Privacy Policy

1. Introduction

Supply Router ("we," "us," or "our") operates the website at supplyrouter.com and any associated applications (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not access the Service. This Privacy Policy works alongside our Terms of Service to form the complete agreement governing your use of the Service.

Where we have a Customer Service Agreement or Data Processing Addendum in place with your organization, those agreements take precedence in the event of any conflict with this policy.

2. Definitions

• Personal Data: Any information that identifies, relates to, or could reasonably be linked to a living individual.
• Usage Data: Information collected automatically when you use the Service, such as pages visited and time spent.
• Data Controller: Supply Router, which determines the purposes and means of processing Personal Data.
• Data Processor / Service Provider: Any third party that processes data on our behalf.
• User: The individual using our Service.

3. Information We Collect

a. Information You Provide

We may collect information you voluntarily provide to us, including:

• Account registration data (name, email address, company name, job title)
• Supplier and procurement data you input into the platform (quotes, purchase orders, supplier contacts, product details)
• Communications you send to us via email, support tickets, or contact forms
• Marketing communication preferences

b. Automatically Collected Information

When you access our Service, we may automatically collect certain information, including:

• Device information (operating system, browser type, IP address, device identifiers)
• Usage data (pages viewed, features used, links clicked, time spent, session information)
• Referral source and navigation paths

c. Cookies and Similar Technologies

We may use cookies and similar tracking technologies to operate and improve the Service. These include session cookies necessary for functionality, preference cookies to remember your settings, and security cookies for protection. You can configure your browser to refuse cookies, though this may limit certain features of the Service.

4. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, operate, and maintain the Service
• To authenticate users and manage account access
• To facilitate procurement activities on the platform
• To send service-related notifications, including technical and security notices
• To respond to your inquiries and provide customer support
• To analyze usage patterns and improve the Service
• To detect, prevent, and address fraud or security issues
• To send marketing communications where permitted (you may opt out at any time)
• To comply with legal obligations
• To fulfill any other purpose disclosed to you with your consent

For users in the EEA, UK, and Switzerland, we process Personal Data under the following legal bases: necessity for performing our contract with you, our legitimate business interests, and your consent where applicable.

5. Sharing of Information

We do not sell your personal information.

We may share your information with the following parties:

• Service Providers: Third-party companies that assist us in operating the Service. These providers access Personal Data only to perform tasks on our behalf and are obligated not to disclose or use it for other purposes.
• Platform Participants: If you use our supplier collaboration features, certain information may be shared with other platform participants (e.g., buyers and suppliers) as necessary to facilitate procurement activities.
• Legal Requirements: When required by law, regulation, legal process, or governmental request.
• Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the transaction.
• With Your Consent: For any other purpose disclosed to you with your consent.
• Safety and Protection: When we believe disclosure is necessary to protect the rights, property, or safety of Supply Router, our users, or the public.

6. Data Retention

We retain your Personal Data only for as long as necessary to fulfill the purposes described in this policy, maintain the security and operation of the Service, comply with legal obligations, and resolve disputes. Usage Data is generally retained for shorter periods unless needed for security improvements or legal compliance. When data is no longer needed, we delete or anonymize it.

7. Data Security

We employ technical, administrative, and physical safeguards designed to protect the Personal Data we collect. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

8. International Data Transfers

Your information, including Personal Data, may be transferred to and maintained on servers located outside your state, province, country, or other governmental jurisdiction where data protection laws may differ. If you are located outside the United States and choose to provide information to us, please note that we transfer data to the United States for processing.

Where legally required, we implement appropriate safeguards for international data transfers, including Standard Contractual Clauses approved by the European Commission.

9. Your Rights

Depending on your location, you may have certain rights regarding your Personal Data, including:

• Access: Request a copy of the Personal Data we hold about you.
• Correction: Request that we correct any inaccurate or incomplete data.
• Deletion: Request that we delete your Personal Data, subject to certain exceptions.
• Objection: Object to certain types of processing of your data.
• Restriction: Request that we restrict the processing of your data under certain conditions.
• Portability: Request a copy of your data in a structured, commonly used, and machine-readable format.
• Consent Withdrawal: Where processing is based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at stephanie@polymerlabs.org. We may need to verify your identity before processing your request. You also have the right to lodge a complaint with your local Data Protection Authority.

10. California Privacy Rights

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know what Personal Data we collect, access it, request correction, request deletion, and opt out of the sale or sharing of your Personal Data.

We do not sell your Personal Data. To exercise your California privacy rights, please contact us at stephanie@polymerlabs.org.

Under CalOPPA, we also confirm that users can visit our Service anonymously, our Privacy Policy link is accessible from our homepage, and users will be notified of any policy changes on this page.

11. Do Not Track

We honor Do Not Track signals. When a Do Not Track mechanism is active in your browser, we do not engage in tracking, plant cookies, or serve advertising.

12. Children's Privacy

Our Service is designed for business use and is not intended for individuals under the age of 18. We do not knowingly collect Personal Data from anyone under 18. If we discover that we have collected Personal Data from a minor, we will take steps to delete that information promptly.

13. Links to Other Sites

Our Service may contain links to third-party websites or services that are not operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last Updated" date at the top of this page and, where appropriate, providing additional notice. Your continued use of the Service after any changes constitutes your acceptance of the updated policy. We encourage you to review this Privacy Policy periodically.

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: stephanie@polymerlabs.org