information as described in this policy.
</div>
</div>
<nav class="mb-5">
<p class="fw-semibold mb-2 small text-muted text-uppercase" style="letter-spacing:.05em">Contents</p>
<ol class="small ps-3">
<li><a href="#p-1" class="text-decoration-none">Information We Collect</a></li>
<li><a href="#p-2" class="text-decoration-none">How We Use Your Information</a></li>
<li><a href="#p-3" class="text-decoration-none">How We Share Your Information</a></li>
<li><a href="#p-4" class="text-decoration-none">Data Retention</a></li>
<li><a href="#p-5" class="text-decoration-none">Security</a></li>
<li><a href="#p-6" class="text-decoration-none">Your Rights &amp; Choices</a></li>
<li><a href="#p-7" class="text-decoration-none">Cookies &amp; Tracking</a></li>
<li><a href="#p-8" class="text-decoration-none">Third-Party Services</a></li>
<li><a href="#p-9" class="text-decoration-none">Children's Privacy</a></li>
<li><a href="#p-10" class="text-decoration-none">International Transfers</a></li>
<li><a href="#p-ccpa" class="text-decoration-none">California Privacy Rights (CCPA)</a></li>
<li><a href="#p-11" class="text-decoration-none">Changes to This Policy</a></li>
<li><a href="#p-12" class="text-decoration-none">Contact Us</a></li>
</ol>
</nav>
<hr class="mb-5" />
<!-- 1 -->
<section id="p-1" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">1. Information We Collect</h2>
<h6 class="fw-semibold mt-3">1.1 Information You Provide</h6>
<ul>
<li><strong>Account &amp; Registration:</strong> Name, company name, email address, phone number, billing address, and password when you create an account.</li>
<li><strong>Billing Information:</strong> Payment card details (processed and stored by Stripe — we do not store raw card numbers).</li>
<li><strong>Business Data:</strong> All content you enter into the Service — customer records, job details, quotes, invoices, inventory, equipment records, photos, and any other business information.</li>
<li><strong>Communications:</strong> Messages you send to our support team, survey responses, and feedback.</li>
</ul>
<h6 class="fw-semibold mt-3">1.2 Information We Collect Automatically</h6>
<ul>
<li><strong>Log Data:</strong> IP address, browser type, operating system, pages visited, time and date of access, and referring URLs.</li>
<li><strong>Usage Data:</strong> Features used, actions taken, and session duration.</li>
<li><strong>Device Information:</strong> Device type, screen resolution, and browser version.</li>
<li><strong>Cookies:</strong> Session and authentication cookies necessary to operate the Service. See Section 7 for details.</li>
</ul>
<h6 class="fw-semibold mt-3">1.3 Information from Third Parties</h6>
<ul>
<li><strong>Payment Processors:</strong> Stripe may share transaction status, billing address, and payment method details with us.</li>
<li><strong>Email &amp; SMS Providers:</strong> Delivery status information from SendGrid and Twilio.</li>
</ul>
</section>
<!-- 2 -->
<section id="p-2" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">2. How We Use Your Information</h2>
<p>We use the information we collect to:</p>
<ul>
<li>Provide, operate, and maintain the Service;</li>
<li>Process payments and manage your subscription;</li>
<li>Send transactional emails (account confirmation, invoices, password resets, subscription notifications);</li>
<li>Respond to support requests and communicate with you about the Service;</li>
<li>Send product updates, release notes, and announcements (you may opt out of non-essential communications);</li>
<li>Monitor and analyze usage to improve and develop the Service;</li>
<li>Detect, investigate, and prevent fraudulent activity and security incidents;</li>
<li>Comply with legal obligations.</li>
</ul>
<p>
We do not sell your personal information or your Customer Data to third parties. We do not use your
Customer Data to train AI models beyond what is necessary to deliver features you explicitly use within
the Service.
</p>
</section>
<!-- 3 -->
<section id="p-3" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">3. How We Share Your Information</h2>
<p>We share your information only in the following circumstances:</p>
<ul>
<li><strong>Service Providers:</strong> We share data with trusted vendors who help us operate the Service (Stripe, SendGrid, Twilio, Microsoft Azure, Anthropic). These providers are contractually obligated to use your information only to provide services to us and in compliance with applicable law.</li>
<li><strong>Legal Requirements:</strong> We may disclose information if required by law, regulation, court order, or government request, or if we believe disclosure is necessary to protect our rights or the safety of any person.</li>
<li><strong>Business Transfers:</strong> If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice within the Service before such a transfer.</li>
<li><strong>With Your Consent:</strong> We may share information for any other purpose with your explicit consent.</li>
</ul>
</section>
<!-- 4 -->
<section id="p-4" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">4. Data Retention</h2>
<p>
We retain your account information and Customer Data for as long as your account is active or as needed
to provide the Service. After account termination, we retain data for up to 90 days to allow you to
export it, after which it may be permanently deleted.
</p>
<p>
We may retain certain information for longer periods where required by law, to resolve disputes, or to
enforce our agreements.
</p>
</section>
<!-- 5 -->
<section id="p-5" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">5. Security</h2>
<p>
We implement industry-standard technical and organizational measures to protect your information from
unauthorized access, disclosure, alteration, and destruction. These measures include:
</p>
<ul>
<li>Encrypted data transmission (HTTPS/TLS);</li>
<li>Encrypted storage of sensitive credentials;</li>
<li>Role-based access controls;</li>
<li>Regular security audits and monitoring.</li>
</ul>
<p>
No method of transmission over the internet or electronic storage is 100% secure. While we strive to
protect your information, we cannot guarantee its absolute security. In the event of a data breach that
affects your information, we will notify you as required by applicable law.
</p>
</section>
<!-- 6 -->
<section id="p-6" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">6. Your Rights &amp; Choices</h2>
<p>Depending on your location, you may have the following rights regarding your personal information:</p>
<ul>
<li><strong>Access:</strong> Request a copy of the personal information we hold about you.</li>
<li><strong>Correction:</strong> Request correction of inaccurate or incomplete information.</li>
<li><strong>Deletion:</strong> Request deletion of your personal information, subject to legal obligations.</li>
<li><strong>Portability:</strong> Request a machine-readable export of your data.</li>
<li><strong>Opt-Out:</strong> Opt out of non-essential marketing communications at any time via the unsubscribe link in our emails or by contacting us.</li>
</ul>
<p>
To exercise any of these rights, contact us at <a href="mailto:privacy@powdercoatinglogix.com">privacy@powdercoatinglogix.com</a>.
We will respond within 30 days. We may need to verify your identity before processing your request.
