Privacy Policy
- Version
- v0.4
- Status
- founder_draft
- Effective date
- TBD
- Last updated
- 2026-06-20
Full legal content
Privacy Policy
Closed-beta legal boundary: Founder-prepared draft for closed-beta readiness. Lawyer/CA review required before paid/public production. PGI Hub has no approved live payments, GST invoicing, vendor payouts, escrow, public marketplace launch, automated supplier award, or production legal approval under this pack.
1. Master Overview and Boundary
This Privacy Policy governs how PGI processes personal data, account data, contact data, buyer procurement data, vendor profile data, RFQ workflow records, support data, security logs, cookies, and platform interaction data during closed beta. It defines privacy-by-design controls for a procurement intelligence platform where contact-hidden supplier discovery, confidential BOM/RFQ workflows, vendor data correction, and AI-assisted decision support require strong data minimisation and visibility governance.
This Policy is a founder-prepared DPDP-oriented draft. It is not a final legal privacy notice, does not approve public production processing, and must be reviewed by Indian privacy counsel and relevant advisors before paid/public launch.
2. Operator and Privacy Roles
| Item | Current v0.4 Draft Position |
|---|---|
| Operator | [Current PGI legal/operator name — to be updated after incorporation] pending incorporation/legal update. |
| Privacy status | Founder-prepared draft; professional privacy/legal review pending. |
| Product mode | Invite-only closed beta; no live payments, payouts, GST invoicing, or public marketplace launch. |
| Data fiduciary/controller role | Placeholder for legal review based on final operating entity, jurisdiction, and processing model. |
| Processor/sub-processor role | Placeholder for cloud, analytics, email, provider/API, support, and infrastructure vendors. |
3. Operational Definitions
- Personal Data means information that identifies or relates to an identifiable individual, including account details, work email, name, role, organization membership, support records, and contact data.
- Buyer Procurement Data means BOMs, drawings, part numbers, MPN aliases, specifications, quantities, RFQ records, project notes, supplier shortlists, quote comparisons, and procurement reports uploaded or created by buyers.
- Vendor-Submitted Data means vendor profile, capability, rates/offers, stock, lead-time, certification, team, and contact governance information submitted or confirmed by a vendor.
- Contact Hidden Data means supplier contact information shielded from broad buyer visibility and governed by controlled access workflows.
- Visibility Level means the platform classification controlling whether a field is internal-only, account-visible, organization-visible, vendor-visible, buyer-visible through RFQ, public/footer-visible, or contact-hidden.
- Audit Log means a security, legal, support, acceptance, data correction, vendor claim, RFQ, or admin action record retained for accountability.
- Platform Informational Inferences are defined in the Terms and Conditions and include AI-assisted, rule-based, normalized, ranked, estimated, compared, or summarized outputs.
4. Privacy-by-Design Commitments
PGI should implement data minimisation, purpose limitation, storage limitation, role-based access, contact hiding, versioned consent/notice records, audit logging, supplier-profile correction routes, cookie preference controls, and human review for sensitive platform actions. Closed-beta data must be processed only for controlled evaluation, procurement workflow operation, security, support, legal readiness, data-quality improvement, and professional review preparation.
PGI must not use closed-beta buyer confidential BOM/RFQ/project data to publicly expose a buyer's sourcing strategy. PGI must not expose hidden supplier contact data merely because a supplier appears in discovery results. Vendor contact visibility requires governed workflow design and recorded context.
