TariffOS
Request Demo
LEG.PRVLegal

Privacy
Policy.

Last updated: May 6, 2026 · Effective for all TariffOS web properties and APIs.

1 · Who we are

TariffOS Inc. ("TariffOS", "we") operates the tariff-intelligence platform available at tariffos.com and via the TariffOS APIs. We act as a data controller for our marketing site and as a data processor for customer-submitted import data under our Data Processing Addendum (DPA).

2 · Data we collect

  • Account data: name, business email, company, role, billing details.
  • Usage data: API request metadata, dashboard interactions, performance telemetry.
  • Customer trade data: HS codes, invoices, supplier records you submit for analysis.
  • Site visitor data: IP, user-agent, page views, anonymized analytics.

3 · How we use it

  • Operate, secure, and improve the TariffOS platform and APIs.
  • Provide tariff lookups, classification, and landed-cost calculations you request.
  • Detect abuse, enforce rate limits, and meet our SLA commitments.
  • Send transactional emails and — with consent — product updates.

4 · Legal bases (GDPR)

We process personal data under contract necessity (delivering the service), legitimate interest (security, fraud prevention, product analytics), legal obligation (tax, audit), and consent (marketing).

5 · Sharing & subprocessors

We share data only with vetted subprocessors strictly required to operate the service (cloud hosting, email delivery, payments, analytics). The current subprocessor list is available on request and any additions are notified to enterprise customers in advance.

6 · International transfers

Data may be processed in the United States and the European Union. EU/UK transfers rely on Standard Contractual Clauses; US transfers honor the EU-US Data Privacy Framework where applicable.

7 · Retention

We retain account data for the duration of the contract plus 7 years for tax and audit obligations. Customer trade data is retained per the agreement and deleted within 30 days of termination, unless required by law.

8 · Your rights

You may request access, correction, deletion, restriction, or portability of your personal data, and you may object to certain processing. EU residents have the right to lodge a complaint with their supervisory authority.

9 · Security

All data is encrypted in transit (TLS 1.3) and at rest. Access is governed by least-privilege RBAC, audited continuously, and reviewed against our SOC 2 Type II controls.

10 · Contact

Privacy requests: privacy@tariffos.com. EU representative and DPA available on request.