Privacy Policy

ASINBuyer is operated by AdamantIT LLC d/b/a ASINBuyer, a limited liability company organized in the State of Delaware, United States, at www.asinbuyer.com.

For privacy requests, write to support@asinbuyer.com. Response window: 45 days (extendable by 45 days under CCPA §1798.130 when reasonably necessary).

The platform is offered exclusively in the United States. ASINBuyer does not target, market to, or knowingly accept accounts from individuals located in the European Union, United Kingdom, or other jurisdictions outside the U.S.

For purposes of California Consumer Privacy Act / California Privacy Rights Act (Cal. Civ. Code §1798.140) disclosure, the categories of personal information we collect are:

• Identifiers — email, account name, IP address, device identifiers.
• Commercial information — billing history, subscription plan, Buyer Credits balance, payment-method reference (held by Stripe; we do not see your card number).
• Internet / network activity — pages viewed inside the platform, action timestamps, user-agent string, server logs.
• Geolocation (coarse) — country / region derived from IP for fraud prevention. We do not collect precise location.
• Professional / employment data — your business name, job title, business postal address (collected for CAN-SPAM compliance), business phone.
• Customer Content you upload — product briefs, imported B2B lead lists, AI-generated drafts, sent emails, inbound replies, call transcripts, call summaries.

We do not collect sensitive personal information as defined by CPRA §1798.140(ae) (Social Security numbers, financial-account login, precise geolocation, race, ethnicity, religion, union membership, health, sex life, biometric data, contents of private communications outside the platform).

• Directly from you, when you sign up, configure your sender identity, or upload content.
• Automatically, from your browser and server logs as you use the platform.
• From your payment provider, when you check out (limited to billing references and last-4 of card).
• From the public sub-processor APIs listed in Section 7 when you instruct us to enrich, verify, or look up a business lead on your behalf.

• To run the platform you signed up for (deliver emails, place calls, store replies, present analytics).
• To bill you and prevent fraud.
• To improve the platform — always aggregate, never to identify you to other customers.
• To comply with the law (tax records, CAN-SPAM record-keeping, lawful subpoenas, court orders).
• To contact you about service-critical changes, security incidents, and (sparingly) product updates.

We do not sell your personal information for monetary or other valuable consideration, and we do not shareit for cross-context behavioral advertising — as those terms are defined under CCPA / CPRA. We do not have a "Do Not Sell or Share My Personal Information" flow to surface because there is nothing to opt out of.

We disclose limited personal information to our sub-processors (Section 7) strictly for the business purposes of hosting, email delivery, voice calling, AI inference, payment processing, and analytics. Each sub-processor is contractually required to process the information only on our instructions and to implement reasonable security safeguards.

We may also disclose information when legally required (e.g. subpoena, court order, governmental request) or to protect the rights, property, or safety of ASINBuyer, our customers, or others.

• Account + Customer Content: retained while your account is active and for 30 days after deletion (backup window), then purged.
• Sent / inbound emails + call transcripts: retained for 24 months after creation unless you delete them earlier.
• Suppression list (unsubscribed addresses): retained indefinitely to honor CAN-SPAM opt-outs — this is a privacy-protective record we cannot delete on request.
• Billing + tax records: retained for 7 years (U.S. federal + state tax compliance).
• Operational logs: 30 days.

The vendors below process personal information on our behalf so the platform can function. Each is bound by a service agreement that meets CCPA "service provider" / "contractor" requirements under Cal. Civ. Code §1798.140. The list is the same every customer sees and updates when sub-processors change. Material changes are announced with at least 30 days' notice.

Depending on where you live, you may have one or more of the following rights under your state's consumer-privacy law (California CCPA / CPRA, Virginia VCDPA, Colorado CPA, Connecticut CTDPA, Utah UCPA, Texas TDPSA, Oregon OCPA, Delaware DPDPA, and similar):

• Right to know / access the categories and specific pieces of personal information we hold about you.
• Right to delete your personal information (subject to the retention exceptions in Section 6).
• Right to correct inaccurate information.
• Right to data portability — receive a copy of your information in a portable format.
• Right to opt out of sale, sharing, or targeted advertising — N/A here, we do none of those.
• Right to limit use of sensitive personal information — N/A here, we don't collect any.
• Right to non-discrimination — we will not penalize you for exercising any of the rights above.

How to exercise: email support@asinbuyer.com with the subject line "[Privacy request]" and a clear description of what you're asking for. We verify your identity by confirming control of the account email on file before fulfilling. We respond within 45 days (extendable by 45 days when reasonably necessary).

Authorized agents: you may designate an agent to make a request on your behalf. We require written authorization signed by you and may verify directly with you before proceeding.

Appeals:if we decline a request, you may appeal by replying to our decision email. We respond to appeals within 60 days. If you remain unsatisfied, you may complain to your state attorney general (e.g. California Privacy Protection Agency at cppa.ca.gov, Virginia AG at oag.state.va.us, etc.).

Account access requires email-verified authentication. Data is encrypted in transit (TLS 1.2+) and at rest on our database provider's managed disks. Workspace data is isolated by row-level security so customers can only read or modify their own workspace. Webhook endpoints validate cryptographic signatures before accepting payloads. Secrets and API keys live in the deployment platform's secret store and never enter source control.

For responsible disclosure of vulnerabilities, see the security channel on the Contact page.

The platform uses a minimal set of strictly-necessary cookies (authentication session, anti-CSRF) plus a small set of first-party product-analytics cookies. We do not use third-party advertising trackers or cross-site profiling. Details and opt-out paths are in the Cookie Notice. We honor "Do Not Track" and Global Privacy Control signals where required by law.

The platform is a B2B tool aimed at business operators and is not directed at children. Consistent with the Children's Online Privacy Protection Act (15 U.S.C. §6501), we do not knowingly collect personal information from anyone under 13. If you become aware that a child has provided information to us, please contact us and we will delete it.

When ASINBuyer sends marketing or transactional email to you (the customer), each message contains an unsubscribe link. We honor opt-outs within 10 business days, as required by 15 U.S.C. §7704(a)(4). Note that outbound email sent by you through the platform to your prospects is governed by the Acceptable Use Policy — you are the sender of record and responsible for compliance.

We'll post material changes here at least 30 days before they take effect and email registered users. Continuing to use the platform after a change means you accept the updated policy.

Privacy requests, state-law rights, and sub-processor questions: support@asinbuyer.com.