Privacy Statement

Last updated: 1st March 2026

Controller Information

RFQmatch.com ("RFQmatch", "we", "us", "our") acts as the data controller within the meaning of Article 4(7) of the General Data Protection Regulation (GDPR).

Contact details:
Email: [email protected]
Address: Goudenregen 12, 8141 XA, Heino

Scope of This Privacy Statement

This Privacy Statement applies to the processing of personal data through the RFQmatch.com platform, including:

  • Website visitors
  • Registered buyers and suppliers
  • Business communications conducted via the platform

It applies to users located in the European Economic Area (EEA) and other jurisdictions where the GDPR applies.

Principles of Data Processing

Personal data is processed in accordance with the principles set out in Article 5 GDPR:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

Categories of Personal Data

4.1 Identification and Contact Data

  • Full name
  • Business email address
  • Phone number
  • Job title
  • Company name

4.2 Professional and Platform Data

  • Buyer and supplier profile information
  • RFQ submissions and responses
  • Messages exchanged via the platform
  • Transactional and contractual metadata

4.3 Technical and Usage Data

  • IP address
  • Browser and device information
  • Log files
  • Cookie identifiers

Purposes of Processing

Personal data is processed for the following purposes:

  • Operation and maintenance of the RFQmatch platform
  • Facilitation of RFQ transactions between buyers and suppliers
  • User authentication and account management
  • Customer support and operational communications
  • Platform analytics and service improvement
  • Fraud prevention and platform security
  • Compliance with legal and regulatory obligations

Legal Basis for Processing (Article 6 GDPR)

Processing is based on one or more of the following lawful bases:

  • Performance of a contract
  • Legitimate interests pursued by RFQmatch
  • Compliance with legal obligations
  • User consent, where required (e.g. non-essential cookies or marketing communications)

Data Sharing and Recipients

Personal data is not sold.

Personal data may be shared with:

  • Other platform users, where necessary to fulfil RFQ transactions
  • Authorized service providers acting as data processors
  • Legal or regulatory authorities, where required by law
  • Professional advisors under confidentiality obligations

RFQmatch uses third-party infrastructure and service providers, including:

  • Vercel (cloud hosting and platform infrastructure)
  • Supabase (database and backend services)

All processors are engaged under data processing agreements in accordance with Article 28 GDPR.

International Data Transfers

Personal data may be processed and stored outside the European Economic Area.

In particular, personal data may be transferred to and processed in the United States by service providers such as Vercel and Supabase.

Where personal data is transferred to third countries, RFQmatch implements appropriate safeguards in accordance with Article 46 GDPR, including the use of Standard Contractual Clauses approved by the European Commission.

Data Retention

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, taking into account:

  • Contractual requirements
  • Legal and regulatory obligations
  • Legitimate business interests

When personal data is no longer required, it is securely deleted or anonymized.

Data Subject Rights

Under the GDPR, users have the right to:

  • Access their personal data
  • Rectify inaccurate or incomplete data
  • Request erasure of personal data
  • Restrict processing
  • Object to processing based on legitimate interests
  • Receive their data in a portable format
  • Withdraw consent at any time, where processing is based on consent
  • Lodge a complaint with a supervisory authority

Requests can be submitted using the contact details provided in Section 1.

Cookies and Tracking Technologies

RFQmatch.com uses cookies and similar technologies to ensure platform functionality and analyze usage.

Non-essential cookies are used only with user consent. Users can manage or withdraw cookie consent at any time through browser settings or cookie controls.

Data Security

RFQmatch implements appropriate technical and organizational measures to protect personal data, including:

  • Access controls
  • Encryption
  • Secure hosting environments
  • Regular security reviews

Despite these measures, no system can guarantee absolute security.

Automated Decision-Making

RFQmatch does not use automated decision-making or profiling that produces legal or similarly significant effects within the meaning of Article 22 GDPR.

Third-Party Websites

The RFQmatch platform may contain links to third-party websites.

RFQmatch is not responsible for the privacy practices or content of external websites.

Changes to This Privacy Statement

This Privacy Statement may be updated from time to time to reflect legal, regulatory, or operational changes.

Updates will be published on this page with a revised "Last updated" date.

Contact and Complaints

For privacy-related inquiries or GDPR requests, users may contact:

Email: [email protected]
Address: Goudeneregen 12, 8141 XA, Heino

Users also have the right to lodge a complaint with their competent data protection authority.

Guest RFQ (Development Testing)