Privacy Policy

Last updated: June 29, 2026

This Privacy Policy explains what information the MAPGuard platform (the "Service") collects, how it is used, and the choices you have. It applies to account holders and visitors of this website.

1. Information We Collect

• Account information: name, email address, company name, hashed password, role, and permission settings.
• Billing information: plan, invoices, and subscription status. Card details are processed directly by our payment providers (Stripe / PayPal) and never touch our servers.
• Configuration data: the products, prices, retailer URLs, policies, and integration credentials you add to the Service. Integration secrets and API keys are encrypted at rest.
• Collected market data: publicly advertised prices, availability, and seller names gathered from the retailer pages and marketplace APIs you ask us to monitor. This is public commercial data, not personal data.
• Usage and security data: IP address, browser user agent, sign-in history, and an audit trail of actions taken in your account (used for security, support, and abuse prevention).

2. How We Use Information

• To provide, operate, and secure the Service (authentication, rate limiting, two-factor authentication, audit logging);
• To send service emails: verification links, password resets, violation and price-change alerts, scheduled reports, and trial/billing notices;
• To respond to support requests and investigate abuse;
• To produce aggregated, de-identified statistics that help us improve the Service.

We do not sell personal data, and we do not use your monitored pricing data for any purpose other than delivering the Service to you.

3. Cookies

The Service uses a session cookie strictly necessary for authentication, and a local-storage preference for your theme. If the operator enables Google Analytics, Google sets analytics cookies on the public website; you can block these in your browser without affecting the application.

4. Sub-Processors and Third Parties

Depending on the integrations the operator or your company enables, data may be processed by: payment providers (Stripe, PayPal), email/SMTP providers, marketplace and data APIs (Amazon SP-API, SerpAPI, Keepa), e-commerce platforms you connect (Shopify, Magento), AI providers used for scraper self-healing (OpenAI, Anthropic, Google, xAI), and proxy/scraping infrastructure providers. Each receives only the minimum data needed for its function.

5. Data Retention

• Price logs are retained for 90 days by default, then automatically pruned.
• Audit logs are retained for 365 days.
• Account data is retained while your account is active and for up to 30 days after termination, after which it is deleted or irreversibly anonymized.

6. Security

We protect data using TLS in transit, encryption at rest for stored credentials and API keys, hashed passwords (bcrypt), hashed reset/verification tokens, optional two-factor authentication, login throttling, role-based access control with per-section permissions, and comprehensive audit logging. No method of transmission or storage is 100% secure, but we follow industry best practices.

7. Your Rights

Subject to applicable law (including GDPR and CCPA where relevant), you may request access to, correction of, export of, or deletion of your personal data. Company owners can export their monitoring data at any time from the application. To exercise rights regarding account data, contact the operator at the email published on this site. We will respond within 30 days.

8. International Transfers

The Service may be hosted and process data in a jurisdiction different from yours. Where required, transfers are protected by appropriate safeguards such as standard contractual clauses.

9. Children

The Service is a business tool and is not directed at children under 16. We do not knowingly collect their data.

10. Changes to This Policy

We may update this Policy from time to time. Material changes will be announced via the Service or email before they take effect.

Note: this document is a template provided with the MAPGuard software. Before commercial launch, complete it (operator legal name, contact email, jurisdiction, data-protection officer if applicable) with qualified legal counsel.