Legal

Privacy Policy

Effective May 11, 2026

MarketMonster.co ("MarketMonster", "we", "us") provides software-as-a-service tools to Amazon Selling Partners for managing inbound FBA shipments, inventory, listings, and related logistics workflows. This Privacy Policy explains what information we collect when you use the service, why we collect it, who we share it with, and the rights you have over your information.

1. Who this policy applies to

This policy applies to anyone who creates an account on MarketMonster.co, anyone whose information is processed by MarketMonster on behalf of an Amazon Selling Partner customer (for example, members of a customer's organization), and anyone who visits our marketing website.

2. Information we collect

2.1 Account information

When you sign up, we collect your name, email address, and authentication identifiers from our authentication provider (Clerk). If you create or join an organization, we also store your role within that organization and any roles or permissions assigned to you by an organization administrator.

2.2 Amazon Selling Partner data

When you connect an Amazon Seller account, MarketMonster receives access tokens issued by Amazon under the Selling Partner API (SP-API) authorization framework. Using those tokens we retrieve, on your behalf and only while authorized, data that includes:

  • Listing and catalog information (ASINs, SKUs, titles, prices, dimensions);
  • Inventory levels, FBA shipment status, and shipment events;
  • Order metadata and fulfillment status (where required by an enabled feature);
  • Seller account metadata, including the marketplaces you operate in and the fulfillment centers used by your shipments.

We do not request or use Amazon Buyer Personally Identifiable Information (PII). Where any incidental buyer-adjacent fields are returned by Amazon (for example, shipment recipient names embedded in label responses), we treat them as confidential, do not display them outside the originating organization, and do not retain them beyond what the feature requires.

2.3 Payment information

Subscriptions and credit purchases are processed by Stripe. MarketMonster does not store full card numbers; we receive only the limited tokens, last-four digits, and subscription metadata necessary to operate billing.

2.4 Operational logs

We retain server logs, audit events, and error traces to operate and secure the service. Logs may include IP addresses, request paths, timestamps, and the identifier of the authenticated user making each request.

3. How we use information

We use the information described above to:

  • Provide, operate, and improve the service you contracted for;
  • Make authorized SP-API calls against your Amazon Seller account to retrieve and update the data shown to you in the application;
  • Authenticate you, enforce role and permission boundaries inside your organization, and prevent abuse;
  • Bill for usage and process subscriptions through Stripe;
  • Send transactional email related to your account, billing, or security;
  • Comply with legal obligations and respond to lawful requests.

We do not sell your data. We do not use Amazon Selling Partner data to train general-purpose machine learning models. We do not use Amazon Selling Partner data for advertising.

4. How we share information

MarketMonster shares information only with the third-party processors required to run the service:

  • Clerk — authentication, session management, and organization membership;
  • Stripe — payment processing and subscription management;
  • Supabase and Netlify — application hosting, database hosting, and realtime infrastructure;
  • Amazon — calls we make to SP-API on your authorized behalf, scoped to the roles you authorized at connection time.

Each processor is bound by its own data processing agreement and contractual obligations. We do not share Amazon Selling Partner data with any party other than the processors listed above without your prior consent or a legal obligation to do so.

5. Data retention

We retain Amazon Selling Partner data only while your authorization is active. When you disconnect your Amazon account, revoke MarketMonster's SP-API authorization from Seller Central, close your MarketMonster account, or request deletion under section 7 below, we delete the associated SP-API tokens within 24 hours and the associated cached SP-API data within 30 days, except where retention is required to resolve disputes, comply with legal obligations, or maintain billing records.

6. Security

SP-API access tokens and refresh tokens are stored in our application database with access restricted to the MarketMonster service role. The service runs on managed infrastructure with encryption in transit (HTTPS / TLS) on every connection. We describe our security posture in more detail at /security.

7. Your rights

You can request access to, correction of, or deletion of your information at any time by emailing privacy@marketmonster.co. Where you act as the administrator of an organization, you may exercise these rights on behalf of the organization. Where you are a member of an organization, your administrator may also exercise these rights on your behalf within the bounds of the organization's own data.

You can also disconnect your Amazon account at any time directly from Seller Central under Apps & Services → Manage Your Apps. Doing so revokes MarketMonster's SP-API access immediately and triggers the deletion process described in section 5.

8. International transfers

MarketMonster operates from the United States and our processors may store and process data in the United States or other jurisdictions. By using the service you consent to the transfer of your information to the United States.

9. Children

MarketMonster is intended for use by businesses. We do not knowingly collect information from anyone under 16. If you believe we have done so, contact us and we will delete the information.

10. Changes to this policy

If we make material changes to this policy we will update the effective date above and notify active organization administrators by email at least 14 days before the change takes effect.

11. Contact

Questions about this policy or about how your information is handled: privacy@marketmonster.co.