Privacy Policy | Better Data

Better Data, Inc.
Privacy Policy
Commerce Chain Optimization Platform
Last Updated: March 4, 2026

Better Data, Inc. ("Better Data," "we," "us," or "our") is committed to protecting the privacy of individuals who interact with our platform, APIs, and websites. This Privacy Policy describes how we collect, use, disclose, and protect personal information when you use the Better Data Commerce Chain Optimization (CCO) platform, including the Hosted SCM (app.betterdata.com), Commerce Gateway (api.betterdata.co), OSS Registry (registry.betterdata.co), and related services (collectively, the "Services").
This Policy also describes special considerations applicable to: (a) Signal Tags and blockchain-recorded authentication data; (b) AI Agent interactions via the Commerce Gateway; (c) regulated industry customers subject to HIPAA; and (d) the Loop Audit Trail and operational telemetry data.

1. Definitions
"Company," "we," "us," "our" refers to Better Data, Inc., 1325 Clinton Avenue, Alameda, CA 94501.
"Personal Data" means any information relating to an identified or identifiable natural person.
"Tenant" means a Customer organization with a provisioned instance of the Hosted SCM.
"Authorized User" means an individual accessing the Services on behalf of a Tenant, including human users and authorized AI Agents.
"Loop Audit Trail" means the tamper-evident record of all Loop state transitions, including actor identity, timestamps, correlationId, and causationId.
"Signal Tag Event" means a recorded product authentication interaction (scan, verify, chain-of-custody transfer) processed via the @betterdata/signal-tags-schema.
"GDPR" means the EU General Data Protection Regulation 2016/679.
"CCPA/CPRA" means the California Consumer Privacy Act and California Privacy Rights Act.
"PHI" means Protected Health Information as defined under HIPAA.

2. Information We Collect
2.1 Account and Registration Data
When you register or are added to the Services as an Authorized User, we collect:
• Name and email address
• Organizational affiliation, job title, and role within your Tenant
• Phone number (optional; for support and security verification)
• Account credentials (passwords are hashed and never stored in plaintext)
• Identity provider tokens (when using SSO via Okta or third-party identity providers)
2.2 Usage and Operational Data
We automatically collect usage and operational data when you interact with the Services, including:
• IP address, device type, browser type, and operating system
• API call metadata: endpoint, HTTP method, response code, latency, Tenant ID, timestamp
• Feature usage telemetry: which modules are used, frequency, and duration
• Authentication and authorization events: login attempts, role assignments, session tokens
• Integration activity: webhook deliveries, outbound API calls, third-party connector events
• Error and diagnostic logs
2.3 Loop Audit Trail Data
The loop-native architecture of the platform produces a Loop Audit Trail as an integral part of platform operation. This includes:
• Actor identity (Authorized User ID or AI Agent identifier) for each Loop state transition
• Timestamps and sequencing data (correlationId, causationId) for every state change
• Loop type, current state, prior state, and transition metadata
• Module-level events routed via the Outbox Relay
The Loop Audit Trail is a compliance artifact available to Tenant administrators. It is not used for individual behavioral profiling.
2.4 Commerce Gateway and AI Agent Interaction Data
When you or an AI Agent interacts with the Commerce Gateway, we collect:
• API request and response metadata (excluding full prompt/response payloads from third-party AI platforms, which are processed by those platforms under their own terms)
• AI Agent identifier and the Authorized User or API key under which the agent operates
• Commerce actions initiated: queries, order triggers, catalog lookups, Loop executions
• Rate limiting and quota telemetry
We do not store the content of LLM prompts or completions on our infrastructure after processing is complete, unless required for audit trail purposes under applicable law or a Customer-specific compliance configuration.
2.5 Signal Tags and Authentication Data
When Signal Tags are used for product authentication, we collect and process:
• Signal Tag identifier (Tag ID, EPCIS-compatible event ID)
• Authentication event type (scan, verify, ownership transfer, chain-of-custody)
• Timestamp, location (if enabled and consented to), and scanning device metadata
• Product identifiers (SKU, lot number, serial number, GS1 identifiers where applicable)
• On-chain transaction references (blockchain ledger hash, block number)
Signal Tag authentication events are recorded on a blockchain ledger as part of the product traceability record. Due to the immutable nature of distributed ledger technology, on-chain records cannot be deleted or altered. See Section 10 for how we address this limitation in the context of data subject rights requests.
2.6 Payment Data
We use third-party payment processors to handle billing. We do not store full payment card numbers on our systems. Payment processors handle cardholder data under their own PCI-DSS compliance programs. We retain billing metadata (invoice records, loop completion counts, payment history) as required for financial record-keeping.
2.7 Communications Data
If you contact us via email, support portal, or other channels, we retain those communications and any information you provide, including support tickets, feedback submissions, and sales inquiries.

