Back to home

Privacy Policy

Last updated: 15 June 2026 · Effective from: 15 June 2026

1. Who we are

This Privacy Policy explains how Polarstar OÜ (Estonian commercial register code 16838745, VAT number EE102694165, address: Tornimäe tn 5, 10145 Tallinn, Estonia), trading as SellerEngine, collects, uses and protects your information when you use our services (the "Services"), which include the SellerEngine website (sellerengine.app) and the SellerEngine tools: Sniper Hub, Stock Control, PricePricer, TaxLedger, Sales Hub, and Listing Health.

For the purposes of the EU General Data Protection Regulation ("GDPR"), Polarstar OÜ is the data controller for the personal data described below.

Contact: [email protected]

2. What data we collect

2.1 Account data

When you create a SellerEngine account, we collect:

  • Name, company name, role title, and company size
  • Email address
  • Authentication metadata, including hashed password, email confirmation status, two-factor authentication enrollment status, and session metadata
  • Subscription status and payment processor customer references, when billing is active

2.2 Amazon connection data

When you connect your Amazon account via Login with Amazon ("LwA") or an Amazon-authorized workflow, you authorize SellerEngine to read and write specific data on your behalf through the Amazon Ads API and, where enabled, the Amazon Selling Partner API ("SP-API"). We process:

  • Advertising metrics: campaigns, ad groups, keywords, product targets, search terms, impressions, clicks, spend, orders, sales, and bid history.
  • Seller operations data: SKU catalog, inventory snapshots, stock coverage, sales history, Amazon fee estimates, listing status, settlement data, and tax-related operational data where the relevant module is enabled.
  • Tax compliance data (TaxLedger module): when you enable the TaxLedger module and authorize Amazon's restricted Tax role, we process Amazon VAT/tax reports that include buyer personal data (name and billing/shipping address) strictly to generate VAT invoices and tax reports for your statutory tax compliance. This buyer personal data is used only for that purpose — never for marketing, profiling, or sharing with third parties other than tax authorities where legally required — and is retained only for as long as applicable tax law requires.
  • Write actions you initiate: bid changes, negative keyword additions, harvested keywords, ASIN targets, pricing exports, listing updates, and other module-specific actions. Every live write requires an explicit user action or an approved workflow — we do not execute live Amazon writes from the demo environment.
  • OAuth tokens: a refresh token issued by Amazon, which we store encrypted at rest. We do not store your Amazon password — the credential exchange happens entirely on Amazon's domain.

Demo mode is isolated from registered user workspaces. Demo sessions use fictional data, do not use your Amazon tokens, and do not call Amazon connections.

2.3 Operational logs

We keep audit logs of every write action initiated through our tools, including:

  • Timestamp, action type (e.g. RAISE BID, LOWER BID, Add negative keyword, Harvest keyword, Price export, or Stock recommendation), and the parameters sent to Amazon or generated locally.
  • Amazon's response (success, error code, error message).
  • A snapshot of relevant metrics at the moment of the change, so you can evaluate whether your changes worked.

These logs are retained for 180 days, then deleted automatically. The one exception is the single account-deletion record described in §7, which we keep longer.

2.4 Technical data

When you use the Services, we collect minimal technical data: IP address, browser type, and request timestamps. This is used to investigate abuse and operational issues, and is kept for 30 days. The only place we keep this technical data longer is the account-deletion security record described in §7.

2.5 What we do not collect

  • Your Amazon Seller Central credentials.
  • Buyer personal data beyond what tax compliance requires: outside the TaxLedger module (see §2.2), our tools operate on your seller operations and advertising data — not on buyer personal data. We do not collect buyer contact details, buyer messages, or any buyer marketing data, and we do not access buyer personal data for any module other than TaxLedger.
  • Payment card data — billing, when applicable, is processed by a certified PCI-DSS payment processor; we only store the processor's customer reference.

3. Why we process your data (legal basis)

Under GDPR, we rely on the following legal bases:

  • Contract (Art. 6(1)(b) GDPR): to provide the Services you signed up for — read your Amazon advertising data, execute the changes you initiate, and show you the results.
  • Legitimate interest (Art. 6(1)(f) GDPR): to keep the Services secure, prevent abuse, debug operational issues, and improve the product. You can object to this processing at any time.
  • Legal obligation (Art. 6(1)(c) GDPR): when we have to retain certain records for accounting, tax, or compliance reasons.

4. Who we share data with

We share the minimum necessary data with the following categories of recipients. All listed subprocessors are bound by Data Processing Agreements compliant with Articles 28 and 32 of the GDPR.

4.1 Named subprocessors

SellerEngine relies on the following GDPR-compliant infrastructure providers to deliver the Services. For confidentiality and operational security we do not publish which specific data category is processed by each provider; instead we publish the security baseline each provider must meet. All providers maintain independent certifications (ISO 27001, SOC 2 or PCI-DSS as applicable) and sign GDPR-aligned Data Processing Agreements. All customer data stays inside the EU jurisdiction. SellerEngine encrypts sensitive data at the application layer before any subprocessor sees it.

