Features
Integrations
Resource
Pricing
Privacy Policy
Effective May 22, 2025
Welcome to PippaSync, a leading multichannel e-commerce management platform. We prioritize your privacy and are committed to protecting your personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant regulations.
02
Information We Collect & How We Use It
03
Legal Basis for Data Processing
04
Marketplace API & Third-Party Integrations
05
Cookies & Tracking Technologies
06
Data Processing on Behalf of Users
07
User Rights & Control Over Personal Data
09
Data Transfers & Storage
10
Third-Party Sharing & Integrations
11
Legal Disclosures & Compliance with Law
12
Data Retention & Deletion Policy
13
Data Protection Rights & User Controls
14
International Data Transfers
15
Security Measures & Data Protection Practices
16
Contact Information & Support
Introduction
Principles & Practices
This Privacy Policy outlines how we collect, use, store, and share your personal data when you interact with our platform, website, or services (collectively, the โServicesโ). By accessing or using our Services, you agree to the practices described in this Privacy Policy.
If you do not agree with any terms outlined here, you should discontinue using our Services.
This Privacy Policy applies to:
Users who create an account or use our Services.
Visitors who browse our website.
Any individual or entity interacting with PippaSyncโs Services.
For more details about your rights and responsibilities, please also review our Terms of Service.
Information We Collect & How We Use It
To provide you with the best possible experience, PippaSync collects different types of information when you use our Services. This section explains what data we collect, how we collect it, and why we collect it.
Types of Data We Collect
1.Personal Data (Provided by Users):
Full Name
Email Address
Contact Number
Business Name
Billing & Payment Details
Account Login Credentials
2.Business Data (Connected to E-commerce Operations):
Product Listings and Inventory Data
Order History & Transactional Data
Sales Performance & Revenue Insights
Marketplace API Data (e.g., from Amazon, eBay, Walmart, Shopify)
3.Technical Data (Automatically Collected):
IP Address & Geolocation
Device Information (Operating System, Browser Type)
Website Usage Analytics (Page Views, Session Duration)
4.Third-Party Data (Integrated Services):
Data from marketplaces and e-commerce platforms you connect to PippaSync
Payment processor information (via Stripe, PayPal, or others)
Shipping and logistics data from integrated carriers
5.Communication & Support Data:
Emails and messages exchanged with our customer support team
Responses to surveys or feedback forms
How We Use Your Data
PippaSync only uses your data for the following lawful purposes:
Purpose
How we use your data
Account Creation & Management
To set up and manage your PippaSync account, authenticate access, and maintain security.
Service Delivery & Platform Functionality
To set up and manage your PippaSync account, authenticate access, and maintain security.
Billing & Payments
To process transactions and manage subscription plans.
Marketing & Communications
To send updates, newsletters, and product announcements (you can opt out anytime).
Customer Support
To respond to inquiries, troubleshoot issues, and improve user experience.
Legal Compliance & Security
To prevent fraud, comply with legal obligations, and protect against unauthorized access.
๐ PippaSync does NOT sell your personal data to third parties.
Legal Basis for Data Processing
PippaSync only collects and processes your personal data when we have a valid legal reason to do so. Under GDPR and other data protection laws, our processing activities rely on the following legal bases..
Contractual Necessity
When we process your data to provide our core Services (e.g., account setup, inventory sync, order management).
If you create an account or subscribe to a paid plan, we process your payment information to fulfil our contractual obligations.
Legitimate Interests
To improve our platform, develop new features, and analyze usage trends.
To prevent fraud, security breaches, and unauthorized account access.
To send important service-related notifications (e.g., system updates, downtime alerts.
User Consent
We ask for explicit consent before sending marketing emails, promotional offers, and product updates.
You can withdraw consent at any time by updating your preferences.
Legal Compliance
We may process your data to comply with tax regulations, anti-money laundering laws, and government requests.
