Privacy Policy

Last updated: March 18, 2026

Autonoomi ("we," "us," or "our") is committed to protecting the privacy and security of your data. This Privacy Policy explains how we collect, use, store, protect, share, and delete information when you use our AI-powered Amazon PPC management software and related services (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide

• Account information: Your name, email address, and company name when you sign up or request a demo.
• Product economics: Cost of goods sold (COGS), target profit margins, and monthly ad budgets that you provide to configure the Service.
• Communications: Emails and messages you send to us for support or inquiries.

1.2 Information Collected via Amazon Selling Partner API

When you authorize Autonoomi to access your Amazon Seller Central account via Amazon's official Selling Partner API (SP-API), we collect the following data:

• Product catalog and listing information
• Advertising campaign data (campaigns, ad groups, keywords, bids, targeting)
• Advertising performance metrics (impressions, clicks, spend, sales, ACoS)
• Search term reports and keyword performance data
• Brand Analytics data (search frequency rankings, click share, conversion share) where available
• Order and sales data necessary for profitability calculations
• Inventory levels for inventory-aware ad management

We access this data solely through Amazon's official SP-API using secure OAuth authorization. We never request, collect, or store your Amazon password.

1.3 Automatically Collected Information

• Usage data: How you interact with the Service, including pages visited and features used.
• Device information: Browser type, operating system, and device type for ensuring compatibility.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve the Service, including bid optimization, campaign management, keyword graduation, and performance reporting.
• Calculate real profitability using your COGS data and Amazon sales data.
• Generate personalized ad strategies and plain-English performance reports.
• Provide campaign health scoring and actionable recommendations.
• Manage inventory-aware advertising adjustments.
• Respond to your inquiries and provide customer support.
• Send weekly performance summaries and account alerts.
• Comply with legal obligations and enforce our terms.

3. How We Store and Protect Your Information

• All data is transmitted using industry-standard encryption (TLS/SSL).
• Data at rest is encrypted using AES-256 encryption.
• Access to seller data is restricted to authorized personnel on a need-to-know basis.
• We implement regular security audits and access reviews.
• Amazon SP-API access tokens are stored securely and are never exposed in logs or client-side code.
• We maintain separate environments for development and production data.

4. Data Sharing and Disclosure

We do not sell, rent, trade, or broker your personal information or Amazon seller data to any third party, under any circumstances. Amazon seller data retrieved via the SP-API is never used to power external data services, market intelligence products, or any purpose beyond providing the Service directly to your account.

We may share data only in the following limited circumstances:

• AI processing sub-processors: Autonoomi uses third-party artificial intelligence services (including large language model APIs provided by Anthropic) to analyze your campaign data and generate optimization recommendations. These sub-processors receive only the minimum data necessary to perform the specific task, are bound by strict data processing agreements and confidentiality obligations, do not use your data to train their models, and do not retain your data beyond the processing request. No personally identifiable information (PII) from Amazon customers is ever sent to these AI sub-processors.
• Infrastructure providers: Trusted third-party providers who assist us in operating the Service (e.g., cloud hosting, email delivery), bound by confidentiality and data processing agreements.
• Legal requirements: When required by law, regulation, legal process, or enforceable governmental request.
• Business transfers: In connection with a merger, acquisition, or sale of assets, with prior notice to affected users.
• With your consent: When you explicitly authorize us to share specific information.

We do not use your Amazon seller data for any purpose other than providing and improving the Service for your account. Your data is never aggregated across seller accounts or used to derive market intelligence.

5. Data Minimization

Autonoomi adheres to the principle of data minimization. We only access the minimum necessary Amazon data fields required to provide the specific services described in this policy. Data fields that are technically accessible via the API but not required for our Service are actively ignored and not stored.

6. Data Retention and Deletion

• Amazon customer PII: Any personally identifiable information belonging to Amazon customers (such as buyer names or shipping addresses obtained through order data) is deleted within 30 days of the corresponding order delivery, in compliance with Amazon's Data Protection Policy.
• Seller account data: We retain your campaign and performance data for as long as your account is active and as needed to provide the Service.
• If you cancel your account or revoke API access, we will delete all Amazon seller data within 30 days.
• Tax and legal exceptions: The only exception to the above retention limits is data that must be retained strictly to calculate and remit taxes, produce legally required tax invoices, or meet other specific statutory or regulatory requirements. No PII is retained beyond 30 days for marketing, analytics, or product improvement purposes.
• Aggregated, anonymized data that cannot identify any individual or seller may be retained for service improvement.

7. Your Rights

You have the following rights regarding your data:

• Access: Request a copy of the data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your data at any time by contacting us.
• Revoke access: Revoke Autonoomi's access to your Amazon account at any time through Amazon Seller Central.
• Data portability: Request your data in a structured, machine-readable format.
• Opt out of communications: Unsubscribe from non-essential emails at any time.

To exercise any of these rights, contact us at joshua@autonoomi.com. We will respond within 30 days.

8. Amazon Data Protection Policy Compliance

Autonoomi complies with Amazon's Data Protection Policy (DPP) and Acceptable Use Policy (AUP) for Selling Partner API developers. This includes:

• Using Amazon seller data solely for the purposes authorized by the seller.
• Implementing appropriate technical and organizational security measures.
• Never selling, renting, or disclosing Amazon seller data to unauthorized third parties.
• Never aggregating data across multiple seller accounts or using it to derive market intelligence.
• Deleting Amazon customer PII within 30 days of order delivery.
• Deleting all seller data upon request or account cancellation within 30 days.
• Accessing only the minimum necessary API data fields (data minimization).
• Maintaining an incident response plan for data breaches, including notification to affected sellers and Amazon within 72 hours of discovery.
• Ensuring all sub-processors (including AI service providers) are bound by equivalent data protection obligations.

9. Regional Privacy Compliance

9.1 European Economic Area (GDPR)

If you are located in the EEA, our legal basis for processing your data is your consent (provided when you authorize SP-API access) and our legitimate interest in providing the Service. You have additional rights including the right to lodge a complaint with a supervisory authority.

9.2 California (CCPA)

If you are a California resident, you have the right to know what personal information we collect, request its deletion, and opt out of any sale of personal information. We do not sell personal information.

10. Cookies and Tracking

Our website may use essential cookies for functionality. We do not use third-party advertising trackers. If we introduce analytics tools in the future, we will update this policy and obtain consent where required.

11. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the revised policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Autonoomi
Email: joshua@autonoomi.com
Address: Israel Ben Zeev 6, Jerusalem, Israel 9728106