Catieno Website Privacy Policy
Effective date: [EFFECTIVE_DATE]
Version: 2026-05-25
1. Introduction
This Website Privacy Policy ("Policy") describes how [COMPANY_LEGAL_NAME] ("Catieno," "we," "us," or "our") collects, uses, and protects personal information when you visit our public marketing website or submit a contact or lead form (collectively, the "Site").
This Policy applies to website visitors and prospective customers. It does not apply to:
- Users of the Catieno supplier portal, APIs, or procurement integration services — see our Supplier Privacy Policy and Data Processing Agreement; or
- End users of your buyers' eProcurement systems.
By using the Site or submitting a form, you acknowledge this Policy.
2. Who we are
Data controller:
[COMPANY_LEGAL_NAME]
[COMPANY_ADDRESS]
Privacy contact: [PRIVACY_EMAIL]
EU representative (if applicable): [EU_REPRESENTATIVE]
UK representative (if applicable): [UK_REPRESENTATIVE]
Data Protection Officer (if designated): [DPO_CONTACT]
3. Information we collect
3.1 Information you provide
When you use our "Get started" or contact flows, we may collect:
| Field | When collected |
|---|---|
| Email address | Email-only capture or full lead form |
| Name | Full lead form |
| Company name | Full lead form |
| Phone number | Optional on full lead form |
| Message | Full lead form |
| Number of buyers | Full lead form |
| Client submission ID | Automatically generated in your browser to prevent duplicate submissions |
3.2 Information collected automatically
| Field | Purpose |
|---|---|
| IP address | Abuse prevention, rate limiting, security |
| User agent | Diagnostics and fraud prevention |
| Server logs | Security and reliability (standard web server data) |
We do not use third-party advertising cookies or cross-site tracking pixels on the Site. We do not sell your personal information.
3.3 Cookies and similar technologies
The Site uses essential cookies only, such as:
- CSRF token — protects form submissions from cross-site request forgery;
- Session cookie — if you sign in to a linked portal from the same browser (portal sessions are governed by the Supplier Privacy Policy).
We do not use non-essential analytics or advertising cookies on the marketing Site at this time. If we introduce optional analytics in the future, we will update this Policy and provide appropriate choices where required by law.
4. How we use information
We use the information above to:
1. Respond to your inquiry — route your request to our sales or success team;
2. Prevent abuse — rate-limit submissions per IP address;
3. Operate the Site — security, troubleshooting, and improvement;
4. Comply with law — respond to lawful requests.
Legal bases (EEA/UK): Consent or legitimate interests (responding to business inquiries and securing the Site), depending on your jurisdiction and how you interact with the Site.
5. How we share information
We share personal information only with:
| Recipient | Why |
|---|---|
| Service providers | Cloud hosting (e.g., AWS), email delivery for internal sales notifications |
| Professional advisers | Lawyers, accountants under confidentiality |
| Authorities | When required by law |
We do not sell personal information. We do not share it for cross-context behavioral advertising.
If you later become a supplier customer, information you provided on the Site may be linked to your supplier account only where you use the same contact details and we need to continue the commercial relationship.
6. International transfers
Catieno is based in the United States. Information may be stored and processed in the United States and other countries where our service providers operate. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for transfers from the EEA, UK, or Switzerland.
7. Retention
| Data | Retention |
|---|---|
| Marketing lead records | Up to 24 months after last interaction, unless deleted earlier upon request or no longer needed |
| Server / security logs | As needed for security, typically 90 days or less |
8. Security
We use technical and organizational measures appropriate to the risk, including encryption in transit (TLS), access controls, and rate limiting on lead submissions. No method of transmission over the Internet is completely secure.
9. Your rights
Depending on where you live, you may have the right to access, correct, delete, or restrict processing of your personal information, and to opt out of sale/sharing (we do not sell personal information).
California (CCPA/CPRA): You may exercise rights by emailing [PRIVACY_EMAIL]. We will verify requests using information associated with your submission.
EEA / UK / Switzerland: You may contact us at [PRIVACY_EMAIL] or lodge a complaint with your local supervisory authority.
We will respond within timeframes required by applicable law.
10. Children
The Site is not directed to individuals under 16. We do not knowingly collect children's personal information.
11. Changes
We may update this Policy from time to time. We will post the revised Policy at /privacy/ and update the effective date. Material changes may be communicated where required by law.
12. Contact us
[COMPANY_LEGAL_NAME]
[COMPANY_ADDRESS]
Privacy: [PRIVACY_EMAIL]
Related policies
- Supplier Privacy Policy — for supplier portal and integration services
- Data Processing Agreement — for suppliers processing personal data through Catieno
*This document is a draft for counsel review. It does not constitute legal advice.*