OrderPier

Privacy Policy

Last updated: 2026-05-30

OrderPier processes inbound purchase orders on behalf of business customers and their suppliers. This page covers what we collect, why, who we share it with, and the rights you have over it. For the technical controls behind these commitments, see /security. For the full Article-28 processing terms, see our DPA.

What we collect

  • Account details. Name, work email, company, and (via Clerk Organizations) the roles and seats inside your workspace.
  • Purchase order content. The PDF attachments and email bodies you forward to your inbound address, the extracted order data, and any corrections your reviewers make.
  • ERP connection metadata.Endpoint URLs, OAuth tokens, and the Company / Tenant identifiers needed to write sales orders back. We do not retain a copy of your ERP's wider data, only what is required to create the orders you authorize.
  • Billing. Stripe holds your card and billing address; we keep an invoice history and the subscription tier scoped to your organization.
  • Operational telemetry. Request logs, audit events (who approved what, when), and aggregate accuracy metrics needed to operate and improve the service. No customer PO content is sent to analytics or marketing tools.

How we use it

To run the OrderPier service, extract structured orders from your inbound email, route low-confidence fields to a human review queue, push approved orders to your connected ERP, and bill your subscription. We use service-operations data (latency, error rates, eval samples we generate ourselves) to improve the product. We do not use your documents or order data to train shared or third-party AI models, and our LLM providers (Anthropic, Google) are engaged under commercial terms that contractually exclude inputs and outputs from their training pipelines.

Sub-processors

We share customer data with the sub-processors required to run the service, hosting, LLM inference, email ingress, auth, billing, and our database. The full current list, with locations and DPA links, lives at /legal/subprocessors. We commit to 30 days' advance notice of any addition or material change; subscribe at subprocessor-updates@orderpier.com.

Retention

  • Raw inbound emails & attachments: 90 days, then purged.
  • Extracted order records + audit log: lifetime of your contract + 30 days; you can request earlier deletion within 7 business days.
  • Application logs: 30 days hot, 1 year cold (no PII or order content).

International transfers

Data for customers in the EEA, UK, and Switzerland transfers to US-based sub-processors under the 2021 EU Standard Contractual Clauses (Module 2) and the UK International Data Transfer Addendum, annexed to our DPA. EU-region hosting is available on enterprise contracts.

Security

TLS 1.3 in transit, AES-256 at rest. Tenant isolation is enforced in the application's data-access layer: every customer-data table is organization-scoped and every query is filtered by the signed-in tenant's organization, so no code path reads across tenants. Postgres Row-Level Security enforces the same boundary at the database itself. Full architecture on /security. SOC 2 Type II readiness underway with Vanta; observation window starts Q3 2026.

Your rights

Subject to applicable law (GDPR, UK GDPR, CCPA), you can request access to, correction of, deletion of, or export of your personal data. Where OrderPieris a processor for your employer's account, route requests through your account administrator; for the marketing site or direct accounts, email hello@orderpier.com, we acknowledge within one business day and complete within 30 days.

Children

OrderPier is a B2B service and is not directed at children under 16. We do not knowingly collect their data.

Changes to this policy

Material changes are announced via email to account administrators and posted here. The “Last updated” date above always reflects the current version. Substantive changes carry a 30-day notice window before taking effect.

Contact

Privacy: hello@orderpier.com. Security: security@orderpier.com. DPA: /legal/dpa.