Privacy Policy

Last updated: November 2025

ProcureValue helps procurement teams measure their value through anonymous surveys. This policy explains what personal information we collect from you as an account holder.

Important: Survey responses are 100% anonymous. We do not collect or store personal information about survey respondents.

1. What We Collect From You

When you create a ProcureValue account, we collect:

  • Email address - Your login identifier
  • Name - First and last name
  • Organization name - Your company
  • Password - Encrypted using bcrypt (we cannot see your actual password)

That's it. We don't collect any other personal information about you.

What About Survey Invitations?

When you send survey invitations, the email addresses you provide are processed by our email service (Resend) to send the invitations. These addresses are deleted within 90 days after your campaign ends. They are not stored as personal data in your ProcureValue account.

What About Survey Responses?

Survey responses (ratings and feedback) are completely anonymous. We use one-time codes that cannot be traced back to respondents. Survey data is owned by your organization, not stored as personal data.

2. What We Automatically Collect

For security and service improvement, we automatically collect:

  • Login times - When you sign in
  • IP address - To detect suspicious activity
  • Browser type and device - To fix bugs
  • Pages visited - To understand feature usage

3. Data Ownership

You Own Your Data

Your organization retains full ownership of all survey responses, campaign data, and account information. We never sell your data to third parties.

License to ProcureValue

To provide and improve our service, you grant us a limited license to use your data for:

1.
Provide the Service

Process, store, and analyze your data to deliver ProcureValue features and generate insights for your organization.

2.
Service Improvement

Use aggregated, anonymized data to improve our AI models, develop new features, optimize performance, and fix bugs. This helps make ProcureValue better for everyone.

3.
Industry Insights (Opt-In Only)

Include your organization's aggregated, anonymized results in industry benchmark reports—but only if you choose to participate.

What We Don't Do:

  • ❌ Sell or license your data to third parties
  • ❌ Share identifiable information with other customers
  • ❌ Use your data to benefit your competitors
  • ❌ Claim ownership of your data

Industry Benchmarking (Optional)

With your permission, we may include your organization's aggregated survey results in industry benchmarking reports. For example:

  • "Average PVX Score in Manufacturing: 7.2"
  • "Healthcare procurement teams see 15% YoY improvement"
  • "Organizations with 500+ employees typically score higher on supplier collaboration"

Your organization is never identified. We only publish aggregates across many companies (minimum 5 organizations). This is completely optional—you can opt in or out at any time in Account Settings.

4. How We Use Your Account Information

We use your account information (email, name, organization) to:

  • Let you log in to ProcureValue
  • Show your name in the application
  • Separate your organization's data from other customers (multi-tenant isolation)
  • Send you account-related emails (password resets, security alerts)
  • Contact you about service updates (you can opt out)
  • Provide customer support if you contact us

5. Who Can See Your Information

We never sell your data.

Your Organization

Other users in your organization can see your name when you create campaigns or appear in activity logs. They cannot see your password or email (unless you're the admin).

Service Providers

We use these trusted services to run ProcureValue:

  • Render - Hosts our database and servers (your data is stored here)
  • Vercel - Hosts our website
  • Resend - Sends emails on our behalf
  • Google Gemini AI - Analyzes anonymous survey responses (does not see your account info)

Legal Requirements

We may disclose your information if required by law (court orders, subpoenas) or to protect safety.

6. How We Protect Your Information

Encryption: All data is encrypted in transit (HTTPS) and at rest (database encryption)
Password security: We use bcrypt hashing - even we cannot see your password
Data isolation: Your organization's data is separated from other customers
Access controls: Only authorized staff can access infrastructure

7. Your Rights

You have the following rights regarding your personal information:

✏️ Update Your Information

You can change your name, email, or organization name in Account Settings at any time.

🗑️ Delete Your Account

Email us at privacy@procurevalue.com to request account deletion. We'll delete your account information within 30 days.

Note: This also deletes all your campaigns and survey data.

🚫 Opt Out of Marketing Emails

Click "unsubscribe" in any marketing email. You'll still receive essential emails (password resets, security alerts).

📋 Request Your Data

Email us to request a copy of your account information (email, name, organization).

8. How Long We Keep Your Data

We keep your account information while your account is active. If you delete your account, we remove your information within 30 days.

Security logs (login times, IP addresses) are kept for 90 days for security purposes.

9. Cookies

We use cookies to keep you logged in. That's it - no advertising or tracking cookies.

If you disable cookies, you'll need to log in every time you visit ProcureValue.

10. International Data Transfers

ProcureValue uses Render for hosting, which may store your data in servers outside your country. All data transfers comply with GDPR requirements (Standard Contractual Clauses).

11. Children's Privacy

ProcureValue is for business use only. We don't knowingly collect information from anyone under 16.

12. Changes to This Policy

We'll email you about any major changes to this privacy policy. The "Last updated" date at the top shows when we last revised it.

13. Contact Us

Questions about your privacy? Contact us:

ProcureValue Privacy Team

Email: privacy@procurevalue.com

We respond within 30 days

14. Common Questions

Q: What about the email addresses I use for survey invitations?

Those are business data (not your personal data). Your organization controls that list. We process them to send invitations and delete them within 90 days of campaign completion. They're not part of your account.

Q: Are survey responses linked to me?

No. Responses are 100% anonymous. Even if you created the campaign, we cannot tell you who said what.

Q: Can other companies see my information?

No. Each organization's data is completely isolated. Other ProcureValue customers cannot see your account or your organization's survey data.

Q: Do you use our data for industry benchmarking reports?

Only if you opt in. We'd like to publish aggregated industry insights (e.g., "Average PVX Score in Manufacturing: 7.2"). This helps the procurement community understand trends. Your specific data is never identified—we only use anonymous aggregates across many organizations. You can opt in or out at any time in Account Settings.

Q: What if I signed up with Microsoft/Google OAuth?

We receive your email and name from the OAuth provider. We don't receive your Microsoft/Google password. You can delete your ProcureValue account without affecting your Microsoft/Google account.

Q: Is ProcureValue GDPR compliant?

Yes. We follow GDPR principles: data minimization (we only collect what's needed), encryption, user rights (access, deletion), and secure data processing agreements with all service providers.

This policy complies with GDPR (EU), CCPA (California), and other data protection laws.