Vendinav legal · Version 1.0
Privacy Notice
This Notice explains Vendinav’s information practices for the service, public workflow pages, and business contacts.
Effective July 16, 2026
1. Scope
This Notice applies to Vendinav’s United States business service, including authenticated workspaces, public invitation and token pages, shared rooms, email preferences, billing administration, and Support. Vendinav is not offered for consumer or household use.
2. Information we collect
- Account and company data: name, business email, company, role, authentication identifiers, invitation status, membership, and administrator-managed profile information.
- Vendor and business-contact data: Vendor name, contacts, email, phone, location, website, category, notes, and related directory records supplied by customers or gathered from public websites.
- Workflow content: jobs, RFQs, quotes, selections, Accepted Work and other statuses, messages, customer rooms, files, attachments, schedules, completion records, and workflow history.
- Service communications: company invitations, workflow email metadata, recipient-specific preference links, suppression choices, correction or takedown requests, and Support tickets and replies.
- Billing data: billing contacts, Stripe customer and subscription identifiers, invoices, payment status, and plan information. Stripe handles payment-card details for Vendinav subscription billing.
- Technical data: request metadata, IP address, browser and device information, timestamps, errors, security events, and operational logs.
3. Sources of information
We receive information from users, company administrators, Buyers, Vendors, public-link participants, customers that upload third-party Vendor data, public Vendor websites, and service providers that help operate Vendinav. A customer must have authority to submit third-party data and provide any legally required notice.
4. Company administrator and participant visibility
A company administrator may view and manage account membership, roles, billing status, and records within the company workspace. Authorized company users and invited workflow participants may see information shared with the applicable company, RFQ, Vendor lane, customer room, or tokenized page. Do not place information in a shared workflow unless it may be disclosed to its intended participants.
5. How we use information
- Provide, secure, maintain, and troubleshoot the service.
- Authenticate users, apply roles and entitlements, and maintain company workspaces.
- Coordinate RFQs, communications, files, rooms, workflow history, email preferences, and Support.
- Process Vendinav subscription billing and enforce plan limits.
- Provide AI-assisted features requested by a user and retrieve public Vendor website evidence.
- Detect abuse, protect users and systems, comply with law, enforce agreements, and resolve disputes.
- Analyze and improve reliability, usability, and business operations.
6. Authentication, theme, and local storage
Vendinav uses first-party cookies or similar browser storage needed for authentication, session continuity, security, and the selected light or dark appearance theme. These technologies are used to provide the requested service, not for cross-context behavioral advertising.
7. When we disclose information
We disclose information to authorized company users and workflow participants; to service providers acting for Vendinav; at a customer’s direction; to investigate security, abuse, or legal violations; when required by law or valid legal process; to protect rights and safety; and in connection with a financing, merger, acquisition, restructuring, or sale, subject to appropriate protections.
Vendinav’s current operational providers and their purposes are listed on the Subprocessors page.
8. OpenAI and Firecrawl processing
When a user invokes an AI-assisted feature, Vendinav may send relevant job, RFQ, category, Vendor, public website evidence, or uploaded spreadsheet content to OpenAI. Firecrawl receives public Vendor website URLs to retrieve page content, and Vendinav may provide those results to OpenAI for Vendor classification. Details, limitations, and provider data controls appear in the AI Use Disclosure.
9. Security
Vendinav uses administrative, technical, and organizational measures designed to protect information, including access controls and provider security features. No system, transmission, storage method, or security measure is guaranteed to be completely secure. Customers remain responsible for account access, authorized users, devices, and the content they choose to submit.
10. Retention
Vendinav retains information for as long as reasonably necessary for operational, legal, security, dispute-resolution, and compliance purposes. Relevant factors include whether an account or workflow remains active, whether another company controls a shared record, contractual obligations, fraud and security prevention, applicable limitation periods, and legal preservation requirements.
Suppression and email-preference records may be retained as necessary to honor email choices and prevent a later import or duplicate Vendor identity from bypassing them.
11. Deletion and correction limitations
A verified request may result in correction, restriction, or deletion where appropriate, but deletion is not always immediate or complete. Information may remain in company-controlled records, shared workflow history needed by another participant, backups until they rotate, security or legal records, Supabase Auth users pending account operations, or stored objects and files that require separate handling. Vendinav does not promise automated deletion or a general-purpose export tool.
12. No sale or targeted advertising
Vendinav does not sell personal information or share it for targeted advertising or cross-context behavioral advertising. Vendinav does not use third-party advertising trackers to build profiles for advertising across unrelated services.
13. Children
Vendinav is not directed to children and does not knowingly provide accounts to anyone under 18. If you believe a minor submitted information, contact us so we can investigate.
14. Privacy rights and verification
Depending on applicable law, an individual may request access, correction, deletion, or information about our handling of personal information. Vendinav may need to verify identity, authority, email control, account relationship, or the relevant record before acting. We may deny or limit a request where permitted by law and will explain the basis when required.
Send privacy and data-rights requests to privacy@vendinav.com. This monitored mailbox remains available independently of paid Support.
15. Vendor corrections and takedowns
A Vendor or business contact may use the same monitored address to request correction or takedown of Vendor directory information. Include enough detail to identify the record and explain the requested change. Vendinav may verify the requester’s relationship to the Vendor and may preserve suppression, security, legal, or dispute records even when public-facing or operational data is corrected.
16. Changes and contact
Vendinav will provide 30 days’ email or in-app notice before a material legal change. Reacceptance will be requested only where legally required or rights materially change.
Vendinav LLCprivacy@vendinav.com
5706 Cahalan Ave #53443
San Jose, CA 95153