Privacy Policy
Last updated: June 2026
This Privacy Policy explains how SCMX (“SCMX,” “we,” “us”) collects, uses, discloses, and protects personal information in connection with our website and the SCMX platform (the “Service”). By using the Service you agree to this Policy.
1. Information we collect
Information you provide. When you request a demo or contact us, we collect your name, business name, business email, and any message you send. If you are granted access, we process the credentials issued to you.
Usage & device data. We automatically collect log data such as IP address, browser type, pages viewed, and timestamps, and we correlate requests with a request identifier for reliability and security.
Customer data. When a customer connects data to the Service (e.g. supply chain records via CSV, ERP, or EDI), we process that data on the customer’s behalf as a processor, under the customer’s instructions and any applicable agreement.
2. How we use information
We use personal information to operate, secure, and improve the Service; to respond to demo requests and inquiries; to communicate with you; to prevent fraud and abuse; and to comply with legal obligations. We do not sell personal information.
3. Legal bases (EEA/UK)
Where applicable, we process personal data on the bases of our legitimate interests (operating and securing the Service), performance of a contract, your consent, and compliance with legal obligations.
4. Sharing & subprocessors
We share personal information with service providers who process it on our behalf (e.g. cloud hosting, database, error monitoring, and, where enabled, AI model providers), each bound by appropriate confidentiality and data-protection obligations. We may disclose information if required by law or to protect our rights and users. A current list of subprocessors is available on request.
5. Data security
We apply administrative, technical, and organizational safeguards including encryption of secrets at rest, tenant data isolation, role-based access control, enterprise SSO support, transport encryption (TLS), audit logging, and least-privilege access. No method of transmission or storage is 100% secure.
6. Data retention
We retain personal information for as long as needed to provide the Service and for legitimate business or legal purposes, then delete or anonymize it. Customer data is retained per the applicable customer agreement.
7. Your rights
Depending on your location, you may have rights to access, correct, delete, or port your personal information, and to object to or restrict certain processing. To exercise these rights, contact us at the address below. You may also lodge a complaint with your local data protection authority.
8. International transfers
We may process and store information in countries other than your own. Where required, we use appropriate safeguards for cross-border transfers.
9. Cookies
We use strictly necessary cookies/local storage to operate the Service (for example, to keep you signed in to the demo). We do not use third-party advertising cookies.
10. Children
The Service is intended for businesses and is not directed to children under 16. We do not knowingly collect their personal information.
11. Changes
We may update this Policy from time to time. Material changes will be reflected by the “Last updated” date above.
12. Contact
Questions or requests: info@scmx.ai.
This document is a general template and not legal advice. Please have it reviewed by counsel for your jurisdiction before relying on it.
