MMVP RFID

Legal

Privacy Policy

Last updated: May 20, 2026

Information we collect

Account details (name, email, company), order data (SKUs, quantities, artwork, shipping addresses), payment metadata returned by our payment processor, and limited diagnostic data (IP address, user agent, page interactions).

How we use it

To fulfill orders, route them to manufacturing, issue invoices, send transactional notifications, prevent fraud, and improve the platform.

Sharing & sub-processors

We share order details with the following sub-processors, each bound by a written data-processing agreement: Motherson Group (manufacturing & drop-ship), Stripe, Inc. (payments, tax, fraud), Supabase, Inc. (database / authentication / storage), Cloudflare, Inc. (hosting, DNS, CDN), and our transactional email provider. The full, current list with locations is published in our Data Processing Addendum. We do not sell or "share" personal information for cross-context behavioural advertising.

International transfers

Some sub-processors are located in the United States. Where we transfer personal data of EEA, UK, or Swiss data subjects, we rely on the European Commission's Standard Contractual Clauses (2021/914, Module 2), the UK International Data Transfer Addendum, and the Swiss FDPIC addendum, together with technical measures (TLS 1.2+, encryption at rest, RLS-scoped access).

Retention

Order and invoice records are retained for at least seven years to satisfy accounting and tax obligations. Account data is retained for the life of the account.

Your rights (GDPR / UK GDPR / state privacy laws)

You may request access, correction, portability, restriction, or deletion of your personal information. Account holders can self-serve deletion at Account → Settings. Otherwise, email privacy@mvprfid.com; we respond within 30 days (GDPR) or 45 days (CCPA). California, Colorado, Connecticut, Virginia, and Utah residents — see Your Privacy Choices.

Security

All data is encrypted in transit (TLS 1.2+) and at rest. Database access is restricted by role-based policies. We notify affected users of any qualifying data breach within 72 hours.

Contact

Privacy inquiries: privacy@mvprfid.com.