3. How We Use Your Information
We use Personal Data and operational data for the following purposes:
• To provision, operate, and deliver the Services, including Tenant lifecycle management, module provisioning, and Loop execution
• To authenticate and authorize Authorized Users and AI Agents
• To generate and maintain the Loop Audit Trail as a compliance artifact
• To process Signal Tag authentication events and maintain chain-of-custody records
• To enable AI Agent interactions via the Commerce Gateway
• To communicate with you about your account, the Services, security incidents, and updates
• To process billing based on Loop completions and subscription terms
• To improve the Services using aggregated, anonymized data
• To detect and prevent fraud, abuse, and security threats
• To comply with legal obligations and respond to lawful government requests
• To generate compliance artifacts and SBOMs for regulated industry customers
We do not use Customer Data or individual Tenant data to train machine learning models for use across other tenants unless we obtain express written consent.

4. Legal Bases for Processing (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your Personal Data under one or more of the following legal bases:
Legal Basis
Processing Activity
Details
Contract Performance
Account management, service delivery, billing
Processing necessary to provide Services under our agreement with the Tenant
Legitimate Interests
Security, fraud prevention, Loop Audit Trail, product improvement
We have a legitimate interest in platform security and compliance; interests do not override data subject rights
Legal Obligation
Audit retention, regulatory compliance, lawful government requests
GDPR, HIPAA, DSCSA, FDA 21 CFR Part 11, and other applicable law
Consent
Marketing communications, non-essential analytics
You may withdraw consent at any time without affecting prior processing

5. Disclosure of Information
We may disclose Personal Data and operational data as follows:
5.1 Service Providers and Sub-Processors
We share data with third-party sub-processors that assist in providing the Services (cloud infrastructure, identity management, payment processing, AI platforms). Sub-processors are contractually bound to data protection obligations consistent with this Policy and applicable law. The current sub-processor list is available at betterdata.co/trust/sub-processors.
5.2 Tenant Administrators
Tenant administrators have access to Loop Audit Trail data, user activity logs, and module usage data for their own Tenant. This access is governed by the Tenant's internal policies.
5.3 AI Platform Providers
When you use the Commerce Gateway, request and response metadata is processed by the platform. Customer Data transmitted to third-party AI platforms (Anthropic, OpenAI, xAI) is subject to those platforms' own privacy policies. We encourage you to review those policies before enabling Commerce Gateway integrations.
5.4 Legal Requirements
We may disclose data when required by law, court order, or government request. We will provide prompt notice to the affected party where legally permitted.
5.5 Business Transfers
In connection with a merger, acquisition, or sale of assets, Personal Data may be transferred to the acquiring entity, subject to this Policy and applicable law.
5.6 Blockchain and Signal Tags
Signal Tag authentication events are recorded on a blockchain ledger. On-chain records are accessible to participants with appropriate ledger access. We do not publish personally identifiable information directly to the blockchain ledger; product and event identifiers are pseudonymous by design.

6. Data Retention
We retain data for the following periods (unless a longer period is required by law or agreed in a DPA or Order Form):
Data Type
Retention Period
Basis
Account and registration data
Duration of account + 3 years
Contract performance, legal obligation
Loop Audit Trail
7 years
HIPAA, DSCSA, FDA 21 CFR Part 11, audit requirements
API and usage logs
2 years
Security, abuse prevention, legitimate interests
Commerce Gateway interaction metadata
1 year
Security and audit; can be reduced by Tenant request
Signal Tag event records (off-chain)
7 years or as required by applicable traceability law
DSCSA, FDA, supply chain compliance
Signal Tag events (on-chain)
Indefinite — blockchain immutable records
Blockchain immutability; see Section 10
Payment and billing records
7 years
Financial record-keeping, tax law
Support communications
3 years from ticket close
Legitimate interests, dispute resolution
Marketing consent records
Until consent withdrawn + 3 years
GDPR accountability

7. International Data Transfers
Better Data is headquartered in the United States. If you are located in the EEA, UK, or Switzerland, your Personal Data may be transferred to and processed in the United States. We rely on the following transfer mechanisms:
• EU Standard Contractual Clauses (SCCs) — Module 2 (Controller to Processor) — incorporated in our Data Processing Agreement
• UK International Data Transfer Agreements (IDTAs) for UK data subjects
• Swiss Federal Act on Data Protection (nFADP) adequacy provisions where applicable
Customers requiring a DPA with SCCs may request one at legal@betterdata.co.

8. Security
We implement and maintain a comprehensive security program to protect Personal Data and Customer Data. Key measures include:
• Encryption in transit (TLS 1.2+) and at rest (AES-256)
• Multi-factor authentication (MFA) for Admin Control Plane access via Okta Workforce Identity
• Role-based access control enforced via TenantCapabilitySnapshot
• Loop Audit Trail for tamper-evident activity logging and incident reconstruction
• Drift Detection workers for module state integrity monitoring
• Regular vulnerability assessments and penetration testing
• Sub-processor security vetting and contractual data protection obligations
• SBOM (CycloneDX) generation for software supply chain transparency
Despite these measures, no system is completely secure. We encourage Authorized Users to use strong passwords, enable MFA, and report suspected security issues to security@betterdata.co.

