Privacy Policy
Last updated: 6/3/2026
1. Data we collect
- Account data: email, display name, plan.
- Risk check inputs: supplier names, websites, payment methods, communication channels and similar signals you submit.
- Scam reports: supplier details and descriptions you submit.
- Verification requests: contact email, factory location, product category, goals.
- Usage data: pages visited, timestamps, IP-derived country, device type.
2. How we use it
To operate the Service, generate risk assessments, improve our pattern library, fulfil verification requests, send service notifications, and comply with legal obligations.
3. Legal bases (GDPR)
Contractual necessity (delivering the Service), legitimate interest (improving the platform and preventing fraud), and consent (where required, e.g. marketing emails).
4. Sharing
We share data with infrastructure providers that process data on our behalf (database, hosting, email, payments). We do not sell personal data. Submitted scam reports may be displayed publicly in aggregated, anonymised form.
5. Retention
Account and assessment data is retained while your account is active and for up to 24 months thereafter, unless a longer retention period is required by law.
6. Your rights
Depending on where you live, you may have the right to access, correct, delete, export or restrict the processing of your personal data. To exercise these rights, email privacy@sourcingshield.org.
7. Security
We use industry-standard encryption in transit and at rest, role-based access controls, and row-level security on all user data.
8. International transfers
Our infrastructure may process data outside your country of residence. Where required, we rely on standard contractual clauses.