Privacy Policy
Effective date: April 29, 2026
BuyDirectFromUSA.com ("we", "us", "our") respects your privacy. This Privacy Policy explains what information we collect, how we use it, and the choices you have. We are a U.S.-registered company and our handling of personal information is governed by U.S. law.
Information We Collect
We collect information you give us directly when you use our service:
- Account information — name, email, password (hashed), and any phone number you choose to provide.
- Sourcing and procurement requests — the items, links, quantities, destinations, and notes you submit through our forms.
- Payment information — handled by our payment processor (Stripe). We never see or store full card numbers.
- Communications — messages you exchange with our team and with suppliers through the platform.
We also collect limited technical information automatically: IP address, browser type, device, and pages viewed. We use this for security, fraud detection, and to improve the service.
How We Use Your Information
- To provide and operate the sourcing service: matching you with suppliers, generating quotes, and arranging shipping.
- To process payments, refunds, and dispute resolution.
- To communicate with you about your requests, account, and important changes.
- To prevent fraud, abuse, and protect both buyers and suppliers.
- To comply with U.S. legal obligations (tax, customs, anti-money-laundering).
Sharing of Information
We do not sell your personal information. We share it only with:
- Suppliers — we share product specs and quantities with the supplier(s) we match to your request. We do not share your email or contact details unless you explicitly authorise direct contact.
- Service providers — payment processors (Stripe), hosting (Supabase, Vercel), email/notification services, and shipping carriers. These providers act on our instructions and are bound by confidentiality.
- Legal authorities — when required by valid U.S. legal process or to protect our rights, our users, or the public.
Data Security
We use industry-standard practices: TLS encryption in transit, encryption at rest, access controls, and regular security review. No system is perfectly secure; if a breach affects you, we will notify you as required by U.S. law.
Data Retention
We retain account and transaction records for as long as needed to provide the service and to comply with legal obligations (typically 7 years for financial records). You may request deletion of your account at any time, subject to retention requirements that apply to past transactions.
Your Rights
You may:
- Access and update your account information at any time from your portal.
- Request a copy of your data, or request deletion, by emailing privacy@buydirectfromusa.com.
- Opt out of marketing emails using the unsubscribe link in any such email.
If you are a resident of California, the EU/UK, or another jurisdiction with specific privacy rights, you may have additional rights (CCPA, GDPR). Contact us at the email above to exercise them.
Cookies
We use essential cookies for sign-in sessions and a small number of analytics cookies to understand how the site is used. You can disable cookies in your browser settings, but parts of the service may stop working.
International Users
Our servers are located in the United States. By using the service from outside the U.S., you consent to the transfer of your information to the U.S., where data protection laws may differ from those of your country.
Children
Our service is not directed at children under 16. We do not knowingly collect information from children. If you believe we have, contact us and we will delete it.
Changes to This Policy
We may update this policy from time to time. Material changes will be announced via email or a notice on the site at least 30 days before they take effect.
Contact
Questions about this policy or your data? Email privacy@buydirectfromusa.com.