Privacy Policy

Italian Essence ("we," "us," "our") operates a business-to-business wholesale platform for imported Italian food products at italianessence.com (the "Service"). This Privacy Policy explains what information we collect, why we collect it, and the choices you have. By using the Service you agree to the practices described here.

Information we collect

Account & business information

When you apply for a wholesale account, sign in, or place an order we collect the information you provide directly: your name, business name, business address, phone number, email address, resale or tax-exemption certificates you upload, and the products and quantities you order. Owners and team members you invite have the same data collected when they sign up.

Order, invoice & payment data

Order history, invoices, delivery addresses, fulfillment notes, and payment records are stored to operate the wholesale relationship. Card payments are processed by Stripe; we do not see or store full card numbers — only Stripe's tokenized references and the last four digits for receipt display.

Automatically collected information

When you visit the Service we record standard server logs (IP address, browser, pages visited, timestamps) and use cookies for authentication and session continuity. We do not run third-party advertising trackers.

Information from Google

If you choose to sign in with Google, we receive your Google account's email address, name, and profile picture so we can match you to an existing wholesale account and personalize your dashboard. See the Google API Services section below for the full disclosure.

How we use information

• To create and operate your wholesale account, including approval review.
• To process orders, invoices, payments, deliveries, and returns.
• To send transactional email — order confirmations, invoices, account status changes, delivery updates, security codes, and password resets.
• To respond to support requests and contact-form submissions.
• To detect fraud, enforce our terms, and meet legal and tax obligations.
• To improve the Service through aggregated, non-identifying analytics.

Google API Services

Italian Essence uses Google APIs in two limited ways. We disclose them here to comply with the Google API Services User Data Policy:

Sign in with Google (scopes: openid, email, profile)

When an administrator or customer chooses "Sign in with Google," we receive your basic profile information (Google account email, display name, profile picture) solely to authenticate you against your existing wholesale account. We do not use these scopes for advertising, do not transfer this data to third parties, and do not allow humans to read it except where required by law or to investigate abuse with your consent.

Gmail send for outgoing transactional email (scope: https://www.googleapis.com/auth/gmail.send)

An Italian Essence operator may connect a single Italian Essence-owned Google Workspace mailbox (such as [email protected]) to deliver outgoing transactional email to customers. The gmail.send scope is used exclusively to send email composed by the Service (order confirmations, invoices, account status changes, password resets, security codes, and admin notifications). We do not read, modify, list, label, draft, search, or delete any messages in the connected mailbox. We store only the OAuth refresh token needed to send mail, and an administrator can revoke that token at any time from Admin → Settings → Gmail or from the Google account permissions page.

Italian Essence's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

How we share information

We do not sell or rent personal information. We share it only with service providers who help us operate the Service, and only as needed for those services:

• Stripe — payment processing.
• Twilio — SMS-based two-factor authentication.
• Google Workspace — email delivery via Gmail send (described above).
• UPS — when you select parcel fulfillment.
• Hosting and infrastructure providers — to run the Service.

We may also disclose information to comply with legal process, enforce our terms, or protect rights and safety.

Data retention

We keep account, order, and tax records for as long as the wholesale relationship is active and for the period required by tax and accounting law (generally seven years after your last order). OAuth refresh tokens are kept until you revoke them or until an administrator disconnects the integration. You may request earlier deletion of personal information that is not under a legal hold by emailing us at the address below.

Your choices

• You can update your name, business information, and team members from your account settings.
• You can disconnect Sign in with Google at any time from your Google account permissions; your Italian Essence account remains and you can sign in with email and password.
• You can request a copy of your data, correction, or deletion by emailing [email protected].
• You can opt out of non-essential email by replying to any message; transactional messages required to operate your account will continue.

Security

We protect information in transit with TLS, store passwords using one-way hashing, require two-factor authentication for sign-in, and limit access to production data to authorized staff. No system is perfectly secure; if we ever learn of a breach affecting your information we will notify you as required by law.

Children

The Service is intended for licensed food-service businesses and is not directed to children under 13. We do not knowingly collect information from children.

Changes

If we materially change this policy we will post the updated version here and adjust the effective date above. Continued use after changes means you accept the revised policy.

Contact