Privacy Policy

1. Introduction

This privacy policy describes how 3E Technology, Inc. (“we,” “us,” “our”) collects, uses, and protects information when you use our website at 3etech.com and related services. By using our service, you agree to the practices described in this policy.

2. Information We Collect

Information you provide

• Account registration: Email address, password (stored only as a cryptographic hash — never in plain text)
• Onboarding profile: First name, last name, company name, country
• Contact form: Name, email, subject, message (forwarded to our team via email; not stored in our database)
• Vendor submissions: Company name, street address, city, state, zip, country, phone numbers, email addresses, website URLs, brands carried, parts inventory (stored in our database)

Information collected through your use of the service

• Search activity: For paid users, search queries and results are stored as search history accessible in your dashboard
• Payment information: Processed entirely by Stripe — we store only your Stripe customer ID, never your card number or payment details
• Session data: A session cookie identifier linked to your account during active sessions

Information collected automatically

• IP address: Used for rate limiting and abuse prevention; not stored long-term except when blocked for abuse
• Usage analytics: Google Analytics 4 collects page views, search events, purchase events, and general usage patterns; this may include IP address and browser information per Google’s standard practices

3. How We Use Your Information

• Provide, maintain, and improve the service
• Process payments and manage subscriptions/credits
• Send transactional emails: account verification, password reset, vendor approval/denial notifications
• Enforce rate limits and prevent abuse
• Analyze usage patterns to improve the service (via Google Analytics)
• Respond to contact form inquiries
• Review and process vendor submissions

We do not sell, rent, or trade your personal information to third parties.

4. Third-Party Services

We share data with the following service providers, each of which processes data according to their own privacy policies:

5. Cookies & Tracking

• 3e_session — Authentication session cookie. HttpOnly, Secure, SameSite=Strict. Expires after 7 days.
• Google Analytics cookies — Set by GA4 per Google’s cookie policies for analytics purposes.
• We do not use marketing, advertising, or third-party tracking cookies.

6. Data Retention

• Account data: Retained while your account is active. Contact us to request deletion.
• Search history: Retained indefinitely for paid users as part of the service. Contact us to request deletion.
• Vendor submissions: Retained indefinitely, including after approval or denial. Contact us to request deletion.
• Session data: Automatically expires after 7 days.
• Rate limit data: Cleaned automatically during normal operation.
• Pending signups: Expire after 24 hours if email is not verified; rows are overwritten on re-signup.
• Password reset tokens: Expire after 1 hour.
• Blocked IPs: Retained until manually removed or block period expires.

7. Data Security

• Passwords are hashed using Argon2id (industry-standard cryptographic hashing)
• Session cookies use HttpOnly, Secure, and SameSite=Strict flags
• All payment data is handled by Stripe, which is PCI DSS compliant
• All traffic is served over HTTPS via Cloudflare

No method of transmission or storage is 100% secure. While we use commercially reasonable measures to protect your data, we cannot guarantee absolute security.

8. Your Rights

• Access: Request information about the personal data we hold on you
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your account and associated data by contacting us
• California residents (CCPA): You have the right to know what personal data we collect, request deletion, and opt out of the sale of personal data. We do not sell personal data.

To exercise any of these rights, contact us at the email below.

9. Children’s Privacy

Our service is not directed at anyone under the age of 18. We do not knowingly collect personal information from minors. If we learn that we have collected data from someone under 18, we will delete it promptly.

10. Changes to This Policy

We may update this privacy policy from time to time. The revised policy will be posted on this page with an updated effective date. Material changes will be communicated via email to registered users.