Privacy Policy

We collect the following types of information:

• Account Information: Name, email address, phone number, company name, job title, and business type provided during registration.
• Usage Data: Information about how you interact with the Service, including EDI transaction logs, file processing records, and feature usage.
• Technical Data: IP address, browser type, device information, and access timestamps collected automatically.
• Payment Information: Billing details processed securely through Stripe. We do not store full credit card numbers on our servers.

• To provide, maintain, and improve the Service;
• To process transactions and send related notifications;
• To respond to support requests and communicate with you;
• To detect, prevent, and address technical issues and security threats;
• To comply with legal obligations and enforce our Terms of Service.

We do not sell your personal information. We may share information with:

• Service providers who assist in operating the platform (hosting, payment processing, email delivery);
• Law enforcement or regulatory authorities when required by law;
• Professional advisors (legal, accounting) as necessary for business operations.

For a complete list of our sub-processors, see Section 7 below or our Data Processing Agreement.

We implement industry-standard security measures including encryption in transit (TLS), encrypted storage, access controls, and regular security assessments. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

We retain your data for as long as your account is active or as needed to provide the Service. EDI transaction data is retained according to your plan’s retention period (14 to 365 days). Account data is retained for a reasonable period after termination for legal and operational purposes.

You have the right to:

• Access and receive a copy of your personal data;
• Request correction of inaccurate information;
• Request deletion of your account and associated data;
• Object to or restrict certain processing of your data.

To exercise these rights, contact us at support@signaledi.com.

• SignalEDI uses AI models (powered by OpenAI) to provide automated support, sales assistance, and technical diagnostics.
• Conversations with AI agents are processed to generate responses and may be stored for service improvement.
• AI models do not retain conversation data after processing; conversation logs are stored in SignalEDI’s database.
• Protected Health Information (PHI) is never used for AI model training; de-identification is applied per the HIPAA Safe Harbor method when analytics are performed.
• Client can request deletion of AI conversation history by contacting support@signaledi.com.

• Data is primarily stored and processed in the United States (Vercel edge network, Neon PostgreSQL in US-East).
• For EU, UK, and Swiss data subjects, international transfers are protected by Standard Contractual Clauses (EU Commission Decision 2021/914).
• Clients may request execution of Standard Contractual Clauses by contacting support@signaledi.com.

SignalEDI uses the following sub-processors, each bound by data processing agreements:

• Vercel — Hosting and CDN
• Neon — Database (PostgreSQL)
• Stripe — Payment processing
• Resend — Email delivery
• Upstash — Redis caching
• OpenAI — AI processing

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: You may request information about what personal information we collect, use, disclose, and sell.
• Right to Delete: You may request deletion of your personal information.
• Right to Opt-Out of Sale: We do not sell personal information. No opt-out is necessary.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, email support@signaledi.com.

We may update this Privacy Policy from time to time. We will notify registered users of material changes. Your continued use of the Service after changes constitutes acceptance of the updated policy.

For questions about this Privacy Policy, contact us at support@signaledi.com.