EcomSanity

1. Introduction

EcomSanity ("we," "our," or "us") is operated by Sandalsoft Bilişim Ltd. Şti. ("Company"). This Privacy Policy describes how we collect, use, store, protect, share, and delete your personal information when you use our service. This policy is designed to comply with Amazon's Data Protection Policies (DPP) and applicable regional regulations, including GDPR and other data protection laws.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

Email address
Password (stored in encrypted form)
Account creation date and time

2.2 Amazon Seller Central Data

When you connect your Amazon Seller Central account via SP-API, we may access and store:

Order information (order IDs, dates, amounts, status)
Sales metrics and performance data
Product information related to your orders
Customer information necessary for compliant review request functionality
Marketplace and seller account identifiers

This data is accessed through Amazon's official Selling Partner API (SP-API) using secure OAuth authentication. We only access data that is necessary for the functionality of our service.

2.3 Usage Data

We automatically collect information about how you use our service:

Log data (IP address, browser type, access times)
Feature usage statistics
Error logs and diagnostic information

3. How We Use Your Information

We use the collected information for the following purposes:

Service Provision: To provide, maintain, and improve our service, including connecting to Amazon Seller Central, tracking sales metrics, and sending compliant review requests
Authentication: To verify your identity and manage your account access
Communication: To send you service-related notifications, updates, and support responses
Compliance: To comply with legal obligations and Amazon's policies, including the Solution Provider Agreement
Analytics: To analyze usage patterns and improve our service functionality
Security: To detect, prevent, and address security issues and unauthorized access

4. Data Storage and Security

4.1 Storage

Your data is stored on secure servers with appropriate technical and organizational measures. We use industry-standard encryption for data in transit (HTTPS/TLS) and at rest. Data is stored in accordance with applicable data retention requirements.

4.2 Security Measures

We implement the following security measures:

HTTPS encryption for all data transmission
Encrypted storage of sensitive data
Regular security audits and updates
Access controls and authentication mechanisms
Secure OAuth implementation for Amazon SP-API connections

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

5.1 Amazon SP-API

When you connect your Amazon Seller Central account, we access data through Amazon's SP-API in accordance with Amazon's policies and your authorization. We do not share your Amazon data with third parties except as required by Amazon's policies or applicable law.

5.2 Service Providers

We may share data with trusted service providers who assist in operating our service (e.g., hosting providers, analytics services), subject to strict confidentiality agreements.

5.3 Legal Requirements

We may disclose information if required by law, court order, or to comply with legal processes, or to protect our rights, property, or safety, or that of our users.

6. Data Retention and Deletion

We retain your personal information for as long as necessary to provide our service and comply with legal obligations. When you delete your account, we will:

Delete your account information and personal data
Remove your Amazon SP-API connection and associated tokens
Delete stored Amazon data, subject to any legal retention requirements
Retain anonymized or aggregated data that cannot identify you

You can request account deletion at any time by contacting us at brock@sandaldata.com. Deletion will be completed within 30 days of your request, unless we are required to retain certain data for legal compliance.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of your personal data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your personal data
Portability: Request transfer of your data to another service
Objection: Object to certain processing activities
Restriction: Request restriction of processing
Withdraw Consent: Withdraw consent for data processing where applicable

To exercise these rights, please contact us at brock@sandaldata.com. We will respond to your request within 30 days.

8. Amazon Data Protection Policy Compliance

We are committed to complying with Amazon's Data Protection Policies (DPP) and the Solution Provider Agreement. This includes:

Only accessing Amazon data that is necessary for service functionality
Using Amazon data solely for the purposes authorized by you
Implementing appropriate security measures to protect Amazon data
Not sharing Amazon data with unauthorized third parties
Deleting Amazon data upon account deletion or as required by Amazon policies
Complying with all applicable regional data protection regulations

9. Cookies and Tracking Technologies

We use essential cookies and session management technologies to maintain your login session and provide core functionality. We do not use tracking cookies or third-party advertising technologies. You can control cookies through your browser settings.

10. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your data may be processed and stored in servers located outside your country of residence. We ensure that appropriate safeguards are in place to protect your data in accordance with applicable data protection laws, including GDPR requirements for international transfers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our service after such changes constitutes acceptance of the updated policy.