Privacy Policy
Effective date: March 4, 2026
Outraro ("we", "us", or "our") operates the Outraro platform, an AI-powered procurement intelligence service for manufacturing and procurement teams. This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding your data.
1. Information We Collect
Account information. When you sign up, we collect your name, business email address, company name, industry, and ERP platform. Authentication is handled through Supabase magic link email verification, and we store session tokens to keep you logged in.
Uploaded procurement data. When you upload an AP (accounts payable) CSV export, we receive the data contained in that file, which typically includes vendor names, invoice numbers, line item descriptions, quantities, unit prices, amounts, GL account codes, dates, and currency information.
Payment information. If you subscribe to a paid plan, Stripe processes your payment. We store your Stripe customer ID and subscription ID but do not store your credit card number or full payment details on our servers.
Derived data. Through our analysis pipeline, we generate UNSPSC classifications, benchmark market prices, confidence scores, savings calculations, and negotiation briefs based on your uploaded data.
Email engagement data. We track delivery and engagement metrics (such as opens and clicks) for the transactional emails we send you through our email service provider.
Usage data. We automatically collect standard usage information such as IP address, browser type, pages visited, and session identifiers to operate and improve the platform.
2. How We Use Your Information
We use the information we collect to:
- Parse and normalize your uploaded AP data, classify line items using UNSPSC codes, benchmark prices against market sources, calculate savings opportunities, and generate negotiation briefs
- Send you a sequence of transactional emails related to your upload (confirmation, category preview, ERP follow-up, and report-ready notification)
- Display your results in your authenticated dashboard
- Process payments and manage your subscription if you are on a paid plan
- Respond to your inquiries and provide support
- Comply with applicable legal obligations
3. Shared Benchmark Data
Outraro maintains two shared internal databases to improve pricing accuracy over time: a classification cache (which stores UNSPSC category mappings for item descriptions) and a price database (which stores verified benchmark prices). These databases are shared across all users to improve results for everyone.
The data in these shared databases is aggregated and does not contain personally identifiable information. Your company name, vendor names, invoice numbers, and other identifying details from your uploads are never included in shared data. No user can see another user's uploaded data, company information, or specific purchasing figures.
4. Third-Party Services
We use the following third-party services to operate the platform. Each processes data only as necessary to perform its function:
- Supabase - Database hosting, user authentication, and server-side processing. Your account data and uploaded procurement data are stored here, protected by row-level security so each user can only access their own records.
- Perplexity (Sonar API) - We send item descriptions and category information to Perplexity's API to look up current market prices from vetted distributor and government sources. No personally identifiable information is included in these queries.
- OpenAI (GPT-4o) - We send item descriptions to OpenAI's API for UNSPSC classification. No personally identifiable information is included in these queries.
- Resend - Transactional email delivery for your upload-related email sequence.
- Stripe - Payment processing and subscription management for paid plans.
- Vercel - Application hosting and serverless function execution.
We do not sell your personal information or uploaded data to any third party.
5. Data Retention
We retain your account information and uploaded procurement data for as long as your account is active and for a reasonable period afterward to allow you to return to your results. Derived data (classifications, benchmarks, savings calculations) is retained alongside your uploaded data. Aggregated, de-identified data in our shared classification cache and price database is retained indefinitely to improve platform accuracy. You may request deletion of your account and all associated data at any time by contacting us.
6. Data Security
We protect your information using industry-standard security practices, including:
- Encrypted data transmission (HTTPS/TLS) for all connections
- Row-level security in our database, ensuring each user can only access their own data
- Secure authentication via magic link email verification
- Access controls limiting who within our organization can access production data
No system is perfectly secure. While we take reasonable steps to protect your data, we cannot guarantee absolute security against all threats.
7. Cookies and Session Data
We use cookies and similar technologies to maintain your authentication session and improve the platform experience. These are functional cookies necessary for the service to operate. You can disable cookies in your browser settings, but this will prevent you from using authenticated features of the platform.
8. Your Rights
You have the right to:
- Access the personal information and uploaded data we hold about you
- Correct inaccurate information in your account
- Delete your account and all associated data, including uploaded files, derived reports, and account information
To exercise any of these rights, contact us at [CONTACT_EMAIL]. We will respond within a reasonable timeframe.
9. Third-Party Links
Our platform may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their policies separately.
10. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date at the top of this page. Continued use of the platform after changes are posted constitutes your acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or how we handle your data, please contact us at [CONTACT_EMAIL].