Privacy Policy

Last updated: February 2026

Supply Pulse ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and services.

1. Information We Collect

Account Data

  • Full name and email address (provided during registration)
  • Password (stored securely using bcrypt hashing — we never store plain text passwords)
  • Language preference and report schedule settings
  • Subscription tier and payment identifiers (managed by Polar)

Supplier Data

  • Supplier information you enter: name, country, product category, lead time, COGS percentage, shipping routes, and dependencies
  • This is business data you voluntarily provide to generate risk reports

Automatically Collected Data

  • IP addresses are temporarily processed for rate limiting and security purposes (not stored permanently)
  • Cookies for authentication and language preferences (see Cookies section below)

2. How We Use Your Data

  • To create and manage your account
  • To generate AI-powered supply chain risk reports using the supplier data you provide
  • To send weekly report emails and password reset emails
  • To process subscription payments
  • To respond to support requests

3. Third-Party Services

We share limited data with the following third-party services to operate our platform:

  • AI Research ProviderYour supplier information (name, country, category) is sent to our AI research provider to generate risk analysis reports. No personal data (name, email) is shared with the AI provider.
  • ResendYour email address and name are used by Resend to deliver report emails, password reset emails, and support confirmations.
  • PolarYour email and subscription details are processed by Polar to manage payments and subscriptions.

4. Cookies

We use only essential and functional cookies:

  • next-auth.session-tokenEssential session cookie for authentication (expires after 7 days)
  • localeFunctional cookie to remember your language preference (expires after 1 year)

We do not use any tracking, advertising, or analytics cookies.

5. Data Retention

Your account data is retained as long as your account is active. When you delete your account (available in Settings), all personal data, supplier information, and report history are permanently deleted. IP addresses used for rate limiting are held in memory only and are not persisted.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right to access — request a copy of the data we hold about you
  • Right to correction — update inaccurate information in your account settings
  • Right to deletion — delete your account and all associated data
  • Right to data portability — request your data in a machine-readable format

You can delete your account at any time from the Settings page in your dashboard. To exercise other rights, contact us at support@supplypulse.net.

7. Data Security

We implement industry-standard security measures including password hashing (bcrypt), HTTPS encryption, Content Security Policy headers, rate limiting, and input validation. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. International Data Transfers

Our services are hosted on infrastructure that may process data in different geographic regions. By using Supply Pulse, you consent to the transfer and processing of your information in these locations.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our website. Your continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or your personal data, contact us at support@supplypulse.net