Kintah LLC

Privacy Policy

Effective Date: June 12, 2026

This Privacy Policy explains how Kintah Marketplace collects, uses, shares, retains, and protects personal and business information. It is designed to support data protection obligations, including rights commonly available under privacy laws such as GDPR, CCPA/CPRA, and other applicable rules.

For privacy inquiries, contact support@kintah.com.

1. Information We Collect

• Account data, including name, email, phone, role, login credentials, tenant, company, and seat information.
• Business data, including company profiles, factory details, trade references, buyer credentials, supplier records, and contact history.
• Product and compliance data, including SKUs, UPC/GTINs, ingredients, nutrition facts, certifications, labels, readiness scores, checklists, reviews, and uploaded documents.
• Supply chain data, including warehouses, inventory, batches, shipment plans, incoterms, ports, ETD/ETA, container or tracking references, costs, and proof documents.
• Commercial workflow data, including sample requests, quotes, buyer feedback, CRM opportunities, tasks, meeting notes, campaigns, marketing performance, and analytics records.
• Billing and subscription metadata, including plan, payment status, Stripe customer or subscription references, checkout session references, and invoice-related identifiers.
• Usage, security, device, log, support, contact, and communication data generated when you use or contact the platform.

2. How We Use Information

We use information to provide and improve services, verify accounts, enforce role permissions, support subscriptions, operate supplier and buyer workflows, process sample and shipment activity, generate readiness and compliance insights, deliver notifications, prevent fraud, maintain security, respond to support requests, meet legal obligations, and communicate operational or marketing messages where allowed.

3. Legal and Business Bases for Processing

Depending on your location and relationship with Kintah, processing may be based on contract performance, legitimate business interests, legal compliance, consent, protection of rights, security, fraud prevention, or fulfillment of marketplace and logistics obligations.

4. Sharing and Disclosure

We do not sell personal data. We may share information with service providers, payment processors, hosting providers, analytics tools, logistics partners, compliance reviewers, buyers, suppliers, distributors, account administrators, professional advisers, regulators, law enforcement, or transaction counterparties when needed to operate the platform, complete a workflow, comply with law, or protect rights.

5. Cross-Border Transfers

Marketplace and supply chain activity may involve parties in different countries. When information is transferred internationally, Kintah uses reasonable safeguards appropriate to the data, service, and applicable legal requirements.

6. Security

Kintah uses administrative, technical, and organizational safeguards such as access controls, role-based permissions, authentication, audit-oriented records, secure hosting practices, and operational controls. No system is perfectly secure, and users must protect credentials and restrict access to authorized seats.

7. Data Retention

We retain records for as long as needed to provide services, manage accounts, support disputes, satisfy audit, tax, trade, compliance, logistics, insurance, and legal obligations, resolve security issues, and enforce agreements. Records may be deleted, archived, or anonymized when no longer needed.

8. Your Privacy Rights

Depending on your location, you may request access, correction, deletion, portability, restriction, objection, or opt-out of certain communications or processing. Tenant administrators may manage seat users and company records. Some requests may be limited by legal, security, audit, trade, tax, dispute, or contractual obligations.

9. Marketing Communications

We may send product, service, or marketplace communications where permitted. You may opt out of marketing communications, but we may still send transactional, security, billing, legal, or operational notices.

10. Contact and Verification

Public contact submissions may require email verification before routing. Privacy requests should include enough information for us to verify your identity, tenant, company, and authority to act for the relevant organization.

11. Updates to This Policy

We may update this Privacy Policy as the platform, laws, service providers, or business workflows change. Continued use after an update means you acknowledge the revised policy.