Legal

Privacy Policy

CPSCReady stores account, company, packet, CPSC rule, payment-status, uploaded file, and file metadata needed to prepare and maintain certificate packet drafts.

Packet records and uploaded files are stored in your authenticated workspace. File metadata is used to organize packet drafts and missing-data checks. Do not upload records unless you are authorized to use them.

Hosted workspaces use Supabase authentication, database records, row-level security, and private storage patterns for packet data and uploaded files.

Packet records and uploaded files should be kept inside the user's workspace. The app does not use packet records or uploaded files to train AI models.

Stripe processes checkout payment data. CPSCReady stores Stripe session and order status identifiers, not raw payment card details.

Transactional emails may be sent through Brevo for account, packet, checkout, or support notifications.

You can delete saved drafts and uploaded files from your workspace. Some billing, security, audit, and support records may be retained when needed for legitimate business, legal, tax, fraud-prevention, or dispute purposes.

Core vendors and subprocessors may include Vercel for hosting, Supabase for authentication/database/storage, Stripe for payments, and Brevo for transactional email. Deletion or privacy requests can be sent to support@cpscready.com.