Privacy Policy

1. Introduction

SellerPilot AI ("we," "our," or "us") operates the sellerpilotai.ai website and SaaS platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

By using SellerPilot AI, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account Information: When you create an account, we collect your name, email address, and password (securely hashed). We do not store passwords in plain text.

Amazon Seller Data: When you connect your Amazon Seller account via the Selling Partner API (SP-API), we request access to the following data categories through Amazon's OAuth authorization:

• Product Listing: Your product titles, descriptions, bullet points, images, categories, ASINs, and listing status. Used to scan for compliance issues.

• Selling Partner Insights: Your account health metrics, performance data, and account status. Used to monitor your overall compliance posture.

• Inventory and Order Management: Your inventory levels and catalog data. Used to contextualize compliance analysis with active product information.

This data is used solely to provide compliance monitoring services. We do not modify, edit, or take any actions on your Amazon Seller account. Our access is read-only for monitoring purposes.

Payment Information: Payment processing is handled by Stripe. We do not store your credit card numbers. Stripe may collect billing details as described in their privacy policy.

Usage Data: We collect information about how you interact with our platform, including pages visited, features used, and scan results, to improve our service.

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain our compliance monitoring service

• Scan your Amazon listings for compliance issues

• Send you alerts and notifications about compliance risks

• Process your subscription payments

• Improve and optimize our platform

• Communicate with you about service updates and changes

4. Data Security

We implement industry-standard security measures to protect your data. Authentication is handled by Supabase with Row Level Security (RLS) policies ensuring users can only access their own data. Amazon API tokens are stored encrypted and are never exposed to the client.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure.

5. Data Retention

We retain your account data for as long as your account is active. Compliance scan results and alert history are retained for the duration of your subscription. Upon account deletion, your personal data will be removed within 30 days, except where retention is required by law.

6. Third-Party Services

We use the following third-party services:

• Supabase — Authentication and database hosting

• Stripe — Payment processing

• Amazon SP-API — Seller account data access

• Vercel — Application hosting

• Resend — Email delivery

Each third-party service has its own privacy policy governing their use of your data.

We do not sell, rent, or share your Amazon seller data with any third parties for their own marketing or business purposes. Your Amazon data is only processed by our platform to deliver compliance monitoring services to you. No Amazon buyer Personally Identifiable Information (PII) is collected or stored.

7. Your Rights

You have the right to:

• Access the personal data we hold about you

• Request correction of inaccurate data

• Request deletion of your data

• Disconnect your Amazon Seller account at any time

• Export your data in a portable format

Revoking Amazon Access: You can disconnect your Amazon account from SellerPilot AI at any time through the Settings page on our platform. You can also revoke authorization directly from Amazon Seller Central by visiting the "Manage Your Apps" page. Upon disconnection, we stop accessing your Amazon data immediately. Previously collected data is retained per our data retention policy and can be deleted upon request.

To exercise these rights, contact us at support@sellerpilotai.ai.

8. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

9. Amazon Data Protection Compliance

SellerPilot AI complies with Amazon's Acceptable Use Policy, Data Protection Policy, and the Amazon Services API Solution Provider Agreement. We implement appropriate technical and organizational measures to protect Amazon Information as defined in these policies.

We encrypt all Amazon data in transit using TLS and at rest within our database. Amazon API credentials (access tokens and refresh tokens) are stored securely on the server side and are never exposed to the client browser. We restrict access to Amazon Information to authorized personnel on a need-to-know basis.

We maintain an incident response plan and will report any security incidents involving Amazon Information to security@amazon.com within 24 hours of detection, as required by Amazon's Data Protection Policy.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on our platform. Your continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, contact us at support@sellerpilotai.ai.