Privacy Policy

We collect the categories of information described below so we can provide, secure, and improve the ChainsSignal platform.

The exact data collected depends on how you interact with the service — for example, whether you create an account, import supplier data, connect an integration, or simply visit the public website.

When you create an account or are added to a workspace, we collect identifiers needed to provision and secure access:

• Name and work email address
• Workspace, role, and permission assignments
• Authentication identifiers (hashed credentials, session tokens, SSO subject IDs where configured)
• Optional profile fields you provide, such as job title or team

You and your colleagues may import or connect operational data into your workspace, including:

• Supplier records, contacts, and tier relationships
• Bills of materials, parts, and material categories
• Shipment, route, and inventory data
• Compliance documents (certificates, attestations, and similar)
• Risk events, alerts, and overrides

This information is treated as customer content. It is processed on your behalf to deliver the service and is governed by your workspace agreement.

We collect technical and usage information to operate, secure, and improve the service:

• Device, browser, and operating system metadata
• IP address and approximate region
• Pages and features accessed, and timestamps of activity
• Performance, crash, and diagnostic telemetry

We use a small number of cookies and similar technologies to keep you signed in, remember your preferences, and understand aggregate product usage. You can control cookies through your browser settings; some essential cookies are required for the service to function.

• Provide, maintain, and secure the platform
• Authenticate users and enforce role-based permissions
• Generate risk scores, alerts, and recommendations from your data
• Diagnose issues, prevent abuse, and improve reliability
• Communicate with you about the service, including security and product updates
• Comply with legal obligations applicable to us

We do not sell personal information. We share information only as needed to operate the service or meet legal obligations:

• Service providers (hosting, infrastructure, monitoring, support) bound by confidentiality and data-protection terms
• Integrations you explicitly connect (ERP, TMS, messaging, enrichment), only to the extent required to operate them
• Legal authorities when compelled by valid legal process or to protect rights, safety, and security
• Successors in the event of a corporate transaction, with continued protection of customer content

The platform is designed with encryption in transit, encryption at rest, role-based access, and an audit log of write actions. See the Security page for an architectural overview.

No system is perfectly secure. We work to apply industry-recognized practices and to respond promptly to incidents we become aware of.

We retain customer content for the duration of your subscription and as required to deliver the service. You may request deletion or export of your workspace content subject to your agreement and applicable law.

Backups and audit records may be retained for additional periods to support recovery, security, and compliance obligations.

• Access, correct, or delete account information from your workspace settings
• Request a copy of customer content held on your behalf
• Configure or disconnect integrations at any time
• Contact us for assistance with any privacy request

For privacy questions or requests, contact us at legal@chainsignal.co.

ChainsSignal LLC