PRIVACY POLICY

1. INTRODUCTION

This Privacy Policy ("Policy") describes how we collect, use, disclose, and safeguard your information when you use our Service. By using the Service, you consent to the data practices described in this Policy.

2. INFORMATION WE COLLECT

2.1 Information You Provide

• Account registration data (name, email address, company information)
• Payment and billing information
• Communications with us
• User-generated content within the Service
• Third-party API credentials and authorization tokens

2.2 Information from Third-Party APIs

• Amazon Seller Central data accessed via SP-API
• Sales reports and transaction data
• Product listings and inventory information
• Customer analytics data (aggregated and anonymized)
• Performance metrics and business analytics

2.3 Automatically Collected Information

• Usage data and analytics
• Device information and identifiers
• Log data (IP addresses, browser type, access times)
• Cookies and similar technologies

3. LAWFUL BASIS FOR PROCESSING

We process personal data based on:

• Contract Performance: To provide the Service you requested
• Legitimate Interests: For business operations, security, and improvement
• Legal Obligations: To comply with applicable laws
• Consent: Where specifically obtained

4. USE OF INFORMATION

We use collected information solely for:

• Service provision and account management
• Payment processing
• Technical support and communications
• Service improvement and development
• Legal compliance and fraud prevention
• Protection of our rights and interests
• Generating analytics and LTV calculations
• Processing and analyzing sales data from connected platforms

5. MERCHANT DATA PROCESSING

5.1 Data Processing Role

For merchant data obtained through third-party APIs, we act as a data processor on your behalf. You remain the data controller and are responsible for compliance with applicable data protection laws.

5.2 Data Accuracy Disclaimer

WE DO NOT VERIFY, VALIDATE, OR GUARANTEE THE ACCURACY OF DATA OBTAINED FROM THIRD-PARTY SOURCES. All analytics and calculations are based on data as received, without warranty.

5.3 Amazon SP-API Compliance

For Amazon marketplace data:

• We comply with Amazon's Data Protection Policy and Acceptable Use Policy
• Customer PII is retained for maximum 30 days after order delivery
• PII is used solely for: order fulfillment, tax calculation/remittance, tax invoicing, and legal compliance
• Data is automatically purged after 30 days (exception: cold storage for tax/regulatory requirements)
• We implement required security controls including encryption (minimum AES-128/RSA-2048)
• We maintain vulnerability scanning (every 180 days) and penetration testing (annually)

5.4 Security Measures

We implement industry-standard security measures including:

• Encryption at rest and in transit
• Access controls and authentication
• Regular security assessments
• Incident response procedures
• Data loss prevention controls
• Audit logging and monitoring

6. DATA SHARING AND DISCLOSURE

6.1 Limited Sharing

We do not sell, rent, or trade personal information. We may share data only with:

• Service providers under strict confidentiality obligations
• As required by law or legal process
• To protect our rights, property, or safety
• In connection with business transfers or acquisitions

6.2 Data Processor Agreements

All third-party processors are bound by data processing agreements ensuring appropriate safeguards.

7. DATA RETENTION

We retain personal data only as long as necessary for the purposes outlined herein or as required by law. Upon termination, data may be deleted without notice.

7.1 Amazon Customer Data

• Customer PII: Deleted automatically 30 days after order delivery
• Order data without PII: May be retained for analytics purposes
• Aggregated/anonymized data: May be retained indefinitely
• Tax-related data: Archived in cold storage as required by law

7.2 General Retention Policy

• Account data: Retained during active subscription plus 90 days
• Payment records: 7 years for accounting purposes
• Analytics data: 24 months or subscription duration, whichever is longer
• Cached API data: May be purged at any time without notice

8. DATA SECURITY

While we implement commercially reasonable security measures, we cannot guarantee absolute security. You acknowledge that:

• No transmission method is 100% secure
• You use the Service at your own risk
• We are not liable for unauthorized access despite reasonable precautions
• Third-party API security is beyond our control

9. YOUR RIGHTS

9.1 European Users (GDPR)

You have the right to:

• Access your personal data
• Rectification of inaccurate data
• Erasure under certain circumstances
• Restriction of processing
• Data portability
• Object to processing
• Lodge complaints with supervisory authorities

9.2 Limitations

We may deny requests that:

• Are unreasonably repetitive or excessive
• Jeopardize others' privacy
• Are impractical or for which access is not required by law
• Would interfere with law enforcement or legal obligations
• Relate to third-party API data beyond our control

10. INTERNATIONAL TRANSFERS

Your information may be transferred to and processed in countries other than your residence. By using the Service, you consent to such transfers.

11. CHILDREN'S PRIVACY

The Service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children.

12. COOKIES AND TRACKING

12.1 Essential Cookies

We use essential cookies required for Service functionality. By using the Service, you consent to essential cookies.

12.2 Analytics

We may use analytics tools to improve the Service. You may opt-out through browser settings or provided mechanisms.

13. THIRD-PARTY LINKS

The Service may contain links to third-party sites. We are not responsible for their privacy practices.

14. LIMITATION OF LIABILITY

TO THE MAXIMUM EXTENT PERMITTED BY LAW:

• We are not liable for any damages arising from privacy breaches
• Our liability is limited as set forth in our Terms of Service
• You acknowledge the inherent risks in data transmission
• We are not responsible for third-party API data handling

15. CALIFORNIA PRIVACY RIGHTS

California residents may have additional rights under the California Consumer Privacy Act (CCPA). Contact us for more information.

16. DO NOT TRACK

We do not currently respond to Do Not Track signals.

17. CHANGES TO THIS POLICY

We may update this Policy at any time. Continued use after changes constitutes acceptance.

18. DATA PROTECTION OFFICER

For privacy inquiries, contact our Data Protection Officer at info@dlvinsight.com.

19. DISPUTE RESOLUTION

Any disputes relating to this Policy shall be resolved through binding arbitration as outlined in our Terms of Service.

20. SEVERABILITY

If any provision is deemed invalid, the remaining provisions shall continue in effect.

21. NO WARRANTY

We make no warranties regarding the effectiveness of our privacy measures beyond legal requirements.

22. THIRD-PARTY AUDITS

You acknowledge that:

• Amazon and other API providers may audit our data handling practices
• We may be required to provide compliance certifications
• Service access may be suspended during audit investigations
• You may be required to cooperate with third-party audit requests

BY USING THE SERVICE, YOU ACKNOWLEDGE AND AGREE TO THE TERMS OF THIS PRIVACY POLICY AND THE PROCESSING OF YOUR PERSONAL DATA AS DESCRIBED HEREIN.