Privacy Policy
Contents
1. Overview
This Privacy Policy describes how PUREMINE LLC ("we," "us," "our") collects, uses, and shares personal data when you use PureMine.
PureMine is a business-to-business product. We collect data primarily from professionals who register accounts to access supply chain risk alerts. We do not market to consumers or knowingly collect data from individuals under 18.
If you are in the European Economic Area or the United Kingdom, you may have rights under the GDPR or UK GDPR where applicable — see Section 9.
If you are a California resident, you may have rights under California privacy laws where applicable — see Section 9.
2. What We Collect
| Category | What it includes | Why we collect it |
|---|---|---|
| Account data | Name, email address, hashed password, MFA credentials (TOTP secrets, encrypted) | Authentication and account management |
| Subscription preferences | Your selected commodity and country filters, alert delivery settings | Matching articles to your subscription and delivering alerts |
| Usage data | Pages visited, alert interactions, login timestamps, IP addresses, browser and device type, error logs | Platform security, debugging, and service improvement |
| Feedback data | Alert quality ratings, tag accuracy feedback, support requests | Improving NLP pipeline accuracy and AI explanation quality |
| Billing data | Billing records (amounts, dates, plan). Payment card data is handled by our payment processor — we do not store card numbers. | Subscription management and accounting |
3. How We Use Your Data
Service delivery
We use your data to authenticate your account, enforce usage limits, match articles to your subscription, deliver alerts, generate AI explanations relevant to your filters, and process payments.
Service improvement
We use aggregated and de-identified usage data to improve NLP pipeline accuracy, identify false positive patterns, evaluate AI explanation quality from your feedback, and develop new features. We do not use identifiable personal data for model training.
Communications
We may contact you for service notifications (quota warnings, outages, account changes), product updates (opt-out available), and responses to support requests. We do not sell your email address or use it for unrelated marketing.
Legal and security
We retain and may disclose data as required to comply with applicable law, respond to legal process, enforce our Terms, and protect platform security.
4. AI Processing and Anthropic
When the system generates an AI explanation for an alert, article content is transmitted to Anthropic, Inc. via its Claude API. This is a necessary part of how explanations are produced.
What is transmitted to Anthropic:
- Portions of the news article text
- Detected risk tags and metadata (commodity, country, alert level)
- System-generated prompt instructions
What is not transmitted to Anthropic:
- Your name, email, or account identifiers
- Your subscription preferences or filter configuration
- Your usage history or feedback
Anthropic's processing is governed by Anthropic's Privacy Policy. If your organisation has data governance requirements regarding third-party AI processing, we recommend reviewing Anthropic's data processing commitments before using the platform.
5. Data Sharing
We share personal data only in the following circumstances:
| Recipient | What is shared | Why |
|---|---|---|
| Anthropic, Inc. | Article content and risk signals only (not personal data) | AI explanation generation |
| Cloud infrastructure providers [e.g. AWS / GCP — customize] |
All platform data (processed on our behalf under DPAs) | Hosting, databases, storage |
| Payment processor [e.g. Stripe — customize] |
Billing information | Payment processing |
| Legal / regulatory | As required by law or court order | Legal compliance |
| Business successors | All data in the event of merger or acquisition | Business continuity — we will notify you if this occurs |
We do not sell personal data to third parties. We do not share personal data with news data providers.
6. Data Retention
We retain personal data for as long as your account is active. Upon account termination:
- Account data (name, email, preferences) is deleted or anonymized within 90 days
- Usage logs may be retained in anonymized form for service improvement
- Billing records are retained as required by applicable tax and accounting law
- Alert quality feedback is retained in anonymized form unless you request deletion
7. Security
We implement technical and organizational measures to protect your data, including:
- Passwords stored using one-way cryptographic hashing (we cannot recover your plaintext password)
- MFA (TOTP) available and encouraged for all accounts
- Encrypted data transmission (HTTPS/TLS)
- Database-level tenant isolation between accounts
- Access controls limiting internal data access to authorized personnel
No security measure is foolproof. In the event of a data breach affecting your personal data, we will notify you in accordance with applicable law.
8. Cookies and Session Data
PureMine uses session cookies to maintain your authenticated session. We do not use third-party advertising cookies or cross-site tracking cookies.
We may use privacy-respecting analytics tools to understand aggregate platform usage. Any analytics data is processed in aggregated, de-identified form. [Specify tool — e.g. Plausible, PostHog — and update if this changes.]
9. Your Rights
Depending on your location, you have the following rights regarding your personal data. To exercise any of them, contact us at support@puremineus.com — we will respond within 30 days.
EEA and UK users (GDPR / UK GDPR)
Where the GDPR or UK GDPR applies, we process personal data under the following legal bases: contract performance (account management, alert delivery, billing); legitimate interests (security, fraud prevention, service improvement); legal obligation (retention requirements); and consent where specifically obtained. You may also have the right to lodge a complaint with your local data protection authority.
California residents (CCPA / CPRA)
Where California privacy laws apply, California residents may have the right to know, correct, delete, and opt out of the sale or sharing of personal information. We do not sell or share personal information for cross-context behavioral advertising. We will not discriminate against you for exercising rights available under applicable law.
10. Contact and Updates
For privacy questions, requests, or complaints:
PUREMINE LLC
Email: support@puremineus.com
Website: https://puremineus.com
We may update this Policy from time to time. Where changes are material, we will notify you by email or in-platform notice at least 14 days before they take effect.