Data Stewardship
We are serious about data.
Your Data is Your Business.
At Sourcery, we know your relationships, market knowledge, and hard-earned trust form the backbone of your trade channels and yopbusiness. That’s why we built Connect as a platform you can t—giving you full ownership and control of your data, with enterprise-grade security protecting every transaction, from producer to consumer.
Fully Secure. Always Protected.
Fully Secure. Always Protected.
*Partners can give ‘view only’ access to Sourcery with explicit permission to manage post-transaction trade disputes. Permission can only be granted to specific Sourcery Engagement team members follow a formal Trust Line request.
We designed Connect with data sovereignty, ownership, advanced security, and privacy at its core.
All data is stored in your Partner Data Vault (PDV)—a private, secure, cloud-based environment designed to protect your business information through strict access controls, encryption, and data ownership policies. You retain full control over your data, how it is used and how its value is realised.
All Partners, as members, are required to review and agree to the internal policies below. These policies reflect our unwavering commitment to data ownership, privacy, security, and maintaining clear user controls throughout every interaction on Sourcery Connect.
Policies to Protect Our Partners
Data Standards and Certification
Connect is built using the most advanced data privacy and security systems available today—backed by globally recognised certifications and standards. We use advanced encryption for your transactional data—at rest and in transit—so you can rest assure knowing that your information remains secure, private, and fully under your control.
Sourcery Connect is designed to meet GDPR, UK, and U.S. privacy requirements, with dedicated APIs to support Partner compliance. 2Connect aligns with ISO 27001 and SOC Type 2’s five Trust Service Principles—security, availability, privacy, confidentiality, and processing integrity (certification pending). 3. Each Partner is issued a unique Sourcery ID with private on-device cryptographic keys that govern access and data stored in their Partner Data Vault (PDV). 4. All data in transit is encrypted using industry-leading protocols. 5. All data stored in the PDV is encrypted with E2EE protocol and secured using zero-knowledge cloud and blockchain (Sourcery Exchange only) architecture, ensuring data is accessible only to the data originator unless explicit permission is granted—Sourcery cannot access Partner data without explicit permission. 6. Place Protection enables Transform Plus, and Pro users to restrict administrative access to approved geographic areas using device-level geofencing.
Is Your Current Technology Built for Trade?
Most consumer apps used for trade weren’t built for trade. They’re free and convenient—but the real price is your data (and your time). They track who you are, how you trade, and with whom—what you buy, what you sell, and how your business runs. Many profit by selling that data to others.
On those platforms, you’re the product. That works for them. It doesn’t work for us. That’s why we built Connect—a platform purpose-built for trade, where you own and control your data.
Built for Trade
Vs.
Not Built for Trade
What’s Up with WhatsApp?
Used by more than two billion people worldwide, WhatsApp has become the default channel for sending offers, enquiries, and negotiating deals in commodity trade. Farmers, traders, agents, manufacturers, and brands use it—not because it’s fit for trade—but because it’s easy.
WhatsApp encrypts messages in transit, but real risks remain. Data isn’t encrypted at rest, devices can be compromised, and phone numbers and contact information are exposed—opening the door to solicitation, phishing, and cyber fraud.
And let’s be honest: Meta—which owns Facebook, Instagram, and Threads—built its empire by harvesting and monetizing user data (your data). Do we really believe the data flowing through a $5 trillion global agri-commodity sector is somehow exempt?
We don’t. Your transactions may feel secure—but are they truly private?
Great for family and friends. Not for trade. Connect was built for trade.
Is all of your data secure and truly private?
-
Email is generally considered safe, with most providers requiring a username and password for login and offering basic levels of encryption.
There are many popular options such as Microsoft 365, Gmail/G Suite, ProtonMail, and others—each offering varying degrees of security and privacy features designed to help protect your data.
However, a major challenge with email is that your information is only as secure as the weakest link. Even if your practices are solid, you're still vulnerable if the recipient’s or sender’s data is not equally protected. If they’re compromised, your communication can be too.
In addition, email is still vulnerable to hacking, phishing attacks, and unwanted solicitations, all of which can put your privacy and data at risk.
That’s why the Connect Platform does not use email. All communication happens directly within the Connect App and only with verified Partners who have been thoroughly vetted by Sourcery. All messages and trade-related data are encrypted—both in transit and at rest—ensuring a much higher level of security and trust.
-
WhatsApp, the Meta-owned messaging app, is used by over two billion people worldwide—including countless farmers, traders, agents, and manufacturers—to communicate and conduct trade. Until Connect, it has become the de facto tool for sending offers, inquiries, and negotiating in the agri-commodity trade.
While WhatsApp does use end-to-end encryption to protect messages in transit, the real vulnerability lies in how data is stored and access users have to your phone number—leading to unwanted solicitation (‘blasts’), phishing and fraud.
Messages and files are not encrypted at rest, meaning they can potentially be accessed if a device is compromised.
And let’s be honest—Meta (which also owns Facebook, Instagram, and Threads), alongside companies like Google, built their empires by monetizing user data.
Do you really think they’d pass up the opportunity to control and profit from data flowing through a $5 trillion global agri-commodity trade?
Sourcery Connect offers a more secure solution. All communication is encrypted both at rest and in transit, and only you can access the data in your account. Even we at Sourcery cannot access your information—and we will never sell your data without your explicit permission and when you do—you profit from the sale.
Learn more
-
Google Maps is used around the world for directions, avoiding traffic, and discovering new places—but when it comes to your personal data, no Google product is truly safe. Even Google openly admits how it uses your data. They know who you are, where you are, what you buy, sell, and even how you think.
In trade, your vendors, clients, farms, and factories are your business—but Google treats them like its business too.