9. HIPAA and Healthcare Customers
For Customers who are HIPAA Covered Entities or Business Associates and require processing of Protected Health Information (PHI) through the Services, Better Data will execute a Business Associate Agreement (BAA) as a separate written instrument prior to any PHI processing. Key points:
• PHI must not be submitted to the Services without an executed BAA.
• The Loop Audit Trail and HIPAA retention requirements (minimum 6 years for required documentation) are compatible; Better Data retains Loop Audit Trail records for 7 years by default for enterprise Healthcare customers.
• SBOM generation (CycloneDX) is available to Healthcare and Pharma customers as part of Better Data's NIST/HHS 405(d) compliance posture.
• DSCSA and FDA 21 CFR Part 11 compliance artifacts can be generated from Signal Tag and Loop Audit Trail data upon request.

10. Signal Tags, Blockchain Immutability, and the Right to Erasure
Better Data takes the tension between blockchain immutability and GDPR's right to erasure (Article 17) seriously. Our approach:
• On-chain records contain pseudonymous product and event identifiers, not directly identifiable personal data. We design on-chain data to minimize the personal data footprint.
• Off-chain indexes that map blockchain identifiers to Personal Data are maintained on Better Data's infrastructure and are fully erasable upon valid data subject request.
• Where technical pseudonymization means that the on-chain record is not reasonably linkable to an identified individual without the off-chain index, the EDPB's guidance on pseudonymous data supports that erasure of the off-chain index constitutes effective de-identification.
• We will document and communicate any residual immutability limitations in our response to data subject erasure requests, consistent with GDPR Article 17(3) exceptions (legal obligation to retain; archiving in the public interest).
• Customers operating in jurisdictions with blockchain-specific data protection guidance should consult with their own legal counsel.

11. Your Privacy Rights
11.1 GDPR Rights (EEA, UK, Switzerland)
If you are subject to GDPR or equivalent legislation, you have the right to:
• Access: request a copy of Personal Data we hold about you
• Rectification: request correction of inaccurate data
• Erasure: request deletion of Personal Data (subject to blockchain immutability limitations described in Section 10 and legal retention obligations)
• Restriction: request we restrict processing in certain circumstances
• Portability: receive Personal Data in a structured, machine-readable format
• Object: object to processing based on legitimate interests or for direct marketing
• Withdraw consent: where processing is based on consent, withdraw at any time
• Lodge a complaint: with your local data protection authority
11.2 CCPA/CPRA Rights (California Residents)
California residents have the right to:
• Know what Personal Data we collect, use, disclose, and sell (we do not sell Personal Data)
• Delete Personal Data (subject to exceptions for legal obligations and audit records)
• Correct inaccurate Personal Data
• Opt out of the "sharing" of Personal Data for cross-context behavioral advertising (we do not engage in such sharing)
• Non-discrimination for exercising privacy rights
• Limit the use of sensitive Personal Data (as defined by CPRA)
11.3 How to Exercise Rights
Submit privacy rights requests to privacy@betterdata.co or via our privacy portal at betterdata.co/privacy-requests. We will respond within 30 days (CCPA) or one month (GDPR), with extensions where necessary. We may require identity verification before processing requests.
11.4 Authorized Agent Requests
California residents may designate an authorized agent to submit requests on their behalf by providing written authorization and verifying the agent's identity.

12. Children's Privacy
The Services are not directed to children under the age of 16, and we do not knowingly collect Personal Data from children. If we become aware that we have inadvertently collected Personal Data from a child, we will take prompt steps to delete it.

13. Cookies and Tracking
We use cookies and similar tracking technologies for authentication, session management, security, and analytics. A cookie preference center is available at betterdata.co/cookie-preferences. We do not use cookies for cross-site behavioral advertising. For details on specific cookies used, please see our Cookie Notice at betterdata.co/cookies.

14. Changes to This Policy
We may update this Privacy Policy from time to time. For material changes, we will provide at least 30 days' notice via email or in-product notification before the changes take effect. The current version is always available at betterdata.co/privacy.

15. Contact and Data Protection Officer
For privacy questions, data subject rights requests, or to report a concern:

Better Data, Inc.
1325 Clinton Avenue, Alameda, CA 94501
Privacy: privacy@betterdata.co
Legal: legal@betterdata.co
Security: security@betterdata.co

For GDPR-related inquiries, you may also contact our designated EU representative at: eu-privacy@betterdata.co
To lodge a complaint with a supervisory authority, visit your local data protection authority. A list of EU authorities is available at: edpb.europa.eu/about-edpb/board/members