</p>
</section>
<!-- 7 -->
<section id="p-7" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">7. Cookies &amp; Tracking</h2>
<p>
We use cookies and similar technologies to operate and improve the Service. The cookies we use include:
</p>
<ul>
<li><strong>Essential/Session Cookies:</strong> Required to keep you logged in and for security (anti-CSRF). These cannot be disabled without breaking the Service.</li>
<li><strong>Preference Cookies:</strong> Remember your settings such as sidebar state and filter preferences.</li>
<li><strong>Analytics:</strong> We may use aggregated, anonymized usage data to understand how users interact with the Service.</li>
</ul>
<p>
We do not use third-party advertising cookies or sell cookie data to advertisers.
</p>
</section>
<!-- 8 -->
<section id="p-8" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">8. Third-Party Services</h2>
<p>
The Service relies on the following key third-party providers, each with their own privacy policies:
</p>
<ul>
<li><strong>Stripe</strong> — Payment processing: <a href="https://stripe.com/privacy" target="_blank" rel="noopener noreferrer">stripe.com/privacy</a></li>
<li><strong>SendGrid (Twilio)</strong> — Email delivery: <a href="https://www.twilio.com/en-us/legal/privacy" target="_blank" rel="noopener noreferrer">twilio.com/legal/privacy</a></li>
<li><strong>Microsoft Azure</strong> — Cloud infrastructure: <a href="https://privacy.microsoft.com/en-us/privacystatement" target="_blank" rel="noopener noreferrer">privacy.microsoft.com</a></li>
<li><strong>Anthropic</strong> — AI features: <a href="https://www.anthropic.com/legal/privacy" target="_blank" rel="noopener noreferrer">anthropic.com/legal/privacy</a></li>
</ul>
</section>
<!-- 9 -->
<section id="p-9" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">9. Children's Privacy</h2>
<p>
The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal
information from children. If we become aware that a child under 18 has provided us with personal
information, we will take steps to delete such information. If you believe we have inadvertently collected
information from a minor, please contact us immediately.
</p>
</section>
<!-- 10 -->
<section id="p-10" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">10. International Data Transfers</h2>
<p>
The Service is operated in the United States. If you access the Service from outside the United States,
your information may be transferred to, stored, and processed in the United States where our servers are
located and our central database is operated. By using the Service, you consent to the transfer of your
information to the United States.
</p>
</section>
<!-- 11 — CCPA -->
<section id="p-ccpa" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">11. California Privacy Rights (CCPA)</h2>
<p>
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional
rights regarding your personal information.
</p>
<h6 class="fw-semibold mt-3">We Do Not Sell Your Personal Information</h6>
<p>
Powder Coating Logix does <strong>not sell</strong> your personal information to third parties, and has
not done so in the preceding 12 months. You do not need to opt out of a sale because no sale occurs.
</p>
<h6 class="fw-semibold mt-3">Your CCPA Rights</h6>
<p>California residents have the right to:</p>
<ul>
<li><strong>Know</strong> what personal information we collect, use, and disclose about you;</li>
<li><strong>Delete</strong> personal information we have collected from you (subject to certain exceptions);</li>
<li><strong>Correct</strong> inaccurate personal information we hold about you;</li>
<li><strong>Opt out</strong> of the sale or sharing of personal information (not applicable — we do not sell);</li>
<li><strong>Non-discrimination</strong> for exercising any of your CCPA rights.</li>
</ul>
<h6 class="fw-semibold mt-3">How to Submit a Request</h6>
<p>
To exercise your CCPA rights, contact us at <a href="mailto:privacy@powdercoatinglogix.com">privacy@powdercoatinglogix.com</a>
with the subject line <em>"California Privacy Request."</em> We will respond within 45 days.
We may need to verify your identity before processing your request.
</p>
<h6 class="fw-semibold mt-3">Authorized Agents</h6>
<p>
You may designate an authorized agent to submit a request on your behalf. We will require written
authorization from you and may verify your identity directly.
</p>
</section>
<!-- 12 -->
<section id="p-11" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">12. Changes to This Policy</h2>
<p>
We may update this Privacy Policy from time to time. When we make material changes, we will notify you
by email or through a notice in the Service at least 14 days before the changes take effect. The updated
policy will display a new "Last Updated" date at the top.
</p>
<p>
Your continued use of the Service after the effective date of any updated policy constitutes your
acceptance of the changes.
</p>
</section>
<!-- 12 -->
<section id="p-12" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">12. Contact Us</h2>
<p>
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:
</p>
<address class="ps-3">
<strong>Powder Coating Logix — Privacy</strong><br />
Email: <a href="mailto:privacy@powdercoatinglogix.com">privacy@powdercoatinglogix.com</a><br />
Support: <a href="mailto:support@powdercoatinglogix.com">support@powdercoatinglogix.com</a><br />
Website: <a href="http://www.powdercoatinglogix.com" target="_blank" rel="noopener noreferrer">www.powdercoatinglogix.com</a>
</address>
</section>
<hr />
<p class="text-muted small text-center mt-4">
&copy; @DateTime.UtcNow.Year Powder Coating Logix. All rights reserved. &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="TermsOfService" class="text-decoration-none">Terms of Service</a>
</p>
</div>
src/PowderCoating.Web/Views/Home/Security.cshtml
+162
View File
@@ -0,0 +1,162 @@
@{
ViewData["Title"] = "Security";
}
<div class="container py-5" style="max-width:860px">
<h1 class="h3 fw-bold mb-1"><i class="bi bi-shield-check me-2 text-primary"></i>Security at Powder Coating Logix</h1>
<p class="text-muted small mb-4">Last Updated: April 9, 2026</p>
<p class="lead mb-5">
Your business data and your customers' data are the most important things you've trusted us with.
Here is how we protect them.
