Book a demo

Privacy Policy.

How we collect, use, store, protect, and share data when you use Atomic One — including data accessed through the Amazon Selling Partner API. Built to comply with GDPR, CCPA, and Amazon’s Data Protection Policy.

EFFECTIVE DATE01.01.2026
01

Introduction

Atomic One ("we," "us," or "our") operates a software-as-a-service platform that provides comprehensive Amazon store automation and optimization tools for Amazon sellers. Our services include advertising automation, dynamic pricing optimization, inventory management, search ranking optimization, and full store performance analytics. This Privacy Policy explains how we collect, use, store, protect, and share information when you use our services, including data accessed through the Amazon Selling Partner API (SP-API).

By using our services, you agree to the collection and use of information in accordance with this Privacy Policy. We are committed to protecting your privacy and handling your data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

02

Information we collect

2.1 Information you provide directly

When you register for an account or use our services, you may provide us with: account registration information (name, email address, company name); billing and payment information; communication preferences; and any other information you choose to provide when contacting our support team.

2.2 Information from Amazon SP-API

When you authorize our application to access your Amazon Seller Central account, we collect data through the Amazon Selling Partner API, including:

  • Advertising campaign data (campaigns, ad groups, keywords, bids, targeting settings)
  • Advertising performance metrics (impressions, clicks, spend, sales, ACoS, ROAS)
  • Product catalog information (ASINs, SKUs, product titles, descriptions, images)
  • Pricing data (current prices, competitor pricing, Buy Box status, pricing history)
  • Sales and order data (aggregated sales metrics, order volumes, revenue trends)
  • Inventory data (stock levels, fulfillment status, restock recommendations)
  • Search ranking data (keyword rankings, organic position, visibility metrics)
  • Product reviews and ratings data
  • Account information (seller ID, marketplace IDs, account health metrics)
2.3 Automatically collected information

We automatically collect certain information when you use our platform, including:

  • Log data (IP address, browser type, pages visited, time spent)
  • Device information (device type, operating system)
  • Usage data (features used, actions taken within our platform)
03

How we use your information

We use the information we collect to:

  • Provide, maintain, and improve our comprehensive store automation and optimization services
  • Analyze your overall store performance including sales, advertising, pricing, and rankings
  • Execute automated bid adjustments and campaign optimizations based on your configured rules
  • Implement dynamic pricing strategies to optimize profitability and Buy Box performance
  • Monitor and optimize inventory levels with automated restock recommendations
  • Track and improve search rankings and organic visibility for your products
  • Generate actionable insights and recommendations across all aspects of your Amazon business
  • Send you service-related communications, updates, and alerts
  • Respond to your inquiries and provide customer support
  • Comply with legal obligations and enforce our terms of service
  • Detect, prevent, and address technical issues or fraudulent activity
04

Data storage and security

4.1 Data storage

Your data is stored on secure cloud infrastructure provided by Amazon Web Services (AWS). All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.2 or higher. We maintain data centers in regions that comply with applicable data protection regulations.

4.2 Security measures

We implement industry-standard security measures to protect your data, including:

  • Encryption of data at rest and in transit
  • Access controls and authentication mechanisms
  • Regular security assessments and vulnerability testing
  • Employee training on data protection and security practices
  • Incident response procedures
  • Network security controls and monitoring
4.3 Incident response

At Atomic One, we take data security incidents extremely seriously. Our dedicated incident response team operates under a strict 24-hour response commitment:

  • Immediate detection — our systems continuously monitor for suspicious activity, unauthorized access attempts, and potential data breaches around the clock.
  • Rapid response — upon detection of any security incident, our incident response team is notified immediately and begins investigation within 1 hour.
  • Customer notification — affected customers are notified within 24 hours of confirming a security incident that may impact their data.
  • Amazon notification — in compliance with Amazon’s Data Protection Policy, any incidents involving SP-API data are reported to Amazon at 3psecurity@amazon.com within 24 hours.
  • Containment & remediation — our team works to contain the incident, eliminate the threat, and restore normal operations as quickly as possible.
  • Post-incident review — after resolution, we conduct a thorough review to identify root causes and implement measures to prevent future occurrences.
  • To report a security concern or potential incident, please contact our security team immediately at security@atomic-one.com.
05

Data retention

We retain your data for as long as your account is active or as needed to provide you with our services. Store performance data including advertising, pricing, inventory, and ranking history is retained for the duration of your subscription to enable historical analysis, trend reporting, and optimization recommendations.

Upon account termination or your request, we will delete or anonymize your personal data within 30 days, except where we are required to retain certain information for legal, accounting, or compliance purposes. Data required for legal obligations may be retained for up to 7 years.

In accordance with Amazon’s Data Protection Policy (DPP), any Personally Identifiable Information (PII) obtained through the SP-API is deleted within 30 days after order delivery confirmation, unless a longer retention period is legally required.

06

Data sharing and disclosure

We do not sell, rent, or trade your personal information or Amazon seller data to third parties. We may share your information only in the following circumstances:

Service providers
We may share data with trusted third-party service providers who assist us in operating our platform (e.g., cloud hosting, payment processing), subject to confidentiality agreements and data protection requirements.
Legal requirements
We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.
Business transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction, subject to the same privacy protections.
With your consent
We may share your information with third parties when you explicitly consent to such sharing.
07

Amazon SP-API compliance

Our use of Amazon SP-API data is governed by Amazon’s Acceptable Use Policy (AUP) and Data Protection Policy (DPP). We are committed to full compliance with these policies, which include:

  • Using Amazon data solely for the purposes authorized by you and necessary to provide our services
  • Implementing appropriate technical and organizational security measures
  • Limiting access to Amazon data on a need-to-know basis within our organization
  • Not sharing Amazon data with unauthorized third parties
  • Promptly reporting any security incidents involving Amazon data to Amazon at 3psecurity@amazon.com
  • Deleting Amazon data upon your request or termination of our services
08

Your rights

Depending on your location, you may have certain rights regarding your personal data, including:

Access
You can request a copy of the personal data we hold about you.
Correction
You can request that we correct any inaccurate or incomplete data.
Deletion
You can request that we delete your personal data, subject to legal retention requirements.
Portability
You can request a copy of your data in a structured, machine-readable format.
Withdrawal of consent
You can revoke your authorization for our application to access your Amazon Seller Central account at any time through Amazon Seller Central.

To exercise any of these rights, please contact us using the information provided in Section 11.

09

Cookies and tracking technologies

We use cookies and similar tracking technologies to enhance your experience on our platform. These technologies help us remember your preferences, analyze usage patterns, and improve our services. You can control cookie settings through your browser preferences. Please note that disabling certain cookies may affect the functionality of our platform.

10

Children’s privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child, we will take steps to delete that information promptly.

12

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Effective Date" at the top of this document. We encourage you to review this Privacy Policy periodically.

Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the updated terms.

11

Contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

ORGAtomic OneEMAILprivacy@atomic-one.comWEBhttps://www.atomic-one.com