Privacy policy

SourceFollow ("we", "our", "us") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information when you use our supplier relationship management platform.

1. Information we collect

When you create an account, we collect your email address and password (stored securely using industry-standard hashing). As you use SourceFollow, we store the data you provide: supplier information, product details, tasks, notes, and activity logs. We also collect basic usage analytics (page views, feature usage) to improve the product. We do not sell your data to third parties.

2. How we use your information

We use your information to provide and improve SourceFollow's services. This includes: operating your account and delivering the CRM functionality you expect; sending essential service communications (password resets, security alerts, product updates); analyzing aggregate usage patterns to improve the product; and providing customer support when you reach out.

3. Data storage and security

Your data is stored on secure servers with encryption at rest and in transit. We use Supabase as our infrastructure provider, which maintains SOC 2 Type II compliance. Access to production data is restricted to essential personnel. We perform regular security audits and maintain automated backups.

4. Data sharing

We do not sell, trade, or rent your personal information. We may share data only in these circumstances: with service providers who assist in operating SourceFollow (hosting, analytics), subject to confidentiality agreements; when required by law, regulation, or legal process; or to protect the rights, property, or safety of SourceFollow, our users, or the public.

5. Your rights

You have the right to: access the personal data we hold about you; correct inaccurate data; request deletion of your account and associated data; export your data in a standard format; and opt out of non-essential communications. To exercise any of these rights, contact us at privacy@sourcefollow.com.

6. Cookies and tracking

We use essential cookies to maintain your session and authentication state. We may use analytics cookies to understand how you use SourceFollow. You can control cookie preferences through your browser settings. We do not use third-party advertising cookies.

7. Data retention

We retain your data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes. Aggregate, anonymized data may be retained indefinitely for analytics purposes.

8. Changes to this policy

We may update this privacy policy from time to time. We will notify you of significant changes via email or an in-app notice. Continued use of SourceFollow after changes constitutes acceptance of the updated policy.