5. Data Categories
| Data category | Examples | Typical source | Default visibility |
|---|---|---|---|
| Account and identity data | Name, work email, role, organization, SSO/account metadata | User/account system | Account/workspace/admin-limited |
| Buyer procurement data | BOM, MPNs, drawings, specs, quantity, RFQ notes, project records | Buyer upload/workflow | Buyer workspace; controlled RFQ sharing |
| Vendor profile data | Business name, categories, capabilities, certification claims, claimed status | Vendor, PGI research, public source | According to label/profile rules |
| Vendor contact data | Email, phone, contact person, department | Vendor, public source, PGI research | Contact Hidden unless governed |
| Quote/RFQ data | Quote line, price basis, tax/freight basis, MOQ, lead time | Buyer/vendor workflow | Parties to workflow/admin-limited |
| Platform logs | access logs, security events, acceptance logs, admin actions | Platform systems | Internal role-limited |
| Cookies/preferences | necessary, preferences, analytics consent, marketing consent where used | Browser/user settings | Consent/audit-limited |
| Provider/API data | supplier/product/pricing/reference data from integrated providers | External API/provider | Governed by source terms and data policy |
| AI/review outputs | confidence score, review flags, warnings, summaries | Platform logic/AI/rules | Workflow-specific/admin-limited |
6. Processing Purposes
| Purpose | Examples | Closed-beta control |
|---|---|---|
| Account administration | Signup, login, organization membership, role management | Required for access |
| Procurement workflow | BOM upload, RFQ creation, quote comparison, supplier shortlist | Buyer-controlled workflow |
| Vendor workflow | Claim requests, profile correction, capability/rate/stock management | Vendor authority checks |
| Supplier discovery | Potential supplier matching, contact-hidden presentation, labels | Warnings and label controls |
| Data quality | Normalization, alias mapping, freshness warnings, review queues | Human review where low confidence |
| Support/grievance | Support tickets, correction/deletion requests, disputes | SOP and audit trail |
| Security/compliance | fraud, abuse, access control, incident response | Least privilege and retention rules |
| Legal readiness | acceptance evidence, route map, notice matrix, professional review | Internal-only access |
7. Data Sources
PGI may process data from users, buyer organizations, vendor organizations, invited suppliers, uploaded files, RFQ workflows, public-source supplier facts, third-party provider/API sources, support channels, security logs, cookie/consent tools, and internal research. Public-source or provider/API data can be incomplete, stale, or subject to source restrictions.
8. Contact Hidden Logic
Supplier contact data is not automatically exposed through discovery, ranking, quote comparison, or vendor labels. Contact Hidden controls protect individuals and suppliers from scraping, unsolicited outreach, unauthorized disclosure, and premature commercial reliance. Buyer contact requests should be governed by user eligibility, workflow context, acceptance records, rate limits, audit logs, and applicable privacy notices.
9. BOM/RFQ Confidentiality
Buyer BOMs, drawings, specifications, target quantities, commercial notes, and supplier shortlists can reveal sensitive procurement strategy. PGI should use workspace controls, RFQ-scoped sharing, data minimisation, and audit logs to avoid exposing buyer data beyond the intended workflow. Buyers remain responsible for ensuring they have authority to upload and share procurement data.
10. Vendor Data Correction Rights
Vendors may request correction, claim review, suppression, or removal of inaccurate vendor profile data, unsupported certification claims, stale stock/rate information, misleading categories, hidden contact issues, or disputed PGI Researched records. Correction handling should be logged, reviewed, and mapped to the Vendor Correction Policy and internal SOP.
11. Cookies and Preference Center
Necessary cookies and local storage may be used for security, session, consent, and essential platform operation. Non-essential analytics, marketing, or preference cookies must not load before consent where applicable. The cookie preference center must support Accept All, Reject Non-Essential, Manage Settings, Update Preferences, and Withdraw where implemented.
Rejecting non-essential cookies must not block core site access, except where a feature requires a strictly necessary cookie or similar storage mechanism.