Subprocessor Purpose Security & certifications Location DPA / Reference
Cloudflare Inc. Edge compute, database and object storage AES-256 at rest · TLS 1.3 in transit · ISO 27001 · SOC 2 Type II · GDPR DPA Global edge · EU data residency Cloudflare DPA
Hetzner Online GmbH Dedicated compute for Amazon connection sync ISO 27001 · BSI C5 · German jurisdiction · GDPR DPA · ephemeral processing (no customer data persisted on disk) Nuremberg, Germany (EU) Hetzner DPA
Backblaze B2 Cloud Storage Encrypted off-provider backup snapshots (disaster recovery) Double-layer encryption: AES-256 server-side (SSE-B2) plus AES-256-GCM application-side with a key never shared with the provider · SOC 2 Type II · ISO 27001 · GDPR DPA · bucket-scoped least-privilege access key Frankfurt, Germany (EU) Backblaze Trust Center
Stripe Payments Europe Ltd Subscription billing and payment processing PCI-DSS Level 1 · GDPR DPA · SellerEngine never receives or stores card data (tokenised by Stripe) Ireland (EU) Stripe DPA
Amazon Web Services Selling Partner API and Advertising API (mandatory upstream) Amazon's own security baseline applies upstream · scope limited to the OAuth permissions you grant · revocable at any time from Amazon Seller Central Amazon-managed region of your marketplace Amazon Seller Agreement and API Terms
apilayer (Exchangerates API) Foreign-exchange rates for multi-marketplace financial reporting TLS in transit · GDPR compliant · no customer or personal data is sent · only anonymous public exchange-rate lookups (no PII or marketplace data) Vienna, Austria (EU) ExchangeRates Privacy

4.2 Categories of recipients

  • Amazon connections: when you connect an Amazon account or execute an approved action, we send the relevant request to Amazon Ads API or SP-API. This is the core service mechanism — we do not "share" data in a marketing sense.
  • Infrastructure providers: Cloudflare, Hetzner and Backblaze (named above) process data only to deliver the Services. All maintain ISO 27001 / SOC 2 certifications, sign GDPR DPAs, and operate inside EU jurisdiction. SellerEngine applies application-layer encryption before any provider sees sensitive data, and partitions storage so no single provider holds an unencrypted complete dataset.
  • Payment provider: Stripe processes payment and billing data. SellerEngine never receives or stores full payment card details. Stripe Tax calculates VAT under your account's jurisdiction.
  • Email provider: transactional emails such as account confirmation, password reset, and billing notifications are sent through our SMTP infrastructure.
  • Authorities: where required by law (e.g. tax audits, valid court orders). We will notify you unless prohibited from doing so.

We do not sell, rent, or trade your data. We do not share your advertising data with other SellerEngine users. We do not use your data to train machine-learning models for other customers.

4.3 Changes to subprocessor list

We will notify customers via email and update this Privacy Notice at least 30 days before adding or replacing a subprocessor. If you object to a new subprocessor, you may terminate your subscription before the change takes effect.

5. International transfers

We aim to store workspace data on infrastructure located within the European Economic Area. When Amazon processes requests in its regional infrastructure (e.g. advertising-api-eu, advertising-api-na, advertising-api-fe, or SP-API regional endpoints), the data routes through Amazon's relevant region — this is determined by the marketplace you chose when you opened your Amazon account, not by SellerEngine.

For transfers outside the EEA, we rely on Standard Contractual Clauses approved by the European Commission.

6. Your rights

Under GDPR you have the right to:

  • Access: ask us what data we hold about you.
  • Rectification: ask us to correct inaccurate data.
  • Erasure: ask us to delete your account and associated data.
  • Restriction: ask us to stop processing while a dispute is resolved.
  • Portability: receive a copy of your data in a machine-readable format (JSON).
  • Objection: object to processing based on legitimate interest.
  • Withdraw consent: revoke the LwA authorization at any time directly from your Amazon account — we will no longer be able to read or write on your behalf from that moment.
  • Complain: lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or your local supervisory authority.

To exercise any right, email [email protected]. We will reply within 30 days.

7. Account deletion

Deleting your account is permanent and cannot be undone. When you delete it:

  • We permanently erase your account record, authentication data, Amazon refresh tokens, all synced seller, advertising and business data, your workspace files and sync outputs, and your billing linkage — across our databases and file storage. This happens immediately; encrypted backups are purged on the regular rotation cycle (within 30 days).
  • We keep a single minimal security record of the deletion itself, retained indefinitely for security, fraud-prevention and legal-compliance purposes (Art. 6(1)(f) and 6(1)(c) GDPR). It records the date and time of the deletion, a pseudonymous internal account identifier derived from your email address, and which systems were cleared. The client IP address and browser / User-Agent of the deletion request are kept on this record for up to 12 months (to investigate fraud or payment disputes) and are then permanently removed. The record never contains your business data, your Amazon data, or your name.
  • For a short period (up to 30 days) we keep a deletion marker so that background jobs cannot recreate data for an account that has been deleted.
  • To prevent repeated abuse of free trials, we permanently keep an anti-fraud record consisting of an irreversible cryptographic hash of your Amazon seller ID together with the related trial dates. This hash cannot be reversed to your identity and holds no other personal data.

Revoking the LwA authorization in Amazon also stops all data flow from Amazon to SellerEngine. Doing both (delete + revoke) gives you a complete clean state.

8. Cookies

We use strictly necessary cookies only: a session cookie to keep you logged in. We do not use analytics or advertising cookies on the SellerEngine application. The marketing site may use minimal first-party measurement to understand page performance and demand — no third-party advertising trackers and no fingerprinting.

9. Security

We follow industry best practices: TLS 1.2+ for all traffic, AES-256 encryption at rest for OAuth tokens and any buyer personal data, an additional application-layer encryption pass before data reaches any subprocessor, principle of least privilege for staff access, and audit trails for every administrative action. If a security incident affects your data, we will notify you within 72 hours of becoming aware, as required by GDPR Art. 33.

10. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email at least 14 days before they take effect. The "Last updated" date at the top of this page always reflects the most recent revision.

11. Contact

Questions or concerns about your data:
Email [email protected]
Postal: Polarstar OÜ — Tornimäe tn 5, 10145 Tallinn, Estonia