Seller data commitment
The security of your data is our top priority. Your Amazon seller data — listings, catalog attributes, KPIs, and business metrics — is used exclusively to operate IntegTrade on your behalf.
Under no circumstances will we sell, license, or use your Amazon Information for advertising, credit decisions, or purposes unrelated to the services you authorize. We never ask for your Amazon Seller Central password — authorization happens only through Amazon's official OAuth flow.
Your business secrets stay yours. Keeping seller data safe is not a feature — it is the foundation of IntegTrade.
1. Introduction
IntegTrade ("IntegTrade," "we," "us," or "our") provides a Commerce OS for Amazon sellers and agencies at https://integtrade.com. This Privacy Policy explains how we collect, use, disclose, retain, and delete personal data and Amazon Information when you use our website, waitlist, or authorized application.
As a Public Amazon Selling Partner API (SP-API) developer, we handle Amazon Information in accordance with Amazon's Data Protection Policy (DPP), Acceptable Use Policy (AUP), and Solution Provider Agreement. This policy is designed to meet Amazon website review requirements and industry-standard B2B SaaS privacy practices.
2. Data controller
Controller: IntegTrade
Address: 21790 Philmont Ct, Boca Raton, FL 33428, USA
Email: admin@integtrade.com
Website: https://integtrade.com
3. Scope
This policy applies to:
- Visitors to our public website and legal pages
- Waitlist registrants
- Invited users with IntegTrade accounts
- Amazon sellers and agencies who authorize IntegTrade via Login with Amazon (LWA) OAuth
It does not apply to third-party websites we do not control (including Amazon Seller Central). When you authorize our application on Amazon, Amazon's privacy policy also applies to data Amazon processes.
4. Data we collect
| Category | Examples | Source | Purpose |
|---|---|---|---|
| Account & identity | Name, email, hashed password, role, organization | You / Supabase Auth | Authentication, access control, support |
| Waitlist | Email, audience type (seller/agency), signup source | You | Early access onboarding and communication |
| Amazon Information | Listings, catalog attributes, images, A+ Content, variation themes, listing status | SP-API (OAuth authorized) | BrandOS listing workflows per your instructions |
| User-generated content | Listing drafts, intel notes, creative briefs, pipeline artifacts | You / AI-assisted generation | Service delivery and audit trail |
| Technical & usage | IP address, browser type, timestamps, error logs, session identifiers | Automatic | Security, debugging, abuse prevention |
| Communications | Support emails and messages | You | Customer support and incident response |
4.1 Amazon Information (phase 1 — BrandOS)
With your explicit OAuth authorization, we may access the following SP-API data categories in our current product phase:
- Product listings (titles, bullet points, descriptions, backend keywords)
- Catalog and product attributes (ASIN, SKU, variation themes, product types)
- Listing images and media uploads
- A+ Content modules
- Inventory and listing status (read-only where applicable for listing workflow)
We never collect your Amazon Seller Central password. Authorization occurs only through Amazon's official consent flow. We do not request restricted buyer PII roles in this phase unless disclosed in an updated policy before those roles are enabled.
5. How we use data
We use collected data solely to:
- Operate, maintain, and improve the IntegTrade platform
- Display dashboards, intel, listing factory, and visual studio workflows
- Create, edit, and publish listing content, variation themes, images, and A+ Content when you direct us to
- Run secure automations for approved Amazon API operations
- Communicate about waitlist, onboarding, security, and product updates
- Detect fraud, abuse, and security incidents
- Comply with legal obligations and Amazon policy requirements
We do not sell personal data or Amazon Information. We do not use Amazon Information for advertising, credit eligibility, or purposes unrelated to the services described on our website and in your authorization.
6. Legal bases (EEA / UK)
Where GDPR or UK GDPR applies, we rely on:
- Contract — providing the Service you requested
- Legitimate interests — securing and improving our B2B platform
- Consent — waitlist signup and optional communications where required
- Legal obligation — compliance with law and Amazon agreements
7. California privacy rights (CCPA / CPRA)
California residents may request to know, access, correct, or delete personal information we collect, and to opt out of sale or sharing. IntegTrade does not sell or share personal information for cross-context behavioral advertising. Submit requests to admin@integtrade.com. We will verify your identity before fulfilling requests.
8. Security
We implement administrative, technical, and physical safeguards aligned with Amazon DPP requirements and industry-standard SaaS practices, including TLS 1.2+ in transit, encryption at rest for credentials and sensitive fields, least-privilege access, and secrets management via environment variables. Details are in our Data Security page.
9. Sub-processors
We use the following categories of service providers to operate IntegTrade:
| Provider | Purpose | Location | Data processed |
|---|---|---|---|
| Vercel Inc. | Application hosting, CDN, serverless compute | United States | Application logs, request metadata, environment configuration |
| Supabase Inc. | PostgreSQL database, authentication, row-level security | United States (configurable region) | Account data, Amazon seller data, pipeline artifacts |
| n8n GmbH / self-hosted | Workflow automation for approved Amazon API mutations | United States / EU (deployment-dependent) | SP-API tokens (encrypted), job payloads for listing publish |
| Google LLC (Gemini) | AI-assisted listing and intel generation via server-side automation | United States | Listing copy and intel text — Amazon credentials and tokens are never sent |
| Rainforest API | Public Amazon product page data for competitor intelligence | United States | Public catalog and review data — not seller-private Amazon Information |
| Amazon.com, Inc. | Selling Partner API, Login with Amazon OAuth, Advertising API | United States / global AWS regions | Authorized seller catalog, listing, and advertising data per granted roles |
We will update this list when we add or change sub-processors that materially affect data processing. Enterprise customers may request sub-processor notification at admin@integtrade.com.
10. International transfers
IntegTrade is operated from the United States. Data may be processed in the U.S. and other countries where our providers operate. Where required, we implement appropriate safeguards (such as Standard Contractual Clauses) for international transfers of personal data.
11. Retention
| Data type | Retention period |
|---|---|
| Waitlist email | Until removal request or 24 months of inactivity |
| Account data | Duration of account + 90 days after closure |
| Amazon Information | While authorization is active; deleted within 30 days of revocation unless legally required |
| Audit & security logs | Up to 12 months |
| Support communications | Up to 24 months |
12. Your rights
Depending on your location, you may have rights to access, rectify, erase, restrict, port, or object to processing of your personal data. Amazon sellers may revoke SP-API authorization at any time through Amazon or by contacting us. To exercise rights, email admin@integtrade.com. We respond within applicable legal timeframes (typically 30 days).
13. Cookies and similar technologies
We use essential cookies and local storage for authentication, theme preferences, and session security. We do not use third-party advertising cookies on the application. Analytics, if enabled in the future, will be disclosed here with opt-out mechanisms where required.
14. Security incidents
We maintain an incident response process to detect, contain, and remediate security events. If a breach affects personal data or Amazon Information, we will notify affected customers and Amazon as required by applicable law and Amazon's Data Protection Policy, typically within 72 hours of confirmed unauthorized access where feasible.
15. Children
IntegTrade is a business-to-business service. We do not knowingly collect data from individuals under 16.
16. Changes
We may update this Privacy Policy. Material changes will be posted on this page with a revised date. Continued use after changes constitutes acceptance where permitted by law. Registered users may receive email notice for material changes.
17. Contact
Privacy inquiries and data subject requests: admin@integtrade.com
21790 Philmont Ct, Boca Raton, FL 33428, USA