Privacy Policy

1. Introduction

Faktorist ("we", "our", or "us") operates a B2B trade platform connecting buyers and suppliers worldwide. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our platform and any of its modules.

By accessing or using Faktorist, you agree to this Privacy Policy. If you do not agree, please do not access the platform. Questions? Email sofiia@faktorist.com.

2. Information We Collect

2.1 Account & Profile Data

• Name, email address, phone number, business address
• Company name, registration number, VAT/tax ID
• Account role (Buyer, Supplier, Logistics Partner)
• Profile photo and company description
• Certifications, trade licences, and verification documents

2.2 Trade Activity Data

• RFQ submissions, quotation responses, and inquiry messages
• Tender postings, sealed bids, and award decisions
• Group Buying pool memberships and quantity commitments
• CRM notes, saved suppliers, and lead pipeline data
• Logistics partner contact requests (no commission tracked)
• Saved products, search queries, and supplier view history
• Export Academy course progress and completions

2.3 Blockchain & Wallet Data

• FTR token balance and transaction history (on-chain and off-chain)
• Staking records and reward distributions
• Wallet address linked to your account

2.4 Automatically Collected Data

• Device information (browser type, operating system, device ID)
• IP address and approximate location
• Usage logs (pages visited, features used, time on page)
• Search log data used to power the Buyers Intent Feed (anonymised)
• Cookies and similar tracking technologies (see Cookie Policy)

3. How We Use Your Information

We use collected information to:

• Provide and maintain all platform services and modules
• Match buyers with suppliers using Sofiia AI and search data
• Process RFQs, tenders, and group buy pool memberships
• Generate anonymised "Buyers Intent Feed" signals for suppliers (no individual buyer is identified)
• Manage FTR token rewards, staking, and wallet transactions
• Send service notifications (RFQ responses, tender deadlines, MOQ threshold alerts)
• Calculate and display the Category Leader Badge for top-performing suppliers
• Improve AI matching accuracy through aggregated usage patterns
• Prevent fraud, verify identity, and ensure platform security
• Send marketing communications (with explicit opt-in consent only)
• Comply with legal and regulatory obligations

4. Information Sharing

We share your information only as follows:

• Buyers ↔ Suppliers: When an RFQ is submitted, the buyer's company name, contact, and product requirements are shared with the receiving supplier.
• Tender Board: Sealed bids are not visible to other bidders or to the buyer until the tender deadline passes. After award, bid data is accessible to the awarded supplier and the buyer only.
• Group Buying: Your participation quantity is visible to the group buy organiser. Your individual identity is not shared with other pool participants.
• Logistics Hub: Contact requests to freight forwarders are direct. Faktorist does not store or share these communications.
• Service Providers: Trusted processors (hosting, payments, analytics) under data processing agreements.
• Legal Requirements: When required by law, court order, or to protect the rights, property, or safety of Faktorist or others.

We never sell your personal information to third parties.

5. Data Security

We protect your data with:

• TLS/SSL encryption for all data in transit
• Encrypted storage for sensitive fields (passwords, keys)
• Role-based access controls — employees access only what they need
• Regular security reviews and penetration testing
• Blockchain transparency for FTR wallet operations

6. Your GDPR Rights

If you are in the EU/EEA, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your account and data
• Portability: Receive your data in a machine-readable format
• Restriction: Restrict certain processing activities
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Opt out of marketing at any time

To exercise any right, email sofiia@faktorist.com. We respond within 30 days.

7. Data Retention

We retain data as follows:

• Active account data: retained while your account is active
• RFQ and tender records: 5 years (trade documentation obligations)
• Search log data (for Buyers Intent): 14 days rolling window, then aggregated/anonymised
• Blockchain/FTR transactions: permanently on-chain (immutable by design)
• Internal CRM notes: retained until you delete them or close your account
• Deleted accounts: anonymised within 30 days; legal records retained per applicable law

8. International Data Transfers

Faktorist is based in Italy (EU). Data may be processed by service providers outside the EU/EEA under Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring GDPR-level protection.

9. Children's Privacy

Faktorist is a B2B platform intended solely for businesses and professionals aged 18 or older. We do not knowingly collect data from minors. If we discover we have done so, we will delete the data immediately.

10. Cookies

We use cookies for authentication, analytics, and platform functionality. For details on what cookies we use and how to manage them, see our Cookie Policy.

11. Changes to This Policy

We may update this Privacy Policy when we add new features (e.g. Escrow, eCustoms, Factoring). Material changes will be communicated via email or an in-platform notice. The "Last updated" date at the top of this page reflects the most recent revision.

12. Contact

Data Controller: Faktorist S.r.l., Italy

Email: sofiia@faktorist.com