exhibitERP
Sign InGet Started

Legal

Privacy Policy

Last updated: January 1, 2025

exhibitERP ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our platform and services.

1. Information We Collect

Account & Profile Information

When you create an account, we collect your name, email address, password (stored as a hash), and organization details including your organization name, type, and subdomain.

Usage Data

We automatically collect information about how you interact with our platform, including pages visited, features used, actions taken, timestamps, and session duration.

Business Data You Enter

The platform stores data you input — event records, exhibitor information, orders, invoices, staffing, and contacts. You own this data. We process it solely to provide the service.

Payment Information

Payment processing is handled by Stripe. We do not store full card numbers. We may store transaction IDs, billing addresses, and invoice history.

2. How We Use Your Information

  • Provide, operate, and maintain the exhibitERP platform
  • Process transactions and send related confirmations
  • Send administrative communications, security alerts, and product updates
  • Respond to support requests and troubleshoot issues
  • Analyze usage patterns to improve our platform
  • Detect and prevent fraud and security incidents
  • Comply with applicable legal obligations

3. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information with:

  • Service providers who assist in operating our platform (Supabase, Stripe, Resend, Hostinger)
  • Legal authorities when required by law, court order, or governmental regulation
  • Successors in connection with a merger, acquisition, or asset sale

4. Data Retention

We retain your account and business data for as long as your account is active or as needed to provide services. Upon account termination, we retain data for 90 days before deletion unless a longer period is required by law.

5. Security

We implement industry-standard security measures including TLS 1.2+ encryption in transit, encryption at rest, role-based access control, and regular security reviews. See our Security page for full details.

6. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of personal data we hold about you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a machine-readable format
  • Objection: Object to certain types of processing

To exercise these rights, contact us at [email protected].

7. Cookies

We use session cookies to maintain your authenticated session and functional cookies to remember preferences. We do not use third-party advertising cookies.

8. Children's Privacy

Our platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or a prominent in-platform notice. Continued use after changes constitutes acceptance.

10. Contact Us

Questions about this Privacy Policy? Contact us:

Email: [email protected]

Address: exhibitERP, Waterford, Michigan, United States