12. Consent and Notice Points
| Location | Notice or consent control |
|---|---|
| Signup | Terms, Privacy, Acceptable Use, Closed Beta acceptance |
| Buyer onboarding | Buyer Terms and buyer responsibility notice |
| Vendor onboarding/claim | Vendor Terms, Vendor Data Policy, Vendor Claim Policy |
| BOM upload | BOM/Data Upload Policy inline notice |
| RFQ send | RFQ Workflow Disclaimer blocking confirmation |
| Supplier discovery | Supplier Discovery, Marketplace Labels, Contact Hidden notices |
| Quote/TLC/AI output | Quote Comparison, TLC, AI Output User Notice, Data Quality Warning |
| Cookie banner | Cookie Policy and preference center |
| Support/grievance | Grievance/Support Policy and relevant request form notice |
13. Retention Matrix
| Record type | Draft retention position | Deletion/correction availability | Notes |
|---|---|---|---|
| Account data | Active account plus legal/security retention placeholder | Correction/deletion subject to legal/security limits | Final period pending lawyer review |
| Buyer BOM/RFQ/project data | Workspace retention or project deletion schedule placeholder | Buyer-controlled deletion where technically and legally feasible | Confidential procurement data |
| Vendor profile data | While profile is active/researched/claimed plus audit retention | Correction/suppression/takedown route | Public-source facts can require source-specific handling |
| RFQ/quote records | Project/legal/audit retention placeholder | Limited deletion where counterparties or audit duties apply | Commercial evidence risk |
| Acceptance logs | Legal evidence retention placeholder | Usually retained for audit; correction not deletion except lawful error | Content hash required |
| Security/admin logs | Security retention placeholder | Restricted; deletion only under approved policy | Abuse and incident evidence |
| Cookie preferences | Until withdrawn/replaced plus audit placeholder | Withdraw/update supported | Non-essential consent tracked |
| Support/grievance records | Request lifecycle plus legal retention placeholder | Correction/deletion subject to dispute/security needs | SOP governed |
14. Sharing Matrix
| Recipient/category | Shared data | Purpose | Control |
|---|---|---|---|
| Buyer workspace members | Buyer project/RFQ data | Procurement collaboration | Role-based access |
| Vendors invited to RFQ | RFQ-scoped buyer requirements | Quote response | Buyer confirmation and RFQ notice |
| Buyers | Vendor profile fields, labels, non-hidden data | Supplier discovery | Label and visibility controls |
| Internal admins/support | Data required for support, moderation, security, legal readiness | Operational control | Least privilege and audit logs |
| Cloud/infrastructure vendors | Hosting, storage, logs | Platform operation | Provider review required |
| Email/support providers | Transactional support/notifications where enabled | Communication | No live commercial activation without approval |
| External APIs/providers | Query/request metadata and provider results where integrated | Supplier/product data enrichment | Provider API SOP and source policy |
| Professional advisors | Limited records needed for legal/CA/security review | Review and readiness | Confidentiality and minimisation |
15. AI Training / Non-Training Position
Closed-beta buyer confidential procurement data, RFQ data, vendor contact data, and support/grievance data should not be used to train public or general-purpose models without explicit reviewed approval. PGI may use data for platform operation, structured extraction, normalization, quality review, safety evaluation, audit, and internal product improvement where privacy, confidentiality, and contractual controls permit.
Any broader model-training use requires a separate reviewed policy, notice, consent basis where needed, data minimisation, and professional approval.
16. International Access and Cross-Border Caveat
PGI may use cloud, infrastructure, email, security, analytics, provider/API, or support services that involve access or processing outside the user's location. Cross-border processing, transfer mechanisms, DPDP obligations, vendor contracts, and local law requirements remain subject to lawyer review before paid/public production.
17. Children and Minors
PGI is a B2B procurement platform and is not intended for children or minors. Users must not create accounts or submit personal data on behalf of minors for procurement workflows.
18. Security Safeguards and Audit Logs
PGI should use access controls, role separation, authentication, encryption where appropriate, audit logs, security monitoring, incident response, vulnerability intake, administrative approval requirements, and data-quality review. No security control is represented as complete or infallible under this founder draft.
19. Deletion, Correction, Support, and Grievance
Users may request access, correction, deletion, suppression, or support through the relevant PGI request channel. PGI may deny, limit, defer, or retain records where required for legal, audit, security, fraud prevention, dispute, RFQ/quote evidence, or operational integrity, subject to final professional review.
Related Documents
terms-and-conditionsclosed-beta-termsacceptable-use-policy
Review Status
Founder-prepared draft. Lawyer/CA review required before paid/public production.
Paid/public production readiness: Not approved. Lawyer/CA/payment-provider/founder review required.