That’s why the Connect Platform ‘Places’ feature takes a different approach. We use a proprietary static map that includes only a geocode, address, and topographical overlay—nothing more. When you add a location in Connect, it’s assigned a unique Bluenumber, giving your data the same blockchain-level protections you have as an individual. That means full control, privacy, and security over your farm, facility, or office information—without surveillance or third-party access.
-
Like Google Maps, Gmail, and other Alphabet-owned products, Google Drive is used by over 3 billion people worldwide—largely because its basic cloud storage is free. But as with all "free" Google products, there’s a trade-off: your data.
It’s well known and publicly documented that the files you store on Google Drive are not fully secure. Google retains access to your data, and that access is often used to support their advertising and data-mining operations.
When privacy matters—especially in trade—“free” can end up being very costly.
-
Video chat has become an essential tool around the world, enabling people to connect in ways that email, text, or even voice calls alone can’t—especially when it comes to building trading relationships and discussing commercial matters.
While Zoom has worked hard to improve its platform, it has faced well-documented security challenges. And like many communication tools, it may not be as secure as you think—especially when sensitive business conversations are involved.
That’s why Sourcery Connect includes a built-in Messages/Chat feature that supports text, voice, and video communication—all fully encrypted. Every conversation is protected with both in-transit and at-rest encryption, ensuring your trade discussions stay private, secure, and within your control.
Get Connect, Today.
Start trading for free.
The planet is the
world’s most
valuable asset.
Data is its most
valuable resource.
You’re in the commodities business—and with Connect, you’re also in the data business.
The world’s most powerful companies and organisations know one thing: your data is extremely valuable. Yet in trade, it’s routinely given away just to get deals done—turning a strategic asset into an unspoken cost of entry and allowing others to profit from it by selling it to marketers, technology companies and other third-parties.
Connect changes that. You own and control your commercial, chain-of-custody and impact data—deciding who accesses it, how it’s used, and when its value is unlocked. Your data isn’t the cost of doing business. It’s the future of it.
What is a BlueBox?
BlueBoxes are the shipping containers of the data economy. Each BlueBox digital asset contains secure and standardised commercial, social and environmental data captured via the Transparent Trade and Intelligent Impact solution modules though in Connect.
Partner Data Vault (PDV): Once captured and verified*, all data is encrypted and stored in a personal, zero-knowledge, secure cloud-based system called a Partner Data Vault (PDV).
Private & Secure: This vault is completely private and accessible only to you, the data originator. No one—not even Sourcery—can access your data without your explicit permission.
Intelligent Verification: Sourcery’s digital triangulation engine continuously cross-checks user identification, geolocation, and image metadata in real time to ensure data is accurate.
Powered by NFTs: Once verified, the data is minted as an immutable BlueBox digital asset anchored to the blockchain—making it tamper-proof and instantly interoperable.
Monetize & Withdraw: BlueBoxes are sold via the Sourcery Data Exchange (SDX). When a license is sold, you receive BluePoints—a digital currency—directly into your Connect wallet, which can be withdrawn to a bank account, UPI, or transferred to other Partners.
*All primary data and meta data is digitally verified. Partners have the option to select a third-party Assurance Partner to conduct a data verification audit. Additional fees may apply.
Verified Place.
Once captured, all transactional and impact data is securely stored and partitioned within each Partner Data Vault (PDV) on the blockchain—forming what we call an Verified Place, ‘Impact Stack, which ensures location-based control and access, full ownership and monetisation of your data.
BlueBox “Impact Stack” is illustration is for demonstration purposes only and does not imply Sourcery is working with these organisations. Partner Data Vault (PDV) can be protected additionally using Place Protection. Learn more.
Place Protection
Place Protection creates a secure geo-fence around each verified site polygon. When enabled by the Place administrator, access to data associated with that Place is restricted to users physically within the defined boundary—ensuring that transaction and impact data are captured and accessed only at the designated site.
Connect uses its own proprietary mapping system, not Google Maps keeping all geocode, address, and polygon data private and fully controlled by the Place owner.
Geo-fenced access: Data can only be captured and viewed within the verified site boundary—critical for desk-based audits and data attribution.
Proof of origin integrity: Ensures transaction and impact data originate from the designated location.
Proprietary mapping system: No reliance on Google Maps, Apple Maps or external third-party map providers who use your data—location data remains 100% private.
Owner-controlled permissions: Place administrators decide who can access data and whether Place Protection is enforced.
Data Sovereignty and Equity.
Sourcery Connect captures transactional and impact data in real time, aligned with our Transparent Trade and Intelligent Impact modules.
Through the Sourcery Exchange (SDX) data marketplace, Partners can be recognized and rewarded for commercial, social, and environmental performance data—licensing it directly to those who benefit from it most, including suppliers, brands, governments, investors, financial institutions, insurers, and technology providers.
Your data is your business.
*Graphical representation ‘BlueBox digital assets that will be available for purchase in the Sourcery Exchange (SDX) data marketplace. In the meantime, primary data can be purchased directly via Sourcery.
System Integration and Interoperability
Most technology companies build products. At Sourcery, we build infrastructure.
Long before launching any features, we engineered a robust, API-first backend data infrastructure designed specifically for trade. Our modular templates enable structured data capture, secure storage, controlled sharing, and seamless integration with multiple ERP, PLM, CTMR, traceability, impact and risk reporting platforms.
Each transaction is packaged into a secure, permissioned data envelope—protecting commercial, transactional and impact information while giving you full control over access, interoperability, and sharing across qualified third-party systems.
Prospective integration software solution logos are protected under copyright. Used for demonstration purposes only and does not imply existing partnership or integration with Sourcery.