Market place API Integrations
PippaSync is designed to seamlessly integrate with multiple e-commerce platforms, marketplaces, payment gateways, and third-party tools. These integrations allow users to sync inventory, manage listings, process orders, and analyze performance across multiple sales channels.
Third-Party Marketplaces & Services We Integrate With
When you connect an external platform to PippaSync, we may collect and process data from:
E-commerce Marketplaces: Amazon, eBay, Walmart, Etsy, Shopify, WooCommerce, BigCommerce, Magento, and others..
Payment Providers: Stripe, PayPal, and other third-party payment gateways.
Shipping & Fulfillment Partners: FedEx, UPS, USPS, DHL, and similar services.
Accounting & Tax Solutions: QuickBooks, Xero, Avalara, etc.
What Data Do We Access from These Integrations?
When you connect an external platform to PippaSync, we may collect and process data from:
โ Product listings and inventory data
โ Order details (e.g., transaction ID, buyer name, shipping address)
โ Marketplace fees, payments, and invoices
โ Sales performance analytics
โ Shipping and tracking information
How We Handle Third-Party Data
You can manage API connections and revoke access anytime via PippaSync settings.
We only retain third-party data as long as necessary for service functionality.
We do not sell or share this data with unauthorized parties.
๐ Important: Your access to third-party services is also subject to their respective privacy policies and terms. We encourage you to review them.
Cookies & Tracking Technologies
PippaSync uses cookies and similar tracking technologies to enhance your experience, analyze platform performance, and personalize content. This section explains how we use cookies, what types we use, and how you can manage your preferences.
What Are Cookies?
Cookies are small text files stored on your device when you visit our website or use our platform. They help us remember user preferences, track activity, and improve functionality.
Types of Cookies We Use
Strictly Necessary Cookies
Essential for core functionality (e.g., login authentication, security features). Cannot be disabled.
Performance Cookies
Track usage analytics, error reporting, and user experience improvements.
Functionality Cookies
Remember user preferences and settings for a personalized experience.
Marketing & Advertising Cookies
To send updates, newsletters, and product announcements (you can opt out anytime).
How We Use Cookies & Tracking Technologies
โ Improve User Experience: Store login details, session preferences, and navigation history.
โ Analyze Website Traffic: Track how users interact with our website to improve performance.
โ Security & Fraud Prevention: Detect suspicious behavior and unauthorized access attempts.
โ Personalized Content: Display relevant product recommendations and updates based on your activity.
Third-Party Tracking & Analytics
We may use third-party services like Google Analytics, Facebook Pixel, and Hotjar to collect anonymous usage data and measure website effectiveness.
Managing Your Cookie Preferences
You can control or disable cookies through:
Your browser settings (Chrome, Firefox, Edge, Safari).
The cookie consent banner displayed when you first visit our website.
Opt-out tools provided by third-party advertising networks.
Note: Disabling certain cookies may impact your ability to use some PippaSync features.
Data Processing on Behalf of Users
As a multichannel e-commerce management platform, PippaSync acts as a data processor when handling customer data on behalf of users. This means we process data only under the instructions of our users (the data controllers).
What Does This Mean?
You (the user) own the data that flows through your account.
PippaSync does not use, sell, or modify your data for purposes outside of service functionality.
We only process customer data when necessary to fulfill contractual obligations.
Responsibilities of Users (Data Controllers)
If you handle customer data via PippaSync (e.g., order details, buyer addresses), you are responsible for ensuring compliance with applicable data protection laws (GDPR, CCPA, etc.).
โ Obtain proper consent from your customers before collecting personal data.
โ Ensure customer data is processed lawfully, fairly, and transparently
โ Respond to any data subject requests (e.g., right to access, delete, or rectify).
How PippaSync Protects Customer Data
Encryption & Secure Storage:We use industry-standard encryption (AES-256) to protect sensitive data.
Access Control:Only authorized users and personnel can access account data.
Regular Audits:Our security protocols are reviewed periodically to ensure compliance.
Data Retention & Deletion
We retain customer-related data only as long as necessