Pricing About Us Contact
Book Demo

Privacy Policy

Last Updated: April 21, 2025

Introduction. 1stPage LLC (referred to as “1stPage,” “Company,” “we,” “us,” or “our”) is committed to protecting your personal information and respecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal data when you use 1stPage’s Amazon seller analytics platform (the “Service”), which pulls Amazon Brand Analytics and Advertising API data via Amazon’s Selling Partner API (SP-API), stores data in Amazon Web Services (AWS) RDS, and presents insights through a Retool/React interface hosted on AWS. It also explains your rights under the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), and other applicable laws. By using our Service or providing us with personal information, you agree to the practices described in this Privacy Policy. If you do not agree with this Policy, please do not use the Service.

This Privacy Policy applies to personal information collected through our website and Service, as well as related services, sales, or marketing communications. Please read it carefully to understand what information we collect, how we use it, and what rights you have (VendorJump (ProductJump LLC) Privacy Policy) (VendorJump (ProductJump LLC) Privacy Policy). If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at privacy@1stpage.com.

1. Information We Collect

In Short: We collect personal information that you provide to us, information from your Amazon accounts (via APIs), and some data automatically when you use our Service.

Information You Provide. We collect personal information you voluntarily provide when registering for or using the Service, contacting us, or otherwise interacting with 1stPage. This may include:

  • Contact Details: Your name, email address, company/brand name, and other contact information.
  • Account Credentials: Amazon account identifiers and authentication information (such as Amazon SP-API keys or tokens, Amazon Seller ID, or other credentials) that you provide to enable us to access Amazon data on your behalf. Note: We do not ask for or collect your Amazon account password; any authentication is done via secure API tokens.
  • Payment Information: If you subscribe to a paid plan, you may provide billing information (e.g. credit card number or payment account details). We use a PCI-compliant third-party payment processor to handle payments, so we generally do not store your full payment card details on our systems.
  • Communications: If you contact us (e.g. for support), we collect the information you choose to give us (such as your inquiry details or feedback).

All personal information that you provide must be true, complete, and up-to-date, and you should notify us of any changes.

Information from Amazon Services. With your authorization, our Service connects to Amazon’s APIs (including Brand Analytics and Advertising API) to retrieve data related to your Amazon seller account and brand. This data may include analytics and performance metrics for your products (such as search query volumes, impressions, clicks, add-to-cart data, sales data, advertising spend and results, etc.) and other information available via Amazon Brand Analytics and Advertising reports. We associate this data with your account on our platform to display it back to you in our analytics interface. While this Amazon-derived data is generally business performance data and not personal data about you or your customers, it may sometimes include or be linked to personal identifiers (for example, your Amazon account ID or, in certain reports, aggregated customer geographic or demographic information). We handle all data from Amazon in accordance with this Policy and Amazon’s data protection requirements.

Information Collected Automatically. When you use our website or Service, we may automatically collect certain technical information about your device and usage of our platform. This can include:

  • Usage and Log Data: Details of your visits and use of the Service, including log files, pages or screens viewed, actions taken (e.g. dashboard interactions), and the dates/times of access.
  • Device and Network Information: IP address, browser type, device type, operating system, internet service provider, and similar technical data. We collect this information to maintain the security and proper functioning of the Service, and for internal analytics and reporting.

We may use cookies or similar tracking technologies to remember your login session and preferences, and to gather analytic information about how users navigate our site. (For more details, see our Cookie Notice, if applicable.) This automatically collected data typically does not reveal your identity directly, but may be paired with your account information such that it could be considered personal data in certain contexts.

We do not knowingly collect any sensitive personal data such as social security numbers, government ID numbers, financial account passwords, precise geolocation, or biometric identifiers, except as necessary for authentication or payment processing as described above. We also do not knowingly collect information from children (see Section 6 below).

2. How We Use Your Information

In Short: We use personal information to provide and improve our Service, process payments, communicate with you, ensure security, and comply with law. We rely on specific legal bases to process personal data under GDPR.

We use the information we collect for the following purposes:

  • To Provide the Service: We use your personal information to create and manage your account, authenticate you when you log in, retrieve Amazon data on your behalf, and display personalized analytics and reports to you (VendorJump (ProductJump LLC) Privacy Policy). For example, we use your Amazon API credentials to pull your Brand Analytics and Advertising data and then store and visualize that data for you. We also use your contact and payment information to process your subscription and provide you with customer support as needed (VendorJump (ProductJump LLC) Privacy Policy).
  • To Communicate with You: We may send administrative or account-related communications, such as notices about billing, account security, product updates, or changes to terms/policies (Privacy Policy – Network Readiness Index). We may also respond to your inquiries or support requests using your contact information (VendorJump (ProductJump LLC) Privacy Policy). We will only send you marketing or promotional emails if you have opted in to receive them, and you can opt-out at any time.
  • Analytics and Improvements: We may analyze usage trends and performance of our Service (in aggregated or de-identified form) to understand how users interact with our platform and to improve our offerings and user experience. This may involve using automatically-collected data to debug, optimize, and enhance the functionality and security of the Service.
  • Security and Fraud Prevention: Information (like IP addresses or log-ins) may be used to monitor for suspicious or fraudulent activity and to detect, prevent, and address technical issues or unauthorized access to accounts (Privacy Policy – Network Readiness Index).
  • Legal Compliance: We may process personal data as necessary to comply with our legal obligations, such as financial record-keeping for tax and accounting purposes, responding to lawful requests by public authorities, or as otherwise required by applicable laws and regulations (VendorJump (ProductJump LLC) Privacy Policy). For example, if we receive a subpoena or court order, we may need to use or disclose certain information to comply (Privacy Policy – Network Readiness Index).

Legal Bases for Processing (GDPR): If you are located in the European Economic Area (“EEA”) or United Kingdom, we only process your personal information when we have a valid legal basis. The legal bases we rely on include: (a) Performance of a Contract – We process personal data to provide the Service you have requested (i.e. to fulfill our contractual obligations to you) (VendorJump (ProductJump LLC) Privacy Policy), such as using your information to set up your account and retrieve Amazon data as part of our Service. (b) Legitimate Interests – We may process data as necessary for our legitimate business interests, provided those interests are not overridden by your data-protection rights (VendorJump (ProductJump LLC) Privacy Policy). For instance, we have a legitimate interest in understanding usage of our Service, ensuring network security, and improving our platform. We only rely on this basis after considering the potential impact on your rights. (c) Consent – In some cases, we ask for your consent to process certain information, for example, if we want to send optional marketing emails. Where we rely on consent, you have the right to withdraw it at any time (VendorJump (ProductJump LLC) Privacy Policy) (withdrawing consent will not affect the lawfulness of processing before withdrawal). (d) Legal Obligation – We will process personal data where needed to comply with a legal obligation (VendorJump (ProductJump LLC) Privacy Policy) (such as retaining transaction records for tax law). (e) Vital Interests – Although unlikely, we may process data if necessary to protect someone’s vital interests (VendorJump (ProductJump LLC) Privacy Policy), for example in urgent situations involving potential harm.

3. How We Share or Disclose Information

In Short: We do not sell your personal information. We only share it in limited situations, such as with trusted service providers (processors) to operate our Service, if required by law, or as part of a business transfer.

We treat your personal data with care and confidentiality. We will never sell your personal information to third parties for their own marketing or profit (VendorJump (ProductJump LLC) Privacy Policy). We may disclose information to the following categories of recipients, and only for the purposes described:

  • Service Providers: We use third-party companies to support our operations and the Service. These include hosting providers (for example, Amazon Web Services for data storage and cloud infrastructure), database services, email service providers, payment processors, and analytics tools. These third parties process personal information on our behalf as “data processors” or service providers and are contractually obligated to handle data securely and only according to our instructions and applicable law. For instance, our Service data (including your personal data and Amazon-collected data) is stored in AWS RDS databases, and thus AWS may process and store that data for us. We also may use Retool (a third-party software platform) in delivering our interface; to the extent Retool or similar tools process data for us, they do so under our direction. We share only the minimum information necessary with our vendors and require them to protect it.
  • Business Transfers: If we engage in a merger, acquisition, sale of assets, financing, or transfer of all or a portion of our business to another company, personal information may be transferred to the successor entity as part of the transaction (VendorJump (ProductJump LLC) Privacy Policy). In such cases, we will ensure the recipient agrees to handle personal data in a manner consistent with this Privacy Policy.
  • Legal Requirements and Protection of Rights: We may disclose personal information if we have a good-faith belief that such action is necessary to (i) comply with a legal obligation or request (for example, in response to subpoenas, court orders, or government demands) (VendorJump (ProductJump LLC) Privacy Policy); (ii) enforce our Terms and other agreements; (iii) address fraud, security, or technical issues; or (iv) protect our rights, property, and safety, or those of our users or the public. This includes exchanging information with other companies and organizations for cybersecurity or fraud prevention.
  • With Your Consent: We will share your personal information with third parties for purposes not covered by the above situations only if you specifically consent to such sharing. For example, if you opt in to a co-marketing program or request integration with another service that requires us to send your data to a third party, we will do so with your authorization.

Importantly, when our Service accesses your data from Amazon (via SP-API), that data transfer is between our application and Amazon on your behalf. We do not disclose your Amazon-provided data to any third party other than as necessary to host it on our systems (e.g., AWS) or as directed by you. We do not use your data for any purpose unrelated to providing the Service to you, and we do not allow our service providers to use it for their own purposes.

4. Data Retention

In Short: We keep your personal data only as long as needed for the purposes described, and as required by law. When it is no longer needed, we will delete or anonymize it.

We will retain your personal information for as long as you maintain an account with us or as long as is necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (Privacy Policy – Network Readiness Index). This means we generally keep your profile, contact information, and Amazon-related data for the duration of your subscription or use of the Service. If you cancel your account or your subscription lapses, we will delete or anonymize your personal data upon your request, or after a defined period following the end of our relationship (for example, we may retain data for a short period to see if you reactivate, or as needed for our internal backup, audit, and legal purposes) (Privacy Policy – Network Readiness Index).

In determining retention periods, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes of processing, and whether those purposes can be achieved by other means. For instance, we may retain certain transactional records (like invoices or payment records) for several years to comply with tax and accounting laws. Similarly, server logs and backup archives may be kept securely for a limited time before automated deletion.

When we have no ongoing legitimate business need or legal requirement to process your personal information, we will either permanently delete it or render it anonymized/unidentifiable. If immediate deletion is not feasible (for example, because the data is stored in secure backups), we will isolate and protect the data and then delete it as soon as possible (Privacy Policy – Network Readiness Index).

5. Data Security

In Short: We use technical and organizational measures to secure your data. However, no system is 100% secure, so we cannot guarantee absolute security of information.

We have implemented appropriate physical, technical, and administrative security measures to protect the personal information we process. These measures include encryption of sensitive data at rest and in transit (for example, we encrypt your Amazon API tokens and passwords in our database), use of secure protocols (HTTPS) for data transmission, access controls to restrict who within our organization can access personal data, and regular monitoring for vulnerabilities. We also maintain policies and procedures to handle any suspected data breaches, including notifying you and/or authorities as required by law.

Despite our efforts, please note that no method of electronic transmission or storage is completely secure or foolproof. We cannot guarantee that unauthorized parties will never be able to defeat our security measures and access or misuse your data (VendorJump (ProductJump LLC) Privacy Policy). For example, Internet communications can be subject to interception, and software vulnerabilities may be exploited despite precautions. You use the Service and provide personal information at your own risk. We encourage you to use strong passwords, protect your login credentials, and use our Service in a secure environment (for instance, avoid using public Wi-Fi without security) (VendorJump (ProductJump LLC) Privacy Policy). If we become aware of a data breach affecting your personal information, we will notify you and relevant regulators as legally required.

6. Children’s Privacy

In Short: Our Service is not intended for individuals under 18, and we do not knowingly collect data from minors.

1stPage’s Service is designed for business use by adult professionals (Amazon sellers and brand owners). We do not knowingly solicit or collect personal information from children under 18 years of age. If you are under 18, please do not use the Service or provide any information to us. By using the Service, you represent that you are at least 18 years old (or the age of majority in your jurisdiction) or that you are the parent/guardian of a minor who is using the Service with your consent (VendorJump (ProductJump LLC) Privacy Policy).

If we learn that we have inadvertently collected personal information from someone under 18 without appropriate consent, we will take steps to delete that information promptly. For example, if a minor is discovered to have created an account, we will deactivate the account and remove the data (VendorJump (ProductJump LLC) Privacy Policy). If you believe we might have any information from or about a minor under 18, please contact us immediately at privacy@1stpage.com so that we can investigate and address the issue.

7. Your Privacy Rights

In Short: Depending on your location, you have certain rights regarding your personal data. Users in the EEA/UK can exercise GDPR rights (access, correction, deletion, objection, etc.). California residents have CCPA rights (access, deletion, opt-out of sale, non-discrimination), as detailed below. We provide tools or channels for you to exercise these rights.

Rights for EEA, UK, and Other Regions

If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with similar data protection laws, you have specific rights under GDPR or equivalent laws. These rights may include:

  • Right of Access: You can request confirmation of whether we are processing your personal information, and if so, request a copy of the data we hold about you (VendorJump (ProductJump LLC) Privacy Policy).
  • Right of Rectification: You have the right to ask us to correct or update any inaccurate or incomplete personal data we have on file (VendorJump (ProductJump LLC) Privacy Policy).
  • Right to Erasure: You can request that we delete your personal information, and we will do so, unless an exemption applies (for example, we may retain data if needed for legal obligations or legitimate interests that still override your rights) (VendorJump (ProductJump LLC) Privacy Policy).
  • Right to Restrict Processing: You can ask us to limit processing of your personal information in certain circumstances – for instance, if you contest the accuracy of the data or object to our processing, we will restrict use while your request is being resolved (VendorJump (ProductJump LLC) Privacy Policy).
  • Right to Data Portability: Where applicable, you have the right to receive your personal data from us in a structured, commonly used, machine-readable format, and to have that data transmitted to another controller where technically feasible. This typically applies to data you provided to us, when processing is based on consent or contract.
  • Right to Object: You have the right to object to our processing of your personal information in certain situations. In particular, you have the right to object at any time to the processing of your data for direct marketing purposes. You may also object when we are relying on legitimate interests (or those of a third party) and you believe your rights and freedoms outweigh those interests.
  • Right to Withdraw Consent: If we rely on consent for any processing, you can withdraw that consent at any time (VendorJump (ProductJump LLC) Privacy Policy). Withdrawal will not affect the lawfulness of processing prior to withdrawal, and if we have other legal grounds for processing (like a contractual necessity), we may continue based on those grounds.

To exercise any of these rights, please contact us at privacy@1stpage.com with your request. We may need to verify your identity before fulfilling certain requests (for example, by asking you to confirm information associated with your account). We will respond to your request within the timeframes required by applicable law and will let you know if any exceptions apply that prevent us from fulfilling the request in whole or in part. For example, if you request deletion, we might retain certain information if required for legal compliance.

If you are in the EEA or UK and have concerns about our data practices, you also have the right to lodge a complaint with your country’s data protection supervisory authority. You can find contact details for your data protection authority here: **http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm** (VendorJump (ProductJump LLC) Privacy Policy). We would, however, appreciate the chance to address your concerns directly before you approach a regulator, so please feel free to contact us first.

California Privacy Rights (CCPA)

If you are a California resident, you are protected by the California Consumer Privacy Act (CCPA) (as amended by the California Privacy Rights Act, “CPRA”). Under the CCPA, California residents have the following rights with respect to their personal information:

  • Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell (if applicable) about you (California Consumer Privacy Act (CCPA) | State of California - Department of Justice - Office of the Attorney General). This includes the specific pieces of information we have collected, the categories of sources of that information, the business or commercial purpose for collecting it, the categories of third parties with whom we share it, and, if we sold or disclosed personal information for a business purpose, the categories of personal information and categories of recipients for each (California Consumer Privacy Act (CCPA) | State of California - Department of Justice - Office of the Attorney General). You may request this information up to two times in a 12-month period, free of charge.
  • Right to Delete: You have the right to request that we delete personal information that we have collected from you, subject to certain exceptions (California Consumer Privacy Act (CCPA) | State of California - Department of Justice - Office of the Attorney General). Once we receive and confirm a verifiable deletion request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies (for example, if we need to keep information to complete a transaction you requested, to detect security incidents, for legal compliance, etc.).
  • Right to Opt-Out of Sale/Sharing: The CCPA gives you the right to opt-out of the “sale” of your personal information. However, 1stPage does not sell personal information to third parties (VendorJump (ProductJump LLC) Privacy Policy). We also do not share personal information for cross-context behavioral advertising in a manner that would be considered a “sale” or “share” under CCPA. Because we do not sell or share your data in that way, there is no need to submit an opt-out request — we treat all user data as if “Do Not Sell” has been requested (VendorJump (ProductJump LLC) Privacy Policy). (If in the future we ever consider selling personal data, we will update our practices and provide a mechanism to opt out).
  • Right to Correct: You have the right to request that we correct any inaccurate personal information we maintain about you (California Consumer Privacy Act (CCPA) | State of California - Department of Justice - Office of the Attorney General). Upon verification of your identity and the accuracy of the new information, we will correct the item in our records.
  • Right to Limit Use of Sensitive Personal Information: Because we do not collect or use sensitive personal information for purposes beyond what is necessary to provide the Service (and certainly not for inferring characteristics about consumers), this right is not applicable to our practices (California Consumer Privacy Act (CCPA) | State of California - Department of Justice - Office of the Attorney General). If that changes, California residents would have the right to direct us to restrict the use of any sensitive personal data to only certain permitted purposes.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights (California Consumer Privacy Act (CCPA) | State of California - Department of Justice - Office of the Attorney General). This means we will not deny you our Service, charge you a different price, or provide a different level or quality of service just because you exercised your rights under CCPA. However, please note that if you request deletion of data that is necessary for us to provide the Service, we may not be able to continue providing you the full benefit of the Service (for example, if you ask us to delete your account information entirely, the Service will no longer function for you). In such cases, that outcome is a result of your request (which is permitted under CCPA’s non-discrimination rules).

Categories of Personal Information Collected and Disclosed: In the past 12 months, we have collected the following categories of personal information (as defined by CCPA) from California consumers: Identifiers (such as name, email address, IP address, and account identifiers); Customer Records Information (contact details and payment information provided by users); Commercial Information (subscription plan, billing history, and usage details of our Service); and Internet or Network Activity (log and usage data as you interact with our website/application). We collect these categories of information directly from you or automatically through your interaction with the Service, and use them for the business purposes described in Sections 2 and 3 of this Policy (such as providing the Service, maintaining security, processing payments, and improving our platform). We have disclosed some of these categories of personal information to service providers (cloud hosting, payment processors, etc.) in the past 12 months for business purposes, as explained in Section 3. We have not sold any personal information in the preceding 12 months (VendorJump (ProductJump LLC) Privacy Policy), and we do not sell personal information. We also do not have actual knowledge of selling personal information of consumers under 16.

Exercising Your California Rights: If you are a California resident and wish to exercise your Right to Know, Right to Delete, Right to Correct, or to exercise any other CCPA rights, you (or an authorized agent acting on your behalf) may submit a request to us by emailing privacy@1stpage.com with the subject line “CCPA Request” and detailing your specific request. We will need to verify your identity (or your agent’s authority) before processing the request, which may involve asking you to provide certain information or to log into your account. For requests to know or delete, we will endeavor to verify identity to a “reasonable degree of certainty” or “high degree” depending on the sensitivity of the data involved, per CCPA regulations.

Upon receiving a verifiable request, we will respond within 45 days as required by CCPA (or notify you if we need an extension). For deletion requests, we will specify the manner in which we deleted your data or, if we must deny the request due to an exemption, the reason for denial. For access requests, we will provide either the specific pieces of personal data or the categories of data and additional information as required. For correction, we will confirm the correction or explain if we cannot comply. You also have the right, at any time, to direct us not to sell or share your personal information (though, as noted, we do not sell data). If we ever engaged in selling data, we would provide a “Do Not Sell or Share My Personal Information” link on our website to facilitate opt-out requests (VendorJump (ProductJump LLC) Privacy Policy).

We will not charge you for making any CCPA request, and we will not discriminate or retaliate against you for exercising these rights (VendorJump (ProductJump LLC) Privacy Policy).

8. Do-Not-Track Signals

Some web browsers or devices include a “Do Not Track” (“DNT”) feature that signals your preference for privacy and not having data about your online activities monitored and collected. At this time, we do not respond to DNT signals or similar mechanisms, because there is no consistent industry standard for compliance. We treat all users’ data in accordance with this Privacy Policy, and will continue to monitor developments around DNT browser technology and may re-evaluate our approach if standards emerge.

9. International Data Transfers

1stPage LLC is a company operating in the United States. If you are accessing the Service from outside the U.S. (such as from the European Union or other regions with data protection laws), please be aware that your personal information will likely be transferred to and processed in the United States. This means your data will be stored on servers located in the U.S. (for example, on AWS servers in a U.S. data center) and may be accessible by our staff and service providers in the U.S.

The U.S. may not have the same level of data protection as your home jurisdiction. To ensure that your personal information is protected when transferred internationally, we rely on appropriate safeguards as required by GDPR and other laws. In particular, for personal data originating from the EEA or UK, we implement measures such as the European Commission’s Standard Contractual Clauses (SCCs) for data transfers (Standard Contractual Clauses (SCCs) - TermsFeed), which are standard data protection clauses that contractually obligate recipients of the data outside the EEA to protect it according to EU standards. These SCCs, along with our security measures (encryption, access controls, etc.) and operational policies, are designed to ensure that your personal information remains protected and that your rights are preserved even when your data is transferred to a country with differing privacy laws. We may also rely on the fact that the transfer is necessary for the performance of our contract with you (the provision of the Service you requested) when applicable.

By using the Service or providing us with information, you explicitly consent to the transfer of your personal data to the United States (and to other jurisdictions where our service providers may be located, such as countries in which AWS operates) for the purposes described in this Policy. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. If you would like more information about our international data transfer practices or to obtain a copy of the relevant safeguards we have in place, you can contact us at privacy@1stpage.com.

10. Updates to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. If we make material changes, we will notify you by email (sent to the address specified in your account) or by prominently posting a notice on our website or within the Service prior to the change becoming effective. The “Last Updated” date at the top of this Policy indicates when the latest changes were made.

Your continued use of the Service after any updates to this Privacy Policy become effective will constitute your acceptance of the changes. However, if any changes materially affect how your personal data is handled, we will obtain any required consent from you (if applicable under law). We encourage you to review this Policy periodically to stay informed about how we protect your information.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us by email at privacy@1stpage.com or in writing at: 1stPage LLC – Privacy Office, 12175 Visionary Way, Fishers, IN 46038. We will do our best to address your inquiry promptly and thoroughly.