Last updated: April 29, 2026
We collect information you provide directly to us, including your name, email address, and identity verification documents (for sellers). We also collect transaction data, device information, and usage analytics to improve our platform and prevent fraud.
We use your information to: process transactions and manage your account; verify seller identities and prevent fraud; send notifications about your listings, orders, and payouts; improve our platform and personalize your experience; comply with legal obligations and enforce our Terms of Service.
Identity documents submitted for seller verification are stored with AES-256 encryption and are accessible only to authorized OEA administrators for fraud review purposes. Documents are retained for 7 years to comply with financial regulations and are never shared with third parties except as required by law.
All payment processing is handled by Stripe, Inc. OEA does not store full credit card numbers or sensitive payment credentials. Stripe's privacy policy governs the handling of your payment information. We store only transaction identifiers and metadata necessary for order management.
We do not sell your personal information. We may share data with: service providers who assist in operating our platform (Stripe for payments, cloud storage providers); law enforcement when required by law or to prevent fraud; business partners with your explicit consent.
We use session cookies for authentication and analytics cookies to understand platform usage. You can disable cookies in your browser settings, though this may affect platform functionality. We do not use third-party advertising trackers.
Account data is retained for the duration of your account and for 3 years after account closure. Transaction records are retained for 7 years for financial compliance. You may request deletion of your personal data by contacting us, subject to legal retention requirements.
You have the right to access, correct, or delete your personal information. You may also request a copy of your data or opt out of certain processing. To exercise these rights, contact us at [email protected]. We will respond within 30 days.
We implement industry-standard security measures including TLS encryption for data in transit, AES-256 encryption for sensitive data at rest, multi-factor authentication for admin access, and regular security audits. However, no system is completely secure and we cannot guarantee absolute security.
For privacy-related inquiries, contact our Privacy Officer at [email protected] or write to: Operational Excellence Advisors, Privacy Officer, United States.