Privacy Policy

1. Definitions

Personal information is any information about you which can be used to identify you. This includes information about you as a person (such as name, address, and date of birth), your devices, payment details, and even information about how you use a website or online service.

2. What Data We Collect

We collect both information you knowingly and actively provide us when using or participating in any of our services and promotions, and any information automatically sent by your devices in the course of accessing our products and services.

We only collect and use your personal information when we have a legitimate reason for doing so. In which instance, we only collect personal information that is reasonably necessary to provide our services to you.

We do not sell your personal information or any data you enter into our Services in any way.

Third-party Services and Sub-processors

We share certain information with companies that may be considered our "sub-processors" under GDPR. This information is limited to the following:

Required for the Service:

We use the following third-party service providers to operate ASINtrack:

• Website analytics: We use OneDollarStats for privacy-friendly analytics on our landing page to understand visitor behavior. This service collects anonymous usage data (page views, clicks, browser type) without using cookies or storing IP addresses. Processing is carried out on our behalf by OneDollarStats as a data processor, and data may be processed by service providers outside the EU with appropriate safeguards in place. Legal basis: Legitimate interest (GDPR Art. 6(1)(f)).
• Hosting and Infrastructure Providers: To host our website and application (IP address)
• Authentication and Database Services: To manage user accounts and store data (email, password (encrypted), product data)
• Payment Processing: Polar.sh as Merchant of Record (email, billing information)
• Email Service Providers: To send transactional emails (email address)
• Customer Support Tools: To provide live chat support (name, IP address, chat content)

All service providers are carefully selected and process data only as necessary to provide our services.

Legal Bases for Processing (GDPR Article 6)

We process your personal data on the following legal bases:

• Contractual necessity: to provide the Service and fulfil our agreement with you.
• Legal obligation: to comply with tax, accounting, or other legal requirements.
• Legitimate interest: to maintain and improve the Service, prevent fraud, and ensure security.
• Consent: where you have explicitly provided consent (for example, to receive non-essential communications).

3. How We Collect Information

Information That You Provide to Us About Yourself

When you sign up for the Services, we request information such as:

• Contact Information: such as name and email address.
• Unique Identifiers: such as username, account number or password.
• Product Data: ASINs, costs, supplier URLs, notes, and other tracking information you provide.

We may collect, hold, use, and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with the purpose of providing you with our Service's core features.

Information Collected Automatically

When you visit our website, our servers automatically log standard data provided by your web browser. This may include your device's Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details about your visit.

Additionally, if you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error occurred, and other technical information related to the problem.

Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons.

4. Security

The security of your personal information is important to us. We implement adequate measures to protect the personal information submitted to us, both during transmission and once it is received. We restrict access to personal information to our employees, contractors and agents who need to know that information in order to operate, develop or improve our service. If you have any questions about the security of your personal information, you can contact us at the contact information below.

International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA) or the United Kingdom - such as to the United States - we ensure that appropriate safeguards are in place.

5. Rights with respect to your information

You always retain the right to withhold personal information from us, with the understanding that your experience of our website may be affected. We will not discriminate against you for exercising any of your rights over your personal information. If you do provide us with personal information you understand that we will collect, hold, use and disclose it in accordance with this privacy policy. You retain the right to request details of any personal information we hold about you.

If we receive personal information about you from a third party, we will protect it as set out in this privacy policy.

If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time. We will provide you with the ability to unsubscribe from our email-database or opt out of communications.

If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.

If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.

Your rights

• Withdraw your consent at any time. You have the right to withdraw consent where you have previously given your consent to the processing of your Personal Data.
• Object to processing of your Data. You have the right to object to the processing of your Data if the processing is carried out on a legal basis other than consent.
• Access your Data. You have the right to learn if Data is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
• Verify and seek rectification. You have the right to verify the accuracy of your Data and ask for it to be updated or corrected.
• Restrict the processing of your Data. You have the right, under certain circumstances, to restrict the processing of your Data. In this case, we will not process your Data for any purpose other than storing it.
• Have your Personal Data deleted or otherwise removed. You have the right to obtain the erasure of your Data from us.
• Receive your Data and have it transferred to another controller. You have the right to receive your Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance.
• Lodge a complaint. You have the right to bring a claim before your competent data protection authority.

How to exercise these rights

To exercise your rights, such as requesting or deleting your data, please contact us through the contact details provided below. Requests can be exercised free of charge and will be addressed by us as early as possible and always within one month.

6. Data Retention

We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements. In certain circumstances, we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.

Even if you delete your account, keep in mind that deletion by our third-party providers may not be immediate, and the deleted information may persist in backup copies for a reasonable period of time.

All data you enter into our Service will be deleted from our databases within 30 days of you deleting your account. Additionally, any remaining information will be removed from our backups within 90 days after account deletion. If you wish for your personal data to be completely removed from our systems, please send us an explicit request via email.

7. Policy regarding children

We do not aim any of our products or services directly at children under the age of 13, and we do not knowingly collect personal information about children under 13.

8. Limits of our policy

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.

9. Changes to this policy

At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.

If the changes are significant, or if required by applicable law, we will contact you (based on your selected preferences for communications from us) and all our registered users with the new details and links to the updated or changed policy.

If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.

10. US State Privacy Rights

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, or other US states with comprehensive privacy laws, you have additional rights:

• Right to Know: You can request information about the personal data we have collected about you.
• Right to Delete: You can request deletion of your personal data.
• Right to Correct: You can request correction of inaccurate personal data.
• Right to Data Portability: You can request a copy of your data in a portable format.
• Right to Opt-Out: You can opt-out of the sale or sharing of personal data (we do not sell your data).
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at privacy [at] asintrack [dot] com. We will respond within 45 days.

California Residents

Under the California Consumer Privacy Act (CCPA), California residents have specific rights:

Categories of Personal Information We Collect:

• Identifiers (name, email, IP address)
• Commercial information (purchase history, subscription data)
• Internet activity (browsing behavior, usage data)

How We Use Personal Information:

• To provide and improve our services
• To process payments
• To communicate with you
• For security and fraud prevention

We do not sell your personal information.

If you are a California resident, you may submit requests via email to privacy [at] asintrack [dot] com or by contacting us at the address listed in the Imprint.

11. Contact

If you have questions or concerns about this privacy policy, please contact us at privacy [at] asintrack [dot] com.