</p>
<div class="row g-4 mb-5">
<div class="col-md-6">
<div class="card h-100 border-0 shadow-sm">
<div class="card-body">
<h5 class="card-title fw-semibold"><i class="bi bi-lock-fill text-primary me-2"></i>Encryption</h5>
<ul class="small mb-0">
<li class="mb-1"><strong>In transit:</strong> All communication between your browser and our servers is encrypted using TLS 1.2 or higher. HTTP is automatically redirected to HTTPS.</li>
<li class="mb-1"><strong>At rest:</strong> Databases and file storage are encrypted using AES-256 via Microsoft Azure's native encryption.</li>
<li><strong>Passwords:</strong> Stored as bcrypt hashes — we never store or see your plain-text password.</li>
</ul>
</div>
</div>
</div>
<div class="col-md-6">
<div class="card h-100 border-0 shadow-sm">
<div class="card-body">
<h5 class="card-title fw-semibold"><i class="bi bi-building text-primary me-2"></i>Infrastructure</h5>
<ul class="small mb-0">
<li class="mb-1"><strong>Hosted on Microsoft Azure</strong> — enterprise-grade cloud infrastructure with SOC 2 Type II, ISO 27001, and FedRAMP certifications.</li>
<li class="mb-1"><strong>Geo-redundant storage</strong> ensures your data is replicated across multiple data centers.</li>
<li><strong>Daily automated backups</strong> with 7-day retention.</li>
</ul>
</div>
</div>
</div>
<div class="col-md-6">
<div class="card h-100 border-0 shadow-sm">
<div class="card-body">
<h5 class="card-title fw-semibold"><i class="bi bi-people-fill text-primary me-2"></i>Access Controls</h5>
<ul class="small mb-0">
<li class="mb-1"><strong>Role-based permissions:</strong> Each user in your account has a role that limits what they can see and do — Admins, Managers, Employees, Shop Floor, and Read-Only.</li>
<li class="mb-1"><strong>Multi-tenancy isolation:</strong> Your data is logically isolated from all other customers at the database level via row-level filtering.</li>
<li><strong>Internal access:</strong> Platform engineers access production data only when required for support, under the principle of least privilege.</li>
</ul>
</div>
</div>
</div>
<div class="col-md-6">
<div class="card h-100 border-0 shadow-sm">
<div class="card-body">
<h5 class="card-title fw-semibold"><i class="bi bi-credit-card-fill text-primary me-2"></i>Payment Security</h5>
<ul class="small mb-0">
<li class="mb-1"><strong>Stripe handles all payment processing.</strong> We never see, store, or transmit your card numbers — Stripe's PCI DSS Level 1 certified infrastructure handles that directly.</li>
<li class="mb-1"><strong>Stripe Connect</strong> is used for online invoice payments, meaning funds flow directly to your Stripe account.</li>
<li>Stripe's security details: <a href="https://stripe.com/docs/security" target="_blank" rel="noopener noreferrer">stripe.com/docs/security</a></li>
</ul>
</div>
</div>
</div>
<div class="col-md-6">
<div class="card h-100 border-0 shadow-sm">
<div class="card-body">
<h5 class="card-title fw-semibold"><i class="bi bi-shield-lock-fill text-primary me-2"></i>Authentication</h5>
<ul class="small mb-0">
<li class="mb-1"><strong>Strong password requirements:</strong> Minimum 8 characters with uppercase, lowercase, digit, and special character.</li>
<li class="mb-1"><strong>Two-factor authentication (2FA):</strong> Available for all user accounts via authenticator app.</li>
<li class="mb-1"><strong>Anti-brute-force rate limiting</strong> on login and registration endpoints.</li>
<li><strong>CSRF protection</strong> on all state-changing forms.</li>
</ul>
</div>
</div>
</div>
<div class="col-md-6">
<div class="card h-100 border-0 shadow-sm">
<div class="card-body">
<h5 class="card-title fw-semibold"><i class="bi bi-eye-fill text-primary me-2"></i>Monitoring &amp; Logging</h5>
<ul class="small mb-0">
<li class="mb-1"><strong>Structured application logging</strong> via Serilog with daily log rotation.</li>
<li class="mb-1"><strong>Azure Monitor</strong> provides infrastructure-level anomaly detection and alerting.</li>
<li class="mb-1"><strong>Audit logs</strong> record key administrative actions within your account.</li>
<li>System administrators receive real-time alerts for critical errors.</li>
</ul>
</div>
</div>
</div>
</div>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Application Security Practices</h2>
<ul>
<li class="mb-1"><strong>SQL injection prevention:</strong> All database access uses Entity Framework Core with parameterized queries.</li>
<li class="mb-1"><strong>XSS prevention:</strong> All user-supplied content is HTML-encoded by default via Razor's automatic escaping.</li>
<li class="mb-1"><strong>Content Security Policy (CSP):</strong> HTTP headers restrict which scripts and resources can load on our pages.</li>
<li class="mb-1"><strong>HSTS:</strong> HTTP Strict Transport Security enforced to prevent protocol downgrade attacks.</li>
<li class="mb-1"><strong>Secure file uploads:</strong> File type validation and path traversal protection on all upload endpoints.</li>
<li class="mb-1"><strong>Dependency updates:</strong> NuGet packages reviewed and updated regularly to address known vulnerabilities.</li>
</ul>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Third-Party Security</h2>
<p>
We rely on the following vendors for core functionality, each of which maintains their own security programs:
</p>
<ul>
<li><strong>Microsoft Azure</strong> — ISO 27001, SOC 2, FedRAMP</li>
<li><strong>Stripe</strong> — PCI DSS Level 1</li>
<li><strong>SendGrid / Twilio</strong> — ISO 27001, SOC 2</li>
<li><strong>Anthropic</strong> — Enterprise AI security program</li>
</ul>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Your Responsibilities</h2>
<p>Security is a shared responsibility. You can help protect your account by:</p>
<ul>
<li>Using a strong, unique password and enabling 2FA;</li>
<li>Not sharing login credentials between users — each person should have their own account;</li>
<li>Assigning the minimum role necessary for each user's job;</li>
<li>Revoking access promptly when an employee leaves;</li>
<li>Reporting suspicious activity immediately.</li>
</ul>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Responsible Disclosure</h2>
<p>
If you believe you have found a security vulnerability in Powder Coating Logix, please report it
responsibly by emailing <a href="mailto:security@powdercoatinglogix.com">security@powdercoatinglogix.com</a>.
We ask that you:
</p>
<ul>
<li>Give us reasonable time to investigate and remediate before any public disclosure;</li>
<li>Not access, modify, or delete data belonging to other users;</li>
<li>Not perform denial-of-service testing.</li>
</ul>
<p>
We will acknowledge your report within 2 business days and work with you to understand and address
the issue. We appreciate responsible security research.
</p>
</section>
<section class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">Questions</h2>
<p>
For security questions or concerns, contact us at
<a href="mailto:security@powdercoatinglogix.com">security@powdercoatinglogix.com</a>.
