Indivend Logo
IndiVend
Sign Up

Updated: February 27, 2026

Privacy Policy

This Privacy Policy explains how IndiVend, Inc. ("IndiVend," "we," "us," "our") collects, uses, shares, and protects personal information when you use our websites, applications, and services (collectively, the "Services").

This policy applies to:

  • Vendors / Sellers who create or manage an IndiVend store ("Vendors"), and
  • Customers / Shoppers who browse, contact, or purchase from an IndiVend Vendor store ("Customers").

If you have questions or want to exercise a privacy right, contact us at privacy@indivend.com.

1. Who we are

Company: IndiVend, Inc., a Delaware corporation

Address: [Company address]

Privacy email: info@indivend.com

2. Key concepts used in this policy

  • Vendor Store: A storefront created and managed by a Vendor using IndiVend.
  • Indi: IndiVend's AI assistant that can access Vendor store data to provide coaching, recommendations, and operational support.
  • Account Identifiers: We may use a WhatsApp-enabled phone number as a primary identifier for an account where used, and email as another identifier depending on signup method.
  • Cross-store account reuse: A Customer account created with one Vendor can be used across other Vendor Stores on IndiVend.

3. Information we collect

A) Information you provide

Vendors

We may collect:

  • Account information (name, email, phone/WhatsApp number, password/PIN or login method)
  • Business/store details (store name, category, logo/branding, location details if provided, catalog/products/services, pricing, store policies)
  • Support communications (messages to support, feedback, survey responses)
  • Billing and subscription details (plan selection, billing contact details, invoices)

Customers

We may collect:

  • Account information (phone/WhatsApp number and/or email)
  • Order/checkout information (items selected, purchase history within a Vendor store, order notes, fulfillment preference such as pickup/delivery if enabled by the Vendor)
  • Messages and interactions initiated through store contact methods (for example, "click to WhatsApp")

B) Information collected automatically

When you use the Services, we may automatically collect:

  • Device and browser data (IP address, device identifiers, operating system, browser type, language)
  • Usage data (pages viewed, clicks, session timestamps, referring URLs, interactions with store pages)
  • Approximate location inferred from IP address (coarse location)

C) Information from third parties

We may receive information from:

  • Payment processors (payment confirmations, dispute/chargeback signals, fraud indicators; we generally do not receive full card details)
  • Analytics provider: PostHog (usage events and performance data)
  • Infrastructure providers (hosting, database, storage, monitoring)

4. How we use personal information

We use personal information to:

A) Provide and operate the Services

  • Create and manage Vendor and Customer accounts
  • Host and deliver Vendor Stores and catalogs
  • Enable checkout and order experiences where available
  • Provide customer support and respond to requests

B) Process payments, subscriptions, and platform fees

  • Process subscription charges (where applicable)
  • Calculate and apply platform fees based on eligible activity that occurs through IndiVend checkout and platform systems
  • Maintain invoices and billing records

C) Improve, secure, and maintain the Services

  • Monitor performance, troubleshoot bugs, and improve reliability
  • Prevent fraud, abuse, and unauthorized access
  • Enforce our Terms and policies

D) Communicate with you (Email and WhatsApp)

We may send:

  • Service/transactional messages (e.g., account notices, security alerts, receipts, important operational updates)
  • Onboarding and educational communications, such as product tips, setup guidance, best practices, and blog-style resources

Where required, we provide opt-out options for non-essential marketing messages. Certain service messages may still be sent if necessary to deliver the Services.

E) Power Indi (our AI assistant)

Indi is designed to act as a business coach and may also support Vendors as an "outside representative," using Vendor store context and data to help facilitate actions inside and outside the platform.

Indi may use Vendor store data to:

  • Generate recommendations (e.g., what to improve in a store, how to structure offerings)
  • Draft marketing content (e.g., post ideas, message drafts, copy suggestions)
  • Summarize store performance patterns and activity
  • Support operational workflows (e.g., suggested responses, customer follow-ups)

Important: Indi's outputs are suggestions. Vendors remain responsible for reviewing, approving, and using content and actions in compliance with law, platform rules, and customer expectations.

5. Cross-store accounts and shared customer identity

IndiVend accounts are designed to be reusable across Vendor Stores. This means:

  • A Customer who creates an account with one Vendor can use the same account in other Vendor Stores.
  • Vendors may be able to recognize returning Customers based on the account identifier (WhatsApp number and/or email) when Customers interact with that Vendor's store.

