S
SCM·Edge Suite

Privacy Policy

Last updated: 14 June 2026

1. Scope

This Privacy Policy explains how SCM·Edge Suite ("we") collects, uses, discloses and protects personal data when operating the SCM·Edge Suite platform (the "Service"). Customers act as data controller for their workspace; we act as data processor.

2. Data we process

  • Account data: name, email, role, workspace membership.
  • Operational data: suppliers, customers, products, orders, shipments, invoices and related supply-chain records you submit.
  • Communications: WhatsApp / Telegram / SMS / USSD interactions routed through the platform.
  • Telemetry: audit logs, error traces, API request logs, and rate-limit counters used for security and SLOs.

3. How we use data

  • To deliver, secure and improve the Service.
  • To enforce row-level security and tenant isolation.
  • To detect abuse, fraud, sanctions or AML risk.
  • To provide AI-assisted features (HS classification, anomaly triage, dunning drafts, etc.).
  • To send transactional notifications and, with consent, marketing communications.

4. Subprocessors

We use a limited set of subprocessors for hosting, database, AI inference, email and messaging. A current list is available on request and described in the DPA.

5. Data residency

Workspace owners can select a preferred data region on the Workspace page. Best-effort residency is applied to primary storage; certain global services (CDN, fraud signals) may process metadata outside that region.

6. Retention

Operational data is retained while the workspace is active and for up to 90 days after termination, unless a longer period is required by law. Telemetry is retained for a rolling 90-day window.

7. Security

Data is encrypted in transit (TLS) and at rest. Access is gated by role-based access control, row-level security, signed API keys, idempotency keys and HMAC-signed webhooks.

8. Your rights

Subject to applicable law, individuals may request access, correction, deletion or export of their personal data. End-user requests should be directed to the Customer operating the workspace; we will assist Customers in responding.

9. Cookies and local storage

The Service uses cookies and browser local storage strictly necessary for authentication, session continuity, language and theme preferences. No third-party advertising cookies are set.

10. Contact

Privacy questions: privacy@scmedge.example.