</p>
</section>
<hr />
<p class="text-muted small text-center mt-4">
&copy; @DateTime.UtcNow.Year Powder Coating Logix &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="TermsOfService" class="text-decoration-none">Terms of Service</a> &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="Privacy" class="text-decoration-none">Privacy Policy</a>
</p>
</div>
src/PowderCoating.Web/Views/Home/ServiceLevelAgreement.cshtml
+256
View File
@@ -0,0 +1,256 @@
@{
ViewData["Title"] = "Service Level Agreement";
}
<div class="container py-5" style="max-width:860px">
<h1 class="h3 fw-bold mb-1">Service Level Agreement (SLA)</h1>
<p class="text-muted small mb-4">Effective Date: April 9, 2026 &nbsp;&middot;&nbsp; Last Updated: April 9, 2026</p>
<div class="alert alert-permanent alert-info d-flex gap-2 mb-4" role="alert">
<i class="bi bi-info-circle-fill flex-shrink-0 mt-1"></i>
<div>
This Service Level Agreement applies to all paid subscribers of Powder Coating Logix and is
incorporated into the <a asp-controller="Home" asp-action="TermsOfService">Terms of Service</a>.
Free trial accounts are not covered by this SLA.
</div>
</div>
<nav class="mb-5">
<p class="fw-semibold mb-2 small text-muted text-uppercase" style="letter-spacing:.05em">Contents</p>
<ol class="small ps-3">
<li><a href="#sla-1" class="text-decoration-none">Uptime Commitment</a></li>
<li><a href="#sla-2" class="text-decoration-none">Measurement &amp; Reporting</a></li>
<li><a href="#sla-3" class="text-decoration-none">Scheduled Maintenance</a></li>
<li><a href="#sla-4" class="text-decoration-none">Support Response Times</a></li>
<li><a href="#sla-5" class="text-decoration-none">Incident Severity Levels</a></li>
<li><a href="#sla-6" class="text-decoration-none">Service Credits</a></li>
<li><a href="#sla-7" class="text-decoration-none">Exclusions</a></li>
<li><a href="#sla-8" class="text-decoration-none">Data Backup &amp; Recovery</a></li>
<li><a href="#sla-9" class="text-decoration-none">Claiming Credits</a></li>
<li><a href="#sla-10" class="text-decoration-none">Changes to This SLA</a></li>
</ol>
</nav>
<hr class="mb-5" />
<section id="sla-1" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">1. Uptime Commitment</h2>
<p>
Powder Coating Logix commits to a monthly uptime of <strong>99.0%</strong> for the core application
(dashboard, jobs, quotes, invoices, customers, inventory, and equipment modules) during each calendar month.
</p>
<div class="table-responsive">
<table class="table table-bordered table-sm align-middle">
<thead class="table-light">
<tr>
<th>Monthly Uptime</th>
<th>Maximum Allowed Downtime / Month</th>
</tr>
</thead>
<tbody>
<tr>
<td>&ge; 99.0% <span class="badge bg-success ms-1">Committed</span></td>
<td>&le; 7 hours 18 minutes</td>
</tr>
<tr>
<td>98.0% 98.9%</td>
<td>7h 19m 14h 24m</td>
</tr>
<tr>
<td>&lt; 98.0%</td>
<td>&gt; 14h 24m — credit eligible (see Section 6)</td>
</tr>
</tbody>
</table>
</div>
<p class="small text-muted">
"Downtime" means the Service is completely unavailable to all users. Degraded performance or partial
unavailability of non-core features does not constitute downtime for SLA purposes.
</p>
</section>
<section id="sla-2" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">2. Measurement &amp; Reporting</h2>
<p>
Uptime is calculated per calendar month using our infrastructure monitoring tools hosted on Microsoft Azure.
Uptime percentage is calculated as:
</p>
<div class="bg-light rounded p-3 font-monospace small mb-3">
Uptime % = ((Total minutes in month &minus; Downtime minutes) / Total minutes in month) &times; 100
</div>
<p>
Scheduled maintenance windows (Section 3) are excluded from downtime calculations.
We publish incident updates and post-mortems at <strong>support@powdercoatinglogix.com</strong>
upon request. We do not currently maintain a public status page but intend to add one in a future release.
</p>
</section>
<section id="sla-3" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">3. Scheduled Maintenance</h2>
<p>
We may perform scheduled maintenance that temporarily interrupts the Service. We will provide at least
<strong>48 hours advance notice</strong> via in-app notification and/or email for maintenance windows
expected to exceed 30 minutes.
</p>
<ul>
<li><strong>Preferred window:</strong> Sundays 2:00 AM 5:00 AM Eastern Time</li>
<li><strong>Emergency maintenance:</strong> May occur without advance notice when required to address critical security vulnerabilities or prevent data loss. We will notify users as quickly as possible.</li>
</ul>
<p>All scheduled maintenance time is excluded from the downtime calculation in Section 1.</p>
</section>
<section id="sla-4" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">4. Support Response Times</h2>
<p>
Support is available by email at <a href="mailto:support@powdercoatinglogix.com">support@powdercoatinglogix.com</a>.
Response times are measured in <strong>business hours</strong> (MondayFriday, 9 AM5 PM Eastern, excluding
US federal holidays).
</p>
<div class="table-responsive">
<table class="table table-bordered align-middle">
<thead class="table-light">
<tr>
<th>Severity</th>
<th>Description</th>
<th>First Response</th>
<th>Target Resolution</th>
</tr>
</thead>
<tbody>
<tr>
<td><span class="badge bg-danger">Critical</span></td>
<td>Service completely unavailable; data loss or corruption</td>
<td>4 business hours</td>
<td>1 business day</td>
</tr>
<tr>
<td><span class="badge bg-warning text-dark">High</span></td>
<td>Core feature broken; significant workflow impact</td>
<td>1 business day</td>
<td>3 business days</td>
</tr>
<tr>
<td><span class="badge bg-primary">Medium</span></td>
<td>Feature impaired; workaround available</td>
<td>2 business days</td>
<td>10 business days</td>
</tr>
<tr>
<td><span class="badge bg-secondary">Low</span></td>
<td>Cosmetic issue; general questions; feature requests</td>
<td>3 business days</td>
<td>Best effort</td>
</tr>
</tbody>
</table>
</div>
<p class="small text-muted">
"First Response" means an acknowledgment that we received and are investigating your request.
"Target Resolution" is a goal, not a guarantee — complex issues may take longer.
</p>
</section>
<section id="sla-5" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">5. Incident Severity Levels</h2>
<p>
When reporting an issue, please provide as much detail as possible (steps to reproduce, screenshots, affected users).