What is not shared by default: We do not automatically provide one Vendor full visibility into another Vendor's store data or customer activity. Each Vendor primarily has access to information and interactions related to their own store.

6. How we share personal information

We do not sell personal information in the traditional sense. We share personal information only as described below.

A) With Vendors and Customers (store transactions and interactions)

  • If you are a Customer, the Vendor you purchase from (or contact) will receive the information needed to fulfill the order or respond (e.g., your contact details and order details).
  • If you are a Vendor, your store displays the business information and content you choose to publish.

B) With service providers (processors)

We share information with companies that help us run IndiVend, such as:

  • Hosting and cloud infrastructure
  • Database and storage providers (e.g., Supabase)
  • Analytics (PostHog)
  • Communications providers (for email and, where enabled, WhatsApp messaging)

These providers are permitted to use personal information only to provide services to IndiVend.

C) With payment processors

We share information necessary to process payments, manage fraud, and handle disputes/chargebacks.

D) For legal and safety reasons

We may disclose information if we believe disclosure is reasonably necessary to:

  • Comply with law, regulation, subpoena, or legal process
  • Protect the security and integrity of the Services
  • Prevent fraud, abuse, or harmful activity
  • Protect the rights, safety, and property of IndiVend, Vendors, Customers, or the public

E) Business transfers

If IndiVend is involved in a merger, acquisition, restructuring, or sale of assets, personal information may be transferred as part of that transaction, subject to appropriate protections.

7. AI and automated processing (Indi)

Indi may process data using automated methods to generate insights, recommendations, summaries, and drafted content.

We do not intend for Indi to make legally significant decisions about individuals without human review. Vendors are responsible for reviewing and approving any communications or actions suggested by Indi.

8. International data transfers and hosting location

Our infrastructure is currently hosted in the United States, and we use U.S.-based providers (including PostHog and infrastructure/database providers).

If you are located in Colombia, your information may be transferred to and processed in the United States. We take reasonable contractual and technical steps to protect data during processing and transfer.

9. Data retention

We retain personal information only as long as necessary to:

  • Provide the Services
  • Maintain business, accounting, and financial records
  • Enforce agreements and resolve disputes
  • Prevent fraud and abuse
  • Comply with legal obligations

Retention and anonymization. Where feasible, we delete or anonymize personal information when it is no longer needed for these purposes. We may retain non-identifiable or aggregated data (for example, transactional totals and GMV records) to support bookkeeping, analytics, platform integrity, and product improvement.

10. Deletion requests and recordkeeping exceptions

If you request deletion of your personal information, we will take reasonable steps to delete or anonymize personal identifiers associated with your account.

We may retain certain records as required or permitted by law and for legitimate business purposes such as:

  • dispute resolution,
  • chargebacks,
  • fraud prevention,
  • security, and
  • bookkeeping and accounting.

In these cases, we will restrict the use of retained information and, where feasible, anonymize it (for example, retaining GMV records while removing direct identifiers like WhatsApp number and email).

11. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information. However, no security system is perfect, and we cannot guarantee absolute security.

12. Cookies and tracking technologies

We use cookies and similar technologies to:

  • Keep users logged in
  • Remember preferences
  • Measure usage and performance
  • Improve reliability and security

You can control cookies through browser settings. Disabling cookies may affect some features.

13. Your rights and choices

A) General rights (all users)

Depending on your location and applicable law, you may have the right to:

  • Request access to your personal information
  • Request correction of inaccurate information
  • Request deletion (subject to legal and operational exceptions)
  • Object to or restrict certain processing (where applicable)
  • Withdraw consent (where processing is based on consent)

B) Marketing preferences

Where applicable, you can opt out of non-essential marketing emails using the unsubscribe link or by contacting us. You may still receive service/transactional messages.

C) How to exercise rights

Email info@indivend.com with:

  • Your name and the email/phone associated with your account
  • The request type (access, correction, deletion, etc.)
  • Any helpful context

We may verify your identity before processing requests.

14. Children's privacy

The Services are not intended for children, and we do not knowingly collect personal information from children without appropriate authorization. If you believe a child has provided personal information, contact us.

15. Changes to this policy

We may update this Privacy Policy as IndiVend evolves. If changes are material, we will provide notice through the Services or other reasonable means. The "Last updated" date reflects the effective date.

16. Contact us

IndiVend, Inc.

info@indivend.com