Privacy & Data

Your data,
protected.

Aligned with GDPR, CCPA, POPIA and equivalent global privacy standards.

Information We Collect

What data we ask for

We collect only what we need to generate your ERP recommendation report. This includes:

  • Your email address and name, used to create and secure your account
  • Company name and industry, used to contextualise your recommendations
  • Questionnaire answers covering your business processes, size, budget, and technical requirements
  • Payment metadata processed by Stripe — we never store card numbers or banking details directly

We do not collect government ID numbers, banking details, or any sensitive personal information as defined under applicable privacy law.

How We Use It

Purpose of processing

Your data is used exclusively to operate the ERPLenz platform. Specifically:

  • To generate your personalised ERP recommendation report
  • To save your questionnaire progress so you can return and continue
  • To send you your report by email if you request it
  • To process payment for premium report tiers via Stripe
  • To improve the accuracy of our scoring engine over time (aggregated, anonymised)

We do not sell your data. We do not share it with ERP vendors. We have no commercial interest in which system you choose.

Data Storage

Where and how long we keep your data

Your data is stored securely on Supabase, a managed Postgres database platform hosted on infrastructure within the European Union (AWS EU West). All data is encrypted at rest and in transit using industry-standard TLS.

We retain your account and report data for as long as your account is active. If you request deletion of your account, we will remove your personal information within 30 days, retaining only anonymised, aggregated data for platform improvement purposes.

Your Rights

Your privacy rights

Depending on your location, you may have rights under GDPR (EU/UK), CCPA (California), POPIA (South Africa), or equivalent legislation. Regardless of jurisdiction, we honour the following:

  • Access — request a copy of the personal information we hold about you
  • Correction — request that we correct inaccurate or outdated information
  • Deletion — request that we delete your personal information
  • Objection — object to the processing of your personal information
  • Portability — receive your data in a machine-readable format where applicable

To exercise any of these rights, submit a request through your account (or create a free account if you don't have one yet). We will respond within 30 days. You may also lodge a complaint with the relevant data protection authority in your jurisdiction.

Third Parties

Who we share data with

We use a small number of trusted third-party services to operate the platform. Each receives only the minimum data necessary:

Stripe

Payment processing for premium reports. Stripe handles all card data directly and is PCI DSS compliant.

Resend

Transactional email — used to send you your report link and any account notifications.

ERPLenz AI

The ERPLenz AI agent generates the narrative analysis in your report. Your questionnaire answers are processed to produce personalised insights. No data is retained beyond the API request.

We do not share your data with any ERP vendors, resellers, or marketing platforms.

Cookies

How we use cookies

ERPLenz uses cookies solely for session management — to keep you logged in securely across page loads. We do not use advertising cookies or third-party tracking cookies.

You can clear cookies at any time through your browser settings. Doing so will sign you out of your account.

Contact

Questions and data requests

If you have any questions about this privacy policy or wish to exercise your privacy rights, please contact us through the platform:

ERPLenz — Privacy Enquiries

Submit a request via your dashboard

Sign in (or create a free account) to submit a privacy request. We aim to respond within 30 days.