Back

Privacy Policy

Last updated: March 2026

1. Introduction

Arbitrage Intelligence (“we”, “us”, “our”) takes your privacy seriously. This policy explains what data we collect, why we collect it, and how it is protected. It applies to all users of the Service and is written to comply with the UK GDPR and the Data Protection Act 2018.

2. Data We Collect

Account

  • Email address and name
  • encrypted password (we never store your password in plain text)

Amazon SP-API

When you link your Amazon Seller account we store your seller credentials, pricing data for ASINs you scan, and product catalogue data. All credentials are encrypted at rest and used solely to operate the Service.

SP-API data is used exclusively to provide the scanning features of the Service. It is never sold, rented, or shared with any third party.

Usage

  • Scan history — which ASINs you scanned, when, and the results
  • Server logs — IP address, timestamps, and routes accessed, kept for security and debugging

3. How We Use Your Data

  • To operate the Service — price scans, scan history, account management
  • To authenticate your account and keep it secure
  • To contact you about your account where necessary
  • To meet legal obligations

We do not use your data for advertising, profiling, or any purpose beyond operating the Service.

4. Amazon SP-API Compliance

Our use of SP-API data complies with Amazon's Selling Partner API Developer Agreement and Data Protection Policy:

  • SP-API data is used only for the purposes disclosed in our developer application
  • Pricing data is not retained beyond what is needed to display scan history to the account holder
  • SP-API data is never shared with any third party, advertiser, or data broker
  • Data deletion requests are supported — see Section 7

5. Security

All data is stored within the EEA. Credentials are encrypted at rest, passwords are hashed, and all connections use HTTPS/TLS.

6. Retention

Account data is kept while your account is active and deleted within 30 days of closure. Scan history is retained for up to 90 days. Amazon credentials are deleted immediately on disconnection.

7. Your Rights

Under UK GDPR you have the right to:

  • Access — request a copy of the data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data
  • Portability — receive your data in a portable format
  • Objection — object to certain processing
  • Withdraw consent — disconnect your Amazon account at any time from account settings

To exercise any of these rights, email privacy@arbitrageintelligence.io. We will respond within 30 days.

8. Cookies

We use only essential cookies: a session authentication cookie (NextAuth.js) and a short-lived CSRF cookie used during the Amazon OAuth flow. We do not use tracking or advertising cookies.

9. Affiliate Links

This site participates in the Amazon Associates Programme. When you click a product link and make a purchase on Amazon, we may earn a small commission at no extra cost to you. We do not collect any personal data from your Amazon purchase. Amazon's own privacy policy governs data collected by Amazon during your visit to their site.

10. Third-Party Services

  • Amazon Selling Partner API — subject to Amazon's Data Protection Policy
  • Keepa API — used for historical price trends. Only ASINs are sent to Keepa; no personal data is shared.

11. Changes

We may update this policy to reflect changes in our practices or applicable law. Material changes will be communicated by email or in-app notice. The “last updated” date at the top of this page shows when changes were last made.

12. Contact

For privacy enquiries contact us at privacy@arbitrageintelligence.io.

You also have the right to complain to the UK Information Commissioner's Office at ico.org.uk.

Terms of ServiceBack to app