We classify severity based on business impact:
</p>
<ul>
<li><strong>Critical:</strong> Complete outage, data loss, or security breach affecting all users.</li>
<li><strong>High:</strong> A primary workflow (jobs, quotes, invoices) is broken for some or all users with no workaround.</li>
<li><strong>Medium:</strong> A feature is impaired but a workaround exists, or the impact is limited to non-core features.</li>
<li><strong>Low:</strong> Minor cosmetic issues, performance questions, or feature enhancement requests.</li>
</ul>
</section>
<section id="sla-6" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">6. Service Credits</h2>
<p>
If we fail to meet the 99.0% monthly uptime commitment, you may request a service credit applied to your
next billing cycle:
</p>
<div class="table-responsive">
<table class="table table-bordered table-sm align-middle">
<thead class="table-light">
<tr>
<th>Monthly Uptime Achieved</th>
<th>Credit</th>
</tr>
</thead>
<tbody>
<tr><td>98.0% 98.9%</td><td>10% of monthly fee</td></tr>
<tr><td>95.0% 97.9%</td><td>25% of monthly fee</td></tr>
<tr><td>&lt; 95.0%</td><td>50% of monthly fee</td></tr>
</tbody>
</table>
</div>
<p>
Service credits are your sole and exclusive remedy for downtime. Credits are not redeemable for cash and
cannot exceed 50% of your monthly fee for the affected month. Credits are forfeited if your account has
any outstanding unpaid balance.
</p>
</section>
<section id="sla-7" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">7. Exclusions</h2>
<p>The uptime commitment and service credits do not apply to downtime caused by:</p>
<ul>
<li>Scheduled maintenance windows (Section 3);</li>
<li>Events beyond our reasonable control (force majeure — natural disasters, power outages, internet backbone failures);</li>
<li>Third-party service failures (Stripe, SendGrid, Twilio, Azure infrastructure outages outside our control);</li>
<li>Your actions or inactions, including misconfiguration, unauthorized access by your users, or exceeding plan limits;</li>
<li>Beta features or features explicitly labeled as experimental;</li>
<li>Free trial accounts.</li>
</ul>
</section>
<section id="sla-8" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">8. Data Backup &amp; Recovery</h2>
<ul>
<li><strong>Backup frequency:</strong> Daily automated backups of all customer data.</li>
<li><strong>Retention:</strong> Backups retained for a minimum of 7 days.</li>
<li><strong>Recovery point objective (RPO):</strong> Up to 24 hours of data loss in a worst-case disaster scenario.</li>
<li><strong>Recovery time objective (RTO):</strong> We target restoration within 4 business hours of a confirmed data loss event requiring backup restoration.</li>
</ul>
<p class="small text-muted">
You are responsible for maintaining your own independent backups of critical business data.
Use the Data Export feature (Settings &rsaquo; Data Export) to download your data at any time.
</p>
</section>
<section id="sla-9" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">9. Claiming Service Credits</h2>
<p>
To claim a service credit, email <a href="mailto:support@powdercoatinglogix.com">support@powdercoatinglogix.com</a>
within <strong>30 days</strong> of the end of the calendar month in which the downtime occurred. Include:
</p>
<ol>
<li>Your company name and account email;</li>
<li>The dates and times of the downtime you experienced;</li>
<li>A brief description of the impact on your business.</li>
</ol>
<p>
We will review your request and respond within 5 business days. Approved credits will be applied to your
next invoice.
</p>
</section>
<section id="sla-10" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">10. Changes to This SLA</h2>
<p>
We may update this SLA at any time with at least <strong>30 days' written notice</strong> before any
reduction in commitments takes effect. Improvements to the SLA may take effect immediately. Continued use
of the Service after the effective date of a revised SLA constitutes your acceptance of the changes.
</p>
</section>
<hr />
<p class="text-muted small text-center mt-4">
&copy; @DateTime.UtcNow.Year Powder Coating Logix &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="TermsOfService" class="text-decoration-none">Terms of Service</a> &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="Privacy" class="text-decoration-none">Privacy Policy</a>
</p>
</div>
src/PowderCoating.Web/Views/Home/TermsOfService.cshtml
+461
View File
@@ -0,0 +1,461 @@
@{
ViewData["Title"] = "Terms of Service";
Layout = "~/Views/Shared/_Layout.cshtml";
}
<div class="container py-5" style="max-width:860px">
<h1 class="h3 fw-bold mb-1">Terms of Service</h1>
<p class="text-muted small mb-4">Effective Date: April 9, 2026 &nbsp;&middot;&nbsp; Last Updated: April 9, 2026</p>
<div class="alert alert-permanent alert-info d-flex gap-2 mb-4" role="alert">
<i class="bi bi-info-circle-fill flex-shrink-0 mt-1"></i>
<div>
Please read these Terms of Service carefully before using Powder Coating Logix. By creating an account
or using the Service you agree to be bound by these terms. If you do not agree, do not use the Service.
</div>
</div>
<nav class="mb-5">
<p class="fw-semibold mb-2 small text-muted text-uppercase" style="letter-spacing:.05em">Contents</p>
<ol class="small ps-3">
<li><a href="#section-1" class="text-decoration-none">Definitions</a></li>
<li><a href="#section-2" class="text-decoration-none">Acceptance of Terms</a></li>
<li><a href="#section-3" class="text-decoration-none">Description of Service</a></li>
<li><a href="#section-4" class="text-decoration-none">Account Registration &amp; Security</a></li>
<li><a href="#section-5" class="text-decoration-none">Subscriptions, Fees &amp; Payment</a></li>
<li><a href="#section-6" class="text-decoration-none">Free Trials</a></li>
<li><a href="#section-7" class="text-decoration-none">Acceptable Use</a></li>
<li><a href="#section-8" class="text-decoration-none">Intellectual Property</a></li>
<li><a href="#section-9" class="text-decoration-none">Your Data</a></li>
<li><a href="#section-10" class="text-decoration-none">Confidentiality</a></li>
<li><a href="#section-11" class="text-decoration-none">Third-Party Services</a></li>
<li><a href="#section-12" class="text-decoration-none">Disclaimer of Warranties</a></li>
<li><a href="#section-13" class="text-decoration-none">Limitation of Liability</a></li>
<li><a href="#section-14" class="text-decoration-none">Indemnification</a></li>
<li><a href="#section-15" class="text-decoration-none">Termination</a></li>
<li><a href="#section-16" class="text-decoration-none">Dispute Resolution &amp; Governing Law</a></li>
<li><a href="#section-17" class="text-decoration-none">Changes to These Terms</a></li>
<li><a href="#section-18" class="text-decoration-none">General Provisions</a></li>
<li><a href="#section-19" class="text-decoration-none">Contact Us</a></li>
</ol>
</nav>
<hr class="mb-5" />
<!-- 1 -->
<section id="section-1" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">1. Definitions</h2>
<p>As used in these Terms:</p>
<ul>
<li><strong>"Agreement"</strong> means these Terms of Service together with any Order Form, subscription confirmation, or other documents incorporated by reference.</li>
<li><strong>"Company," "we," "us," or "our"</strong> means Powder Coating Logix and its affiliates, successors, and assigns.</li>
<li><strong>"Customer," "you," or "your"</strong> means the business entity or individual who registers for and uses the Service.</li>
<li><strong>"Service"</strong> means the Powder Coating Logix cloud-based software application, including all features, APIs, dashboards, mobile interfaces, and related documentation made available at <strong>powdercoatinglogix.com</strong> or via any associated URL.</li>
<li><strong>"User"</strong> means any individual authorized by you to access the Service under your account.</li>
<li><strong>"Customer Data"</strong> means all data, records, files, and content submitted to the Service by you or your Users.</li>
<li><strong>"Subscription Plan"</strong> means the tier of Service you have purchased, as described on our pricing page or order form.</li>
</ul>
</section>
<!-- 2 -->
<section id="section-2" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">2. Acceptance of Terms</h2>
<p>
By clicking "Create Account," accessing the Service, or otherwise indicating your acceptance, you represent
that (a) you have read and understood this Agreement; (b) you have authority to bind the Customer entity to
this Agreement; and (c) you agree to be bound by all terms herein. If you are accepting on behalf of a company
or other legal entity, you represent that you have the authority to bind that entity.
