Privacy information

Optional operator label from LEGAL_POLICY_EFFECTIVE_DATE: 2026-04-17. This is for your own versioning notes only; it does not make this page a binding or counsel-reviewed privacy policy.

This section describes how nevali handles personal data in plain language. It is not a substitute for a jurisdiction-specific privacy policy reviewed by your counsel. Before you rely on it for compliance (GDPR, CCPA, Morocco Law 09-08, etc.), have qualified legal advisors adapt it to your processing activities, retention periods, and subprocessors.

What we collect

Account identifiers (name, email), authentication data managed by our auth provider, profile and organization details you submit as a partner, buyer inquiry content (product interest, quantities, messages), support ticket text, training progress metadata, and technical logs needed to secure the service (IP address, device type, timestamps).

Why we use it

To create and maintain accounts, match buyers with artisans, deliver transactional emails you request, operate RFQ and contract workflows, improve reliability, respond to legal requests, and detect abuse. Marketing uses, if any, will be based on consent where required.

Sharing & hosting

We use infrastructure and email providers you configure in production (for example database hosting, object storage for uploads, and transactional mail). Those providers process data on our instructions. We do not sell personal data.

Retention & your choices

We retain data while the account is active and for a limited period afterwards for legal, security, and dispute-resolution purposes. You may request access, correction, or deletion where applicable by contacting us; some records must be kept to meet accounting or regulatory obligations.