loginsignup →
‹ home
// privacy

Privacy Policy

Effective date: April 30, 2026

This Privacy Policy explains how Buyer24 collects, uses, stores, and shares personal information when you use our website, product, and related services.

1. Information we collect

  • Account information: email, name, profile fields, organization, timezone, and authentication metadata.
  • Procurement data: RFQs, supplier records, quotes, purchase orders, and the email threads that produced them.
  • Usage information: product actions, task history, logs, and performance/diagnostic events.
  • Communication data: support messages, inbound and outbound emails, and related metadata.
  • Integration data: tokens and metadata for connected third-party services you authorize (email providers, ERPs, storage).
  • Device and network data: IP address, user agent, and session/cookie identifiers.
  • Marketing identifiers: attribution identifiers such as _fbp and _fbc where applicable.
  • Billing data: saved payment method identifiers (stored by Stripe; we do not store full card numbers) and transaction records.
  • AI generation data: prompts, generated drafts and summaries, and associated metadata.

2. How we use information

  • Provide and secure the service, including authentication and account management.
  • Execute autonomous and user-triggered procurement workflows using your settings and connected tools.
  • Send outbound communications (RFQs, follow-ups, notifications) on your behalf or at your direction.
  • Generate AI content (drafts, summaries, comparisons) using third-party AI model providers.
  • Process billing and subscription operations through Stripe.
  • Monitor quality, prevent abuse, investigate incidents, and improve reliability.
  • Send service notices and product communications.
  • Measure marketing performance and attribution.

3. Why we process data

We process personal data where needed to:

  • Perform our contract with you (service delivery and support).
  • Comply with legal obligations.
  • Pursue legitimate business interests such as security, fraud prevention, and product improvement.
  • Operate marketing analytics and attribution as described in this policy and our Terms.

4. How we share information

We share data with service providers that help us operate the product (for example, hosting, payments, email delivery, analytics, and error monitoring). We may also disclose data when required by law, to enforce terms, or to protect rights and safety.

Specific data sharing includes:

  • AI model providers (Anthropic, OpenAI, Google). Prompts, tool context, and associated metadata are shared with AI model providers to execute agent tasks and generate content.
  • Email delivery and verification. Outbound email content and recipient addresses are shared with our delivery providers; email addresses may be shared with verification providers for deliverability checks.
  • Hosting and infrastructure. Cloud infrastructure providers process data on our behalf to operate the service.
  • Payments. Billing data is processed by Stripe.
  • Suppliers you contact. Outbound RFQs and follow-ups are delivered to the supplier addresses you specify; the content of those messages becomes part of the recipient's mail system.

5. Cookies and tracking

We use cookies and similar technologies for session security, product functionality, and marketing attribution. Details are in our Cookie Policy.

6. Data retention

  • We keep account and operational records for as long as needed to provide the service.
  • If you delete your account, we apply a soft-delete period of up to 30 days before permanent deletion, unless longer retention is required by law or legitimate security/accounting needs.
  • AI-generated content: drafts, summaries, and prompts are retained until you delete them or your account is terminated, plus the soft-delete period.
  • We may retain de-identified or aggregated data that does not identify you.

7. Security

We use technical and organizational safeguards designed to protect personal data, including:

  • OAuth tokens and service credentials encrypted using AES-256-GCM before storage.
  • Encryption in transit (TLS 1.3+) and at rest (AES-256).
  • Role-based access control (RBAC) and isolated workspaces per organization.
  • Single sign-on (SSO) support via SAML 2.0.
  • Payment processing handled entirely by Stripe; we do not store card numbers.
  • Regular security audits and full audit logs of data access and modifications.

No method of storage or transmission is perfectly secure, so absolute security is not guaranteed.

8. Your choices and rights

  • Access and update profile information in-product where available.
  • Request account deletion from your settings page or by contacting us.
  • Unsubscribe from non-essential marketing emails using unsubscribe links.
  • Manage browser cookie settings and tracking preferences.
  • Export your data in a machine-readable format.

To make a privacy request, contact privacy@buyer24.ai from the email associated with your account.

9. US state privacy rights

If you are a resident of a US state with applicable privacy legislation (such as California, Colorado, Connecticut, Virginia, or similar), you may have additional rights including the right to access, correct, or delete your personal information, and the right to opt out of certain data sharing.

We do not sell personal information. We do not use personal information for targeted advertising beyond the marketing attribution described in this policy.

To exercise your rights, contact privacy@buyer24.ai. We will respond within the timeframes required by applicable law.

10. International data transfers

Buyer24 and its providers may process data in countries outside your residence. We use contractual and operational safeguards (including Standard Contractual Clauses for EU data transfers) designed to protect transferred personal data.

11. Children

Buyer24 is not intended for individuals under 18, and we do not knowingly collect data from children.

12. Changes to this policy

We may update this Privacy Policy. The effective date above indicates the current version. Continued use of the service after updates means the updated policy applies.

13. Contact

Privacy inquiries: privacy@buyer24.ai

General support: contact@buyer24.ai

Policy version: 2026-04-30