Privacy Policy

Last updated: 22 April 2025

Vendorpulse (“we,” “our,” or “us”) provides analytics and reporting services for Amazon Vendor Central users. This Privacy Policy explains how we collect, use, and protect the information you provide when you visit vendorpulse.io (the “Site”) or use our web‑based application (the “Service”).

1. Information We Collect

  • Account data – name, company, email address, password (hash), billing details.
  • Amazon API data – reports, purchase‑order details, chargebacks, and advertising metrics pulled via the Amazon SP API or Ads API after you complete the OAuth authorization flow.
  • Usage data – log files, IP address, browser type, referring pages, time stamps, click events, and feature usage aggregated via first‑party analytics.
  • Support data – correspondence through email, chat, or Intercom.

2. How We Use Information

  • Provide, maintain, and improve the Service.
  • Generate dashboards, forecasts, and AI‑based insights.
  • Send transactional emails (reports, security alerts, billing notices).
  • Respond to inquiries and provide customer support.
  • Monitor for fraud, abuse, or violations of our Terms of Service.
  • Comply with legal obligations and enforce our rights.

3. Legal Bases for Processing (EU/UK Users)

We process personal data under one or more of the following bases: (a) to perform our contract with you; (b) with your consent; (c) to comply with legal obligations; or (d) for our legitimate interests, such as improving the Service.

4. Sharing and Disclosure

We do not sell or rent your data. We share it only with:

  • Sub‑processors necessary to operate the Service (e.g., cloud hosting, payment processors, email delivery). Each is bound by confidentiality and data‑processing agreements.
  • Authorities when required by law, subpoena, or to protect our rights, property, or safety.

5. Data Retention

We keep account and Amazon report data for as long as your subscription is active or as needed to provide the Service. Upon cancellation, raw Amazon data is purged within 60 days unless retention is required by law.

6. Your Rights

Depending on your location, you may have rights to access, correct, delete, export, or object to processing of your personal data. Send requests to privacy@vendorpulse.io. We will respond within 30 days.

7. Security

We employ TLS encryption in transit, AES‑256 encryption at rest, role‑based access controls, and annual penetration tests. No Internet transmission or storage system is ever 100% secure, so we cannot guarantee absolute security.

8. International Transfers

We host data in the United States on SOC 2 Type II certified infrastructure. If you access the Service from outside the U.S., you consent to the transfer and processing of your data in the U.S.

9. Children’s Privacy

The Service is not directed to users under 18. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or a prominent notice on the Site.

11. Contact

Questions? Email us at privacy@vendorpulse.io or write to Vendorpulse LLC, 123 Main St, Suite 400, Austin TX 78701 USA.