1. Overview
This policy explains what SalesFree.io collects, why, and — specific to how this platform works — exactly what we shield from other users and what we don't. If you're evaluating whether SalesFree is safe to use anonymously, this section matters more than a typical privacy policy.
2. What We Collect
- From OAuth sign-in (Google, LinkedIn, or Facebook): your name, email address, and profile photo, as provided by that provider.
- Organization details: company/individual name, website, size range, industry category — provided by you at signup.
- Sourcing Request content: the free-text description of what you're looking for, budget range, and category.
- Messages and attachments: content you send through the in-platform chat.
- Payment data (Vendors): processed directly by Stripe; SalesFree stores only the resulting transaction record (amount, token count, a payment reference ID) — we do not store your card number.
- Usage data: standard technical logs (IP address, device/browser info, timestamps) for security and fraud prevention.
3. The Core Privacy Mechanic: Masking
This is the part that makes SalesFree different from a typical platform privacy policy:
- When you create a Sourcing Request, we generate a masked persona (e.g., "J. from Finance & Banking") that is what Vendors see — not your real name, company, or contact details.
- Your real identity is known to SalesFree internally (collected via OAuth in Section 2) for trust and safety, fraud prevention, billing, and legal compliance. It is programmatically withheld from Vendors at the application layer — Vendor-facing views and API responses are built to only ever resolve the masked alias for a Sourcing Request until you take the reveal action described below.
- Each new Sourcing Request gets an independently generated persona. Vendors cannot cross-reference your masked identity across separate Sourcing Requests you've created — from their side, "J. from Finance & Banking" on one request and "J. from Finance & Banking" on a different request are not linkable, even though both come from you.
- "Reveal My Info": you control a per-Vendor action that discloses your real name, organization, LinkedIn profile, and email to that specific Vendor for that specific Sourcing Request only. This action is irreversible for that relationship and does not affect any of your other active or past Sourcing Requests, which remain masked.
- SalesFree employees can access underlying real-identity data only for support, safety, fraud investigation, or legal purposes — not for routine marketplace browsing.
4. How We Use Data
To operate the marketplace (matching, notifications, chat), to run the automated trust/spam-review check on new Sourcing Requests, to process token payments, to send transactional emails (new bid alerts, etc.), and to maintain platform security.
5. What We Share, and With Whom
- Vendors receive only your masked persona and Sourcing Request content, unless and until you reveal.
- Service providers we rely on to run the platform receive the minimum data needed for their function: Supabase (hosting/database), Stripe (payments), Resend (transactional email), Anthropic (processes Sourcing Request text to generate the structured preview and trust score — not used to identify you to other users).
- We do not sell personal data. We do not share your real identity with Vendors outside the reveal mechanism described in Section 3.
6. Data Retention
We retain account and Sourcing Request data for as long as your account is active, plus a limited period afterward for legal, tax, and dispute-resolution purposes. You can request account deletion; some transaction records may be retained where required by law.
7. Your Choices
You can review and update your organization/profile details in-app, control notification preferences, and request account deletion. You can decline to reveal your identity to any Vendor — nothing in the platform requires reveal to receive bids or chat.
8. Security
We use industry-standard encryption in transit and at rest, role-based access controls, and the masking architecture described above as a privacy-by-design measure, not just a policy promise.
9. Children
SalesFree is not directed to and does not knowingly collect data from anyone under 18.
10. Changes to This Policy
We'll notify you in-app or by email of material changes before they take effect.
11. Contact
Privacy questions or data requests: [insert privacy/support email].