Your data belongs to you. Ecom Forward honors GDPR Article 20 (portability) and Article 17 (erasure) with simple self-serve flows.
Exporting your data
One-click JSON download of every row we hold on you:
- Go to Account.
- Scroll to Data export.
- Click Download all data.
- A JSON file downloads with: profile, stores, daily entries, products, customers, expenses, team members, audit log.
Note
- Owners get the full business data set.
- Team members get only their personal profile + membership.
How your data is isolated
Every table uses row-level security (RLS) scoped by owner. Your data never crosses paths with another customer's — enforced at the database layer, not just the application.
Deleting your account (owner)
- Go to Account → scroll to Delete account.
- Click the button. A confirmation modal appears.
- Type your full email address to confirm.
- Click Schedule deletion.
- You receive a “scheduled for deletion” email with the purge date (30 days from now).
- During the 30-day grace period:
- You can sign in and click Cancel deletion to stop the purge.
- On day 22, you receive a reminder email.
- On day 30, your account is hard-deleted: every row, every table. No recovery.
Heads up
Removing yourself as a team member
Team members don't own data, so removal is instant — no grace period. Your workspace owner keeps their data; you just stop having access.
Sub-processors
We share data with:
- Supabase (database + auth, EU-hosted).
- Vercel (hosting, EU edge).
- Resend (transactional emails).
- Stripe (billing).
- Anthropic (Claude — powers Ford and AI Listings; it sees only the data needed to answer the question or write the content you ask for, and your data is never used to train AI models).
Full details in the Privacy Policy.
CCPA (California residents)
All the same rights apply plus: right to know what data we collect, right to opt out of any sale (we don't sell data), right to non-discrimination. Email info@ecomforward.io for CCPA-specific requests.