Privacy Policy

Last Updated: February 25, 2026

This document outlines RecallSeeker's privacy, data collection, processing, and security policies, and serves as the Data Processing Addendum (DPA) for enterprise and API customers. It is designed to support our role as a privacy-first safety intermediary handling recall notifications while minimizing risk and protecting user PII. Participation in the B2C front-end is optional, free, and intended to facilitate product registration and recall tracking; user data is only used for recall purposes.

1. Data Collection

RecallSeeker may collect the following types of data:

  • User-Provided Data: Account registration, manually registered products, uploaded datasets, and other user content.
  • Purchase & Product Data: Product identifiers (SKU/UPC), manufacturer, purchase date, retailer, timestamp, and price (shared with manufacturer only with user consent for refund purposes).
  • Usage Data: Interaction logs, analytics, feature usage, and system performance metrics.
  • Technical Data: IP addresses, device type, browser information, API call metadata.
  • Consent & Communication Preferences: Notification preferences, communication frequency, and opt-in/opt-out selections.

2. Purpose of Data Processing

  • Enable recall detection, matching, and notification.
  • Support AI-assisted analytics and process improvement using pseudonymized or aggregated data; raw PII is never analyzed without user consent.
  • Allow enterprise/API partners to manage recall workflows in a privacy-first manner.
  • Maintain internal audit logs of PII disclosures.
  • Comply with legal obligations and regulatory reporting.

3. PII & Consent-Gated Data Sharing

  • PII is shared with manufacturers or enterprise partners only with explicit user consent during an active recall event.
  • Users can withdraw consent, stop recall participation, or delete their account at any time.
  • Audit logs track every PII disclosure, including event ID, timestamp, user ID token, recall campaign ID, recipient, data categories shared, consent status, and method of disclosure.
  • Third-party messaging providers (SMS/email) may be used for notifications; all PII sent is encrypted and minimal, and no analytics are performed on raw PII externally.

4. Recall Completion & Outcome Retention

  • Users may retain recall completion records for proof of remedy or resale; records include product ID, recall ID, resolution type, completion date, and optionally a hashed serial number. No PII is shared unless consented.
  • Users can deregister products at any time; all associated PII linkages are removed immediately.
  • Ownership transfers can occur with explicit consent; only outcome metadata may be shared with the new owner.

5. Data Security

  • PII is encrypted at field level and stored in a separate, access-controlled database.
  • Purchase data is pseudonymized and tokenized to separate it from PII.
  • Audit logs are encrypted, immutable, and retained for 5–7 years.
  • Regular vulnerability testing, monitoring, and role-based access control are enforced.

6. Enterprise/API Customer Obligations

  • Enterprise customers must manage API key security, user access, and internal compliance.
  • Data transfer and processing are subject to legal and contractual safeguards as outlined in this DPA.
  • PII is available to partners only during event-triggered, user-consented recall workflows.

7. Data Retention

  • Active recall PII: Retained only for the duration of the recall or until user revocation.
  • Audit logs: Retained 5–7 years for regulatory and compliance purposes.
  • Anonymized recall outcome datasets: Retained indefinitely for analytics and process improvement.
  • Purchase linkage data: Deleted or tokenized after recall completion; user consent required for price or sensitive details sharing.
  • Consent logs: Retained 7 years for disputes and regulatory verification.

8. International Data Transfers

Currently, operations are U.S.-only. Future expansion may include Canada and Mexico; any international transfer will use safeguards such as standard contractual clauses or other approved mechanisms under applicable law.

9. User Rights & Revocation

  • Stop recall participation: User can halt active recalls without sharing PII.
  • Withdraw PII sharing: Users can block manufacturer access while continuing internal notifications.
  • Delete account: Removes all PII and routing from active databases; anonymized audit logs and recall outcome metadata may remain for regulatory purposes.
  • Users can update or correct PII at any time to maintain accurate notifications.

10. Compliance with Laws

RecallSeeker complies with applicable privacy and data protection laws including CCPA/CPRA and GDPR where relevant, and maintains best-practice measures for recall-specific data retention and PII minimization.

11. Contact Information

For privacy, data processing, or accessibility concerns, contact:

RecallSeeker
Email: support@recallseeker.com

By using RecallSeeker, you acknowledge and agree to this Privacy Policy and Data Processing Addendum, and accept our commitment to accessibility and Section 508 compliance.