FBA Pulse← Back to home
Legal

Privacy Policy

We built FBA Pulse for Amazon sellers who care about their numbers — and we take the privacy of those numbers seriously. This policy explains exactly what we collect and why.

Effective date: April 4, 2026

1. Overview

FBA Pulse ("we", "us", or "our") is a SaaS analytics platform for Amazon FBA sellers. This Privacy Policy explains what data we collect when you use FBA Pulse, how we use it, and what rights you have over it. By creating an account or using our service, you agree to this policy. If you do not agree, please do not use FBA Pulse.

2. Data We Collect

Account Information

When you register, we collect your email address and a hashed password (managed via Supabase Auth). We never store plaintext passwords.

Amazon Seller Data

To provide analytics, we process data you connect or upload: • SP-API OAuth tokens — stored encrypted at rest, used solely to retrieve your Amazon reports on your behalf. We never read, sell, or share these tokens. • CSV reports you upload (Date Range Report, Advertising Campaign Report, Inventory Report) — parsed and stored in your private account partition. • Order, revenue, FBA fee, ad spend, refund, and inventory data derived from those reports.

Cost of Goods (COGS)

COGS values you enter per SKU are stored to calculate true margin. This data never leaves your account.

Billing Information

Payments are processed by Stripe. We store only a Stripe customer ID and subscription status — we never see or store your full card number, CVC, or bank details.

Usage & Technical Data

We collect standard server logs (IP address, browser type, pages visited, timestamps) for security monitoring and debugging. We use no third-party analytics or advertising trackers.

3. How We Use Your Data

We use your data only to: • Provide and improve the FBA Pulse service • Compute profit analytics, margin trends, inventory alerts, and anomaly detection • Send transactional emails (account confirmation, billing receipts, alert notifications) via Resend • Detect and prevent fraud or abuse • Comply with legal obligations We do not sell your data. We do not use your seller data to train machine learning models. We do not share your data with advertisers or data brokers.

4. Amazon SP-API & Data Usage

FBA Pulse connects to Amazon's Selling Partner API (SP-API) under the terms of Amazon's SP-API Developer Agreement. • We request only the minimum required scopes: orders, reports, and inventory. • Your SP-API refresh token is encrypted with AES-256 before storage and is never logged. • We fetch reports solely to populate your personal dashboard. Data is never cross-referenced between different sellers' accounts. • You can revoke SP-API access at any time from your Amazon Seller Central account. Revoking access will disable automated sync; previously imported data will remain in your account until you delete it.

5. Data Retention

• Active accounts: data is retained for the lifetime of your subscription. • Cancelled accounts: data is retained for 90 days after cancellation, then permanently deleted. • You may request immediate deletion of all your data at any time by emailing privacy@fbapulse.com. • Daily snapshots are append-only and immutable by design for historical accuracy; deletions remove the entire account dataset.

6. Sub-processors & Data Sharing

We share data with the following sub-processors only to the extent necessary to run the service:

Sub-processorPurposeLocation
SupabaseDatabase, authenticationUS (AWS us-east-1)
VercelFrontend hosting & Edge FunctionsUS
StripePayment processingUS
ResendTransactional emailUS
Trigger.devBackground job processingUS

We do not share data with any other third parties except when required by law (e.g., a valid court order).

7. Security

• All data in transit is encrypted with TLS 1.2+. • SP-API tokens and other secrets are encrypted at rest with AES-256. • Access to production databases is restricted to authorized personnel via MFA-protected accounts. • We perform security reviews before shipping features that touch sensitive data. No system is 100% secure. If you discover a security vulnerability, please email security@fbapulse.com rather than disclosing it publicly.

8. Your Rights

Depending on your jurisdiction, you may have the right to: • Access a copy of your personal data • Correct inaccurate data • Request deletion of your data ("right to be forgotten") • Object to certain processing • Data portability (export your data in a machine-readable format) To exercise any of these rights, email privacy@fbapulse.com. We will respond within 30 days.

9. Cookies

We use only essential cookies required for authentication (a Supabase session cookie). We do not use advertising cookies, tracking pixels, or third-party analytics cookies. You can disable cookies in your browser settings, but doing so will prevent you from staying logged in.

10. Children's Privacy

FBA Pulse is not directed at anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us at privacy@fbapulse.com and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and update the "Effective Date" at the top of this page. Continued use of the service after the effective date constitutes acceptance of the revised policy.

12. Contact

Questions or concerns about this policy? Email: privacy@fbapulse.com We aim to respond to all privacy inquiries within 5 business days.

Questions?

Email us at privacy@fbapulse.com. We're a small team and we read every message.