Last updated: 2/26/2026
1. Overview
Confirmi is a merchant risk assessment platform designed to help e-commerce sellers reduce Return-to-Sender (RTS) losses, failed deliveries, and fraudulent transactions by analyzing historical order outcomes.
Confirmi processes limited customer data strictly for fraud prevention, delivery reliability analysis, and merchant operational risk management.
Confirmi operates in compliance with the Philippine Data Privacy Act of 2012 (RA 10173) and applies industry-standard security safeguards.
2. Categories of Data Processed
When a merchant connects their Pancake account via OpenAPI, Confirmi may process the following customer-related data:
Identifiers
- Phone number
- Customer name
Delivery Information
Order Outcome Metrics
- Order count
- Successful order count
- Failed / RTS order count
- Order timestamps
Confirmi does not collect:
- Payment card details
- Banking information
- Conversation/chat history
- Product contents beyond what is required for risk context
- Internal Pancake trust or moderation flags
3. Purpose of Processing
Customer data is processed exclusively to:
- Generate delivery reliability and RTS risk assessments
- Detect patterns of repeated failed deliveries across participating merchants
- Identify high-risk transactions before shipment
- Support fraud prevention and operational decision-making
Confirmi does not use this data for:
- Marketing or advertising
- Behavioral profiling unrelated to fraud prevention
- Resale to third parties
4. Aggregation and Cross-Merchant Analysis
Confirmi may aggregate customer order outcome data across participating merchants.
To protect privacy:
- Phone numbers are normalized and cryptographically hashed for cross-merchant matching.
- Merchant identities are not disclosed to other merchants.
- Individual merchant performance breakdowns are not shared.
When a risk lookup occurs, merchants receive aggregated statistics only, such as:
"This customer has placed 33 total orders across 2 participating merchants, with a 54% successful delivery rate."
No other merchant-specific data is revealed.
5. Address & Name Processing
Customer names and delivery addresses are processed solely for:
- Identifying duplicate patterns (e.g., repeated RTS to the same address)
- Detecting risk clusters (e.g., same address used across multiple failed transactions)
- Supporting merchant-level fraud detection models
Confirmi does not publicly expose names or full addresses to other merchants.
Where feasible, Confirmi applies:
- Partial masking
- Tokenization
- Hash-based matching for cross-merchant analytics
6. Lawful Basis for Processing
Processing is based on:
- Legitimate interest of merchants in preventing fraud and reducing financial loss
- Merchant authorization when integrating Pancake accounts
- Contractual necessity for providing Confirmi's services
Merchants remain responsible for informing their customers that order data may be processed for fraud prevention purposes.
7. Data Minimisation & Proportionality
Confirmi adheres to data minimisation principles:
- Only data necessary for risk modeling is processed
- No excessive personal information is collected
- Access to personal data is strictly role-restricted
8. Data Security Safeguards
Confirmi implements technical and organisational measures including:
Technical Safeguards
- HTTPS (TLS 1.2+) encrypted transmission
- Encryption at rest
- One-way hashing of phone numbers for cross-merchant matching
- Restricted database access
- Role-based access control (RBAC)
- API key encryption and secure storage
Organisational Safeguards
- Limited internal access to production data
- Access logging and monitoring
- Controlled deployment processes
- Immediate revocation of access for departing personnel
9. Data Sharing & Third Parties
Confirmi does not:
- Sell personal data
- Share raw personal data with third parties
- Expose full names or addresses across merchants
Data is processed strictly within Confirmi's infrastructure.
10. Data Retention
Customer data is retained only for as long as:
- The merchant maintains an active Confirmi subscription; or
- The data remains relevant for fraud prevention and risk modeling
Upon merchant termination, data may be deleted or anonymized subject to legal obligations.
11. Incident Management
Confirmi maintains procedures for:
- Security incident detection
- Containment and investigation
- Notification of affected parties where required by law
12. Compliance Framework
Confirmi aligns with:
- Philippine Data Privacy Act of 2012 (RA 10173)
- Secure API integration best practices
- SaaS security standards for data protection
While Confirmi is not currently ISO-certified, security practices follow commonly accepted SaaS security principles.