Legal

Privacy Policy

Last updated: April 1, 2026

1. Introduction

This privacy policy describes how 3E Technology (“we,” “us,” “our”) collects, uses, and protects information when you use our website at 3etech.com and related services. By using our service, you agree to the practices described in this policy.

2. Information We Collect

Information you provide

  • Account registration: Email address, password (stored only as a cryptographic hash — never in plain text)
  • Onboarding profile: First name, last name, company name, country
  • Contact form: Name, email, subject, message (forwarded to our team via email; not stored in our database)
  • Vendor submissions: Company name, street address, city, state, zip, country, phone numbers, email addresses, website URLs, brands carried, parts inventory (stored in our database)

Information collected through your use of the service

  • Search activity: For paid users, search queries and results are stored as search history accessible in your dashboard
  • Payment information: Processed entirely by Stripe — we store only your Stripe customer ID, never your card number or payment details
  • Session data: A session cookie identifier linked to your account during active sessions

Information collected automatically

  • IP address: Used for rate limiting and abuse prevention; not stored long-term except when blocked for abuse
  • Usage analytics: Google Analytics 4 collects page views, search events, purchase events, and general usage patterns; this may include IP address and browser information per Google’s standard practices

Information collected from other sources

  • Publicly available business information: We collect and aggregate business contact information, company details, brand names, and product/part data from publicly available sources such as company websites, industry directories, and trade databases. This information relates to businesses and their commercial activities — not to individuals in their personal capacity.
  • Third-party data sources: We may receive business information from data partners, industry databases, or other third-party sources, which we combine with information already in our database to keep records accurate and complete.

3. How We Use Your Information

  • Provide, maintain, and improve the service
  • Process payments and manage subscriptions/credits
  • Send transactional emails: account verification, password reset, vendor approval/denial notifications
  • Send marketing and informational emails (you may unsubscribe at any time via the link in each email)
  • Enforce rate limits and prevent abuse
  • Analyze usage patterns to improve the service (via Google Analytics)
  • Respond to contact form inquiries
  • Review and process vendor submissions
  • Use automated tools, including artificial intelligence and machine learning services, to research, verify, enrich, and review business data in our database (such as company details, contact information, and product listings)
  • Build and maintain our database of parts vendors by collecting and organizing publicly available business information
  • Send notifications to registered users when new search results become available for their saved searches

We do not sell, rent, or trade your personal information to third parties.

4. Third-Party Services

We share data with the following service providers, each of which processes data according to their own privacy policies:

ServicePurposeData Shared
StripePayment processing. Available payment methods (card, Google Pay, Apple Pay, Link) are handled by Stripe and its sub-processors.Email, Stripe customer ID, transaction metadata. Card and payment credentials are handled entirely by Stripe — never transmitted to or stored on our servers.
ResendTransactional and marketing email delivery (verification, password reset, vendor notifications, informational broadcasts)Email address, message content
Amazon SESOutreach and broadcast email deliveryEmail address, message content
Google Analytics 4Usage analyticsPage views, events, IP address (per Google’s policies)
AI & machine learning providersAutomated research, verification, and review of business data (company details, contact information, product listings). These services help us maintain the accuracy and completeness of our vendor database.Business information only (company names, addresses, phone numbers, websites, brands, parts). No user personal data (accounts, passwords, payment info, search history) is shared with these services.
CloudflareHosting, infrastructure, and contact form email deliveryAll HTTP request data (processed at the edge); contact form messages

5. Cookies & Tracking

  • 3e_session — Authentication session cookie. HttpOnly, Secure, SameSite=Strict. Expires after 7 days.
  • Google Analytics cookies — Set by GA4 per Google’s cookie policies for analytics purposes.
  • Stripe cookies — Stripe may set cookies during the checkout process per Stripe’s cookie policy.
  • We do not use marketing, advertising, or third-party tracking cookies.

6. Data Retention

  • Account data: Retained while your account is active. Contact us to request deletion.
  • Search history: Retained indefinitely for paid users as part of the service. Contact us to request deletion.
  • Vendor submissions: Retained indefinitely, including after approval or denial. Contact us to request deletion.
  • Session data: Automatically expires after 7 days.
  • Rate limit data: Cleaned automatically during normal operation.
  • Pending signups: Expire after 24 hours if email is not verified; rows are overwritten on re-signup.
  • Password reset tokens: Expire after 1 hour.
  • Blocked IPs: Retained until manually removed or block period expires.

7. Data Security

  • Passwords are hashed using Argon2id (industry-standard cryptographic hashing)
  • Session cookies use HttpOnly, Secure, and SameSite=Strict flags
  • All payment data is handled by Stripe, which is PCI DSS compliant
  • All traffic is served over HTTPS via Cloudflare

No method of transmission or storage is 100% secure. While we use commercially reasonable measures to protect your data, we cannot guarantee absolute security.

8. Your Rights

  • Access: Request information about the personal data we hold on you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your account and associated data by contacting us
  • California residents (CCPA): You have the right to know what personal data we collect, request deletion, and opt out of the sale of personal data. We do not sell personal data.
  • Automated processing: We use automated tools to process business data in our database (such as verifying company details or reviewing vendor submissions). These automated processes apply to business information in our vendor database — not to decisions about your user account, payment status, or access to the service. If you believe automated processing has resulted in inaccurate information about your business, contact us and we will review it manually.

To exercise any of these rights, contact us at the email below.

9. Children’s Privacy

Our service is not directed at anyone under the age of 18. We do not knowingly collect personal information from minors. If we learn that we have collected data from someone under 18, we will delete it promptly.

10. International Data Transfer

Our service and its third-party providers process data primarily in the United States. By using the service, you consent to the transfer of your information to the United States and other jurisdictions where our service providers operate.

11. Changes to This Policy

We may update this privacy policy from time to time. The revised policy will be posted on this page with an updated effective date. Material changes will be communicated via email to registered users.

12. Contact

For questions about this Privacy Policy, contact us at privacy@3etech.com.