</p>
<p>
If you do not agree to these Terms, you may not access or use the Service.
</p>
</section>
<!-- 3 -->
<section id="section-3" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">3. Description of Service</h2>
<p>
Powder Coating Logix is a business management platform designed for powder coating shops. The Service includes
modules for job tracking, quoting, invoicing, customer management, inventory, equipment maintenance, reporting,
and related functions as described in our current documentation.
</p>
<p>
We reserve the right to modify, update, or discontinue any feature of the Service at any time. We will make
commercially reasonable efforts to notify you of material changes that negatively affect your use of the Service.
</p>
</section>
<!-- 4 -->
<section id="section-4" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">4. Account Registration &amp; Security</h2>
<p>
To use the Service, you must register for an account and provide accurate, complete, and current information.
You are responsible for:
</p>
<ul>
<li>Maintaining the confidentiality of your account credentials;</li>
<li>All activity that occurs under your account, whether authorized by you or not;</li>
<li>Promptly notifying us at <strong>support@powdercoatinglogix.com</strong> of any unauthorized use of your account or any security breach.</li>
</ul>
<p>
You may not share login credentials between Users. Each User must have their own unique login. We are not
liable for any loss or damage arising from your failure to comply with these obligations.
</p>
<p>
We reserve the right to suspend or terminate any account that we reasonably believe has been compromised or
used in violation of this Agreement.
</p>
</section>
<!-- 5 -->
<section id="section-5" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">5. Subscriptions, Fees &amp; Payment</h2>
<h6 class="fw-semibold mt-3">5.1 Subscription Plans</h6>
<p>
The Service is offered on a subscription basis. Your chosen Subscription Plan, billing cycle (monthly or
annual), and applicable fees are confirmed at sign-up and may change upon renewal with prior notice.
</p>
<h6 class="fw-semibold mt-3">5.2 Payment</h6>
<p>
All fees are billed in advance via our payment processor (Stripe). You authorize us to charge your payment
method on file for all applicable fees. If a payment fails, we may suspend your access to the Service after
a reasonable grace period and reasonable notification attempts.
</p>
<h6 class="fw-semibold mt-3">5.3 Price Changes</h6>
<p>
We may adjust pricing with at least <strong>30 days' written notice</strong> before your next billing cycle.
Continued use of the Service after a price change takes effect constitutes your acceptance of the new price.
</p>
<h6 class="fw-semibold mt-3">5.4 Refund Policy</h6>
<p>
All fees are non-refundable except as required by applicable law or as expressly stated in a written agreement
with us. Unused portions of a prepaid subscription term are not refunded upon cancellation or termination.
</p>
<h6 class="fw-semibold mt-3">5.5 Taxes</h6>
<p>
You are responsible for all applicable taxes, levies, or duties imposed by any governmental authority on your
subscription fees. We will charge tax where required by law.
</p>
</section>
<!-- 6 -->
<section id="section-6" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">6. Free Trials</h2>
<p>
We may offer a free trial period as described at sign-up. At the end of the trial, you will be automatically
billed for your selected Subscription Plan unless you cancel before the trial ends. We reserve the right to
modify or terminate free trial offers at any time and without notice.
</p>
<p>
Customer Data entered during a free trial may be permanently deleted if you do not convert to a paid plan.
</p>
</section>
<!-- 7 -->
<section id="section-7" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">7. Acceptable Use</h2>
<p>You agree not to use the Service to:</p>
<ul>
<li>Violate any applicable law, regulation, or third-party rights;</li>
<li>Transmit unlawful, harmful, fraudulent, defamatory, or offensive content;</li>
<li>Reverse engineer, decompile, disassemble, or attempt to derive the source code of the Service;</li>
<li>Attempt to gain unauthorized access to the Service, its servers, or any related systems;</li>
<li>Interfere with or disrupt the integrity or performance of the Service or any data contained therein;</li>
<li>Introduce any virus, worm, trojan, or other malicious code;</li>
<li>Use automated means (bots, scrapers) to access or collect data from the Service without prior written consent;</li>
<li>Resell, sublicense, or otherwise make the Service available to third parties without our written consent.</li>
</ul>
<p>
Violation of this section may result in immediate suspension or termination of your account without refund.
</p>
</section>
<!-- 8 -->
<section id="section-8" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">8. Intellectual Property</h2>
<h6 class="fw-semibold mt-3">8.1 Our Property</h6>
<p>
The Service, including all software, algorithms, user interfaces, designs, text, graphics, logos, and content
created by us, is and remains the exclusive property of Powder Coating Logix and its licensors. These Terms
do not grant you any ownership rights in the Service.
</p>
<h6 class="fw-semibold mt-3">8.2 License to Use</h6>
<p>
Subject to your compliance with this Agreement and timely payment of fees, we grant you a limited,
non-exclusive, non-transferable, revocable license to access and use the Service solely for your internal
business operations during your subscription term.
</p>
<h6 class="fw-semibold mt-3">8.3 Feedback</h6>
<p>
If you submit suggestions, ideas, or feedback about the Service, you grant us a perpetual, irrevocable,
worldwide, royalty-free license to use and incorporate that feedback without restriction or compensation to you.
</p>
</section>
<!-- 9 -->
<section id="section-9" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">9. Your Data</h2>
<h6 class="fw-semibold mt-3">9.1 Ownership</h6>
<p>
You retain all ownership rights to your Customer Data. We do not claim any intellectual property rights over
the data you submit to the Service.
