Chaperon Supply
Login

Privacy Policy

Last updated: April 6, 2026

This Privacy Policy explains how Chaperon Co., Ltd. (“Chaperon Supply”, “we”, “us”) collects, uses, and shares personal data when you use our services.

Entity: Chaperon Co., Ltd. Location: Hong Kong Contact: privacy@chaperon.supply

1) What we collect

  • Account information: email address, username/name, password (stored as a hash), account type and membership tier/status.
  • Product usage: actions you take in the product (for example, viewing or saving sourcing comparisons). We record these as first‑party analytics events in our database.
  • Payments: Stripe customer/subscription identifiers and payment metadata needed to provide subscriptions and verification payments. We do not store full card details; Stripe handles card processing.
  • User-submitted content: information you submit in forms (e.g., suspected scam reports, factory verification requests) and any files you upload as evidence.
  • Communications: messages you send to us (for example, support and operational emails).

2) How we use personal data

  • Provide and operate the service: authentication, search, saved items, verification request workflows, and account management.
  • Trust & safety: prevent abuse, investigate suspicious activity, and maintain platform integrity.
  • Improve the product: understand feature usage and performance using first‑party analytics.
  • Communications: send transactional emails (e.g., email verification) via Resend.
  • Legal compliance: comply with applicable laws, respond to lawful requests, and enforce our terms.

3) Legal bases (EEA/UK users)

If you are in the EEA/UK, we rely on one or more of these legal bases: performing our contract with you; our legitimate interests (such as security and service improvement); your consent where required (for example, for non-essential tracking if we add it in the future); and compliance with legal obligations.

4) Analytics and cookies

Today, our analytics are primarily first‑party: we record certain in‑product actions as events in our own database (e.g., when a sourcing comparison is viewed or saved).

Our site also uses cookies that are necessary for core functionality (for example, security and session handling). If we introduce additional analytics technologies in the future, we will update this policy and (where required) provide choices and controls.

5) How we share data

  • Service providers: we use vendors to run the service, including Stripe for payments and Resend for transactional email delivery.
  • Public/community information: some user-submitted reports may be displayed to other users after review (for example, suspected scam reports marked open/resolved). We aim to minimize personal data in what we publish.
  • Legal: we may disclose information if required by law or to protect rights, safety, and security.

6) International transfers

We are based in Hong Kong and may process or store data in other jurisdictions (for example, where our service providers operate). Where required, we use appropriate safeguards for cross‑border transfers.

7) Data retention

We keep personal data only as long as necessary for the purposes described above. Our current retention approach includes:

  • First‑party analytics events: retained for up to 12 months, then deleted.
  • Verification requests and outcomes: retained as part of product records and trust/safety history, with efforts to minimize personal data.
  • Suspected scam reports: retained as product records; corrections/removals may be handled with verifiable evidence.
  • Uploaded files: retained as needed for review, evidence, and product records; we may remove or anonymize files where appropriate.

8) Your rights

  • Access/correction: request access to or correction of your personal data.
  • Deletion: request deletion of personal data, subject to legal and operational requirements.
  • Objection/restriction (EEA/UK): object to processing or request restriction in certain circumstances.
  • Withdraw consent (EEA/UK): where we rely on consent, you can withdraw it at any time.

To exercise rights, contact privacy@chaperon.supply.

9) Security

We use reasonable technical and organizational measures designed to protect personal data. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security.

10) Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the effective date where appropriate.