Legal

Privacy Policy

Last updated: 15 April 2026

1. Introduction

Welcome to ERPrime ("we," "us," or "our"). We are committed to protecting the privacy of our users ("you" or "your"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our factory operations and inventory management platform.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name, email address, and organization details. Authentication is handled through Supabase Auth using secure email/password flows.

2.2 Factory & Operational Data

The core purpose of ERPrime is to manage your factory operations. This includes orders, gate pass records, weighbridge data, inventory levels, production logs, laboratory test results, delivery records, lot tracking, and staff/attendance information. This data belongs to your organization and is scoped to your org and factory context.

2.3 Usage & Analytics Data

We may collect anonymized usage metrics such as pages visited, feature adoption, and session duration to improve the platform. We do not sell this data to third parties.

2.4 AI Interactions

If you use the ERPrime AI assistant, your queries and the AI responses are processed to provide answers scoped to your organization's data. Conversations are stored per-user and per-organization for your convenience. AI processing may involve third-party providers (e.g., OpenAI) under strict data processing agreements.

3. How We Use Your Information

  • To provide, maintain, and improve the ERPrime platform
  • To authenticate users and manage role-based access control
  • To process factory operations (orders, inventory, production, quality control)
  • To generate reports, dashboards, and AI-powered insights
  • To send service-related notifications and updates
  • To monitor and prevent fraud, unauthorized access, and abuse
  • To comply with legal obligations

4. Data Storage & Security

Your data is stored on Supabase infrastructure with industry-standard encryption at rest and in transit. We implement row-level security (RLS) policies to ensure data isolation between organizations. Access to production databases is restricted and audited.

5. Data Sharing

We do not sell your data. We may share data only in the following circumstances:

  • Service Providers: Infrastructure (Supabase, Vercel), AI processing (OpenAI) — all bound by data processing agreements
  • Legal Requirements: When required by law, regulation, or valid legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with prior notice)

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data in a portable format
  • Withdraw consent for optional data processing

You can exercise these rights through your Profile settings or by contacting us directly.

7. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. Preference cookies may be used to remember your language, theme, and table settings.

8. Data Retention

We retain your data for as long as your account is active and as needed to provide services. Organization data is retained per your subscription terms. When you delete your account, personal data is removed within 30 days, though anonymized analytics data may be retained.

9. Children's Privacy

ERPrime is a B2B platform not intended for use by children under 16. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date and, where appropriate, by email or in-app notification.

11. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at privacy@erprme.com.