</p>
<h6 class="fw-semibold mt-3">9.2 License to Host</h6>
<p>
You grant us a limited license to host, copy, transmit, and display your Customer Data solely as necessary
to operate and provide the Service to you.
</p>
<h6 class="fw-semibold mt-3">9.3 Accuracy</h6>
<p>
You are solely responsible for the accuracy, quality, and legality of your Customer Data and the means by
which you acquired it. We do not verify the accuracy of any data you enter.
</p>
<h6 class="fw-semibold mt-3">9.4 Backups</h6>
<p>
While we implement reasonable backup procedures, we do not guarantee that Customer Data will not be lost.
You are responsible for maintaining independent backups of your critical business data. We shall not be
liable for any loss of Customer Data.
</p>
<h6 class="fw-semibold mt-3">9.5 Data Deletion</h6>
<p>
Upon termination of your subscription, we may retain your Customer Data for up to 90 days to allow you to
export it. After that period, we may permanently delete all Customer Data associated with your account.
We will make reasonable efforts to notify you before deletion.
</p>
<h6 class="fw-semibold mt-3">9.6 Privacy</h6>
<p>
Our collection and use of personal information is governed by our <a asp-controller="Home" asp-action="Privacy">Privacy Policy</a>,
which is incorporated into this Agreement by reference.
</p>
</section>
<!-- 10 -->
<section id="section-10" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">10. Confidentiality</h2>
<p>
Each party agrees to keep confidential any non-public information disclosed by the other party that is
designated as confidential or that reasonably should be understood to be confidential given the nature of
the information and circumstances of disclosure. This obligation does not apply to information that:
</p>
<ul>
<li>Is or becomes publicly known through no breach of this Agreement;</li>
<li>Was rightfully known before receipt from the disclosing party;</li>
<li>Is independently developed without use of the confidential information; or</li>
<li>Is required to be disclosed by law or court order, provided the receiving party gives prompt prior written notice where permitted.</li>
</ul>
</section>
<!-- 11 -->
<section id="section-11" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">11. Third-Party Services</h2>
<p>
The Service integrates with third-party services including but not limited to Stripe (payment processing),
SendGrid (email delivery), Twilio (SMS), Microsoft Azure (cloud infrastructure), and Anthropic (AI features).
Your use of these integrations may be subject to the third-party's own terms and privacy policies.
</p>
<p>
We are not responsible for the availability, accuracy, or practices of any third-party service. We do not
endorse and are not liable for any third-party content, products, or services.
</p>
</section>
<!-- 12 -->
<section id="section-12" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">12. Disclaimer of Warranties</h2>
<div class="alert alert-permanent alert-warning d-flex gap-2" role="alert">
<i class="bi bi-exclamation-triangle-fill flex-shrink-0 mt-1"></i>
<div>
<p class="mb-2">
<strong>THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND.</strong>
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, POWDER COATING LOGIX AND ITS AFFILIATES,
OFFICERS, EMPLOYEES, AGENTS, SUPPLIERS, AND LICENSORS EXPRESSLY DISCLAIM ALL WARRANTIES, WHETHER
EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING BUT NOT LIMITED TO:
</p>
<ul class="mb-0">
<li>IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT;</li>
<li>WARRANTIES THAT THE SERVICE WILL MEET YOUR REQUIREMENTS OR BE AVAILABLE ON AN UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE BASIS;</li>
<li>WARRANTIES REGARDING THE ACCURACY, RELIABILITY, OR COMPLETENESS OF ANY CONTENT, DATA, OR RESULTS OBTAINED THROUGH THE SERVICE, INCLUDING ANY AI-GENERATED ESTIMATES OR RECOMMENDATIONS;</li>
<li>WARRANTIES THAT ANY ERRORS OR DEFECTS WILL BE CORRECTED.</li>
</ul>
</div>
</div>
<p class="mt-3">
AI-powered features (such as photo quoting, financial analysis, and scheduling suggestions) produce estimates
only. All AI-generated output must be reviewed and verified by a qualified human before being relied upon
for business decisions. We make no warranty as to the accuracy of any AI output.
</p>
</section>
<!-- 13 -->
<section id="section-13" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">13. Limitation of Liability</h2>
<div class="alert alert-permanent alert-warning d-flex gap-2" role="alert">
<i class="bi bi-exclamation-triangle-fill flex-shrink-0 mt-1"></i>
<div>
<p class="mb-2">
<strong>TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:</strong>
</p>
<p class="mb-2">
<strong>13.1 Exclusion of Consequential Damages.</strong> IN NO EVENT SHALL POWDER COATING LOGIX,
ITS AFFILIATES, DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE FOR ANY INDIRECT,
INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO
LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF BUSINESS, LOSS OF GOODWILL, LOSS OF DATA, LOSS OF
ANTICIPATED SAVINGS, OR COST OF SUBSTITUTE GOODS OR SERVICES, EVEN IF WE HAVE BEEN ADVISED OF
THE POSSIBILITY OF SUCH DAMAGES.
</p>
<p class="mb-2">
<strong>13.2 Cap on Liability.</strong> OUR TOTAL CUMULATIVE LIABILITY TO YOU FOR ALL CLAIMS
ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE SERVICE — WHETHER IN CONTRACT, TORT
(INCLUDING NEGLIGENCE), STRICT LIABILITY, OR OTHERWISE — SHALL NOT EXCEED THE GREATER OF:
(A) THE TOTAL FEES ACTUALLY PAID BY YOU TO US IN THE <strong>THREE (3) MONTHS</strong> IMMEDIATELY
PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR (B) ONE HUNDRED U.S. DOLLARS ($100.00).
</p>
<p class="mb-0">
<strong>13.3 Essential Basis.</strong> THE PARTIES ACKNOWLEDGE THAT THE LIMITATIONS OF LIABILITY
IN THIS SECTION REFLECT A REASONABLE ALLOCATION OF RISK AND ARE AN ESSENTIAL BASIS OF THE BARGAIN
BETWEEN THE PARTIES. WE WOULD NOT PROVIDE THE SERVICE WITHOUT THESE LIMITATIONS.
</p>
</div>
</div>
<p class="mt-3 small text-muted">
Some jurisdictions do not allow the exclusion or limitation of incidental or consequential damages, so the
above limitations may not apply to you to the extent prohibited by applicable law.
</p>
</section>
<!-- 14 -->
<section id="section-14" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">14. Indemnification</h2>
<p>
You agree to defend, indemnify, and hold harmless Powder Coating Logix, its affiliates, officers, directors,
employees, and agents from and against any and all claims, damages, losses, costs, and expenses (including
reasonable attorneys' fees) arising out of or relating to:
</p>
<ul>
<li>Your use of the Service in violation of this Agreement;</li>
<li>Your Customer Data, including any claim that your Customer Data infringes or misappropriates any third-party intellectual property or privacy rights;</li>
<li>Your violation of any applicable law or regulation;</li>
<li>Any dispute between you and a third party, including your own customers.</li>
</ul>
<p>
We reserve the right to assume exclusive control of the defense of any matter subject to indemnification
by you, in which case you will cooperate with us in asserting any available defenses.
</p>
</section>
<!-- 15 -->
<section id="section-15" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">15. Termination</h2>
<h6 class="fw-semibold mt-3">15.1 By You</h6>
<p>
You may cancel your subscription at any time through your account settings or by contacting us at
<strong>support@powdercoatinglogix.com</strong>. Cancellation takes effect at the end of the current
billing period. No refunds are issued for the remaining portion of the billing period.
</p>
<h6 class="fw-semibold mt-3">15.2 By Us</h6>
<p>
We may suspend or terminate your access to the Service immediately, with or without notice, if:
</p>
<ul>
<li>You breach any provision of this Agreement and fail to cure the breach within 10 days of written notice;</li>
<li>You fail to pay any fees when due;</li>
<li>We reasonably believe your use of the Service poses a security risk or legal liability;</li>
<li>We are required to do so by law or regulation; or</li>
<li>We discontinue the Service.</li>
</ul>
<h6 class="fw-semibold mt-3">15.3 Effect of Termination</h6>
<p>
Upon termination, your right to access and use the Service ceases immediately. Sections that by their nature
should survive termination (including Sections 8, 9.4, 12, 13, 14, and 16) shall survive.
</p>
</section>
<!-- 16 -->
<section id="section-16" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">16. Dispute Resolution &amp; Governing Law</h2>
<h6 class="fw-semibold mt-3">16.1 Governing Law</h6>
<p>
This Agreement shall be governed by and construed in accordance with the laws of the State of
<strong>NC</strong>, without regard to its conflict-of-law principles.
</p>
<h6 class="fw-semibold mt-3">16.2 Informal Resolution</h6>
<p>
Before filing any formal legal action, the parties agree to attempt to resolve any dispute informally by
contacting us at <strong>legal@powdercoatinglogix.com</strong>. We will try to resolve the dispute within
30 days of receiving written notice.
</p>
<h6 class="fw-semibold mt-3">16.3 Binding Arbitration</h6>
<p>
If informal resolution fails, any dispute, claim, or controversy arising out of or relating to this Agreement
or the Service shall be resolved by binding arbitration administered by the American Arbitration Association
(AAA) under its Commercial Arbitration Rules, with the arbitration conducted in
<strong>Clayton, NC</strong>. The arbitrator's decision shall be final and binding and may be entered
as a judgment in any court of competent jurisdiction.
</p>
<h6 class="fw-semibold mt-3">16.4 Class Action Waiver</h6>
<p>
<strong>YOU AND POWDER COATING LOGIX AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN AN
INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE
ACTION.</strong> No arbitration or proceeding shall be joined with another without the written consent
of all parties.
</p>
<h6 class="fw-semibold mt-3">16.5 Exceptions</h6>
<p>
Either party may seek emergency injunctive or other equitable relief in a court of competent jurisdiction
to prevent actual or threatened infringement, misappropriation, or violation of intellectual property rights
or confidential information without first undergoing the arbitration process.
</p>
</section>
<!-- 17 -->
<section id="section-17" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">17. Changes to These Terms</h2>
<p>
We may update these Terms at any time. When we make material changes, we will notify you by email (to the
address on file), by posting a notice in the Service, or by both. The updated Terms will display a new
"Last Updated" date at the top. Your continued use of the Service after the effective date of any updated
Terms constitutes your acceptance of those changes.
</p>
<p>
If you do not agree with any updated Terms, you must stop using the Service and cancel your subscription
before the effective date.
</p>
</section>
<!-- 18 -->
<section id="section-18" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">18. General Provisions</h2>
<ul>
<li><strong>Entire Agreement.</strong> This Agreement constitutes the entire agreement between the parties regarding its subject matter and supersedes all prior agreements, representations, and understandings.</li>
<li><strong>Severability.</strong> If any provision of this Agreement is found to be unenforceable, the remaining provisions will remain in full force and effect.</li>
<li><strong>Waiver.</strong> Our failure to enforce any right or provision of this Agreement will not be deemed a waiver of such right or provision.</li>
<li><strong>Assignment.</strong> You may not assign or transfer this Agreement or any rights hereunder without our prior written consent. We may assign this Agreement in connection with a merger, acquisition, or sale of all or substantially all of our assets.</li>
<li><strong>Force Majeure.</strong> Neither party shall be liable for delays or failures in performance resulting from causes beyond its reasonable control, including acts of God, natural disasters, war, terrorism, civil unrest, labor disputes, or failures of third-party infrastructure providers.</li>
<li><strong>Notices.</strong> Legal notices to us must be sent to <strong>legal@powdercoatinglogix.com</strong>. We may send notices to the email address associated with your account.</li>
<li><strong>No Third-Party Beneficiaries.</strong> This Agreement is for the sole benefit of the parties and does not create any third-party beneficiary rights.</li>
<li><strong>Relationship of the Parties.</strong> The parties are independent contractors. Nothing in this Agreement creates an employment, partnership, joint venture, or agency relationship.</li>
</ul>
</section>
<!-- 19 -->
<section id="section-19" class="mb-5">
<h2 class="h5 fw-bold border-start border-primary border-3 ps-3 mb-3">19. Contact Us</h2>
<p>
If you have any questions about these Terms, please contact us:
</p>
<address class="ps-3">
<strong>Powder Coating Logix</strong><br />
Email: <a href="mailto:legal@powdercoatinglogix.com">legal@powdercoatinglogix.com</a><br />
Support: <a href="mailto:support@powdercoatinglogix.com">support@powdercoatinglogix.com</a><br />
Website: <a href="http://www.powdercoatinglogix.com" target="_blank" rel="noopener noreferrer">www.powdercoatinglogix.com</a>
</address>
</section>
<hr />
<p class="text-muted small text-center mt-4">
&copy; @DateTime.UtcNow.Year Powder Coating Logix. All rights reserved. &nbsp;&middot;&nbsp;
<a asp-controller="Home" asp-action="Privacy" class="text-decoration-none">Privacy Policy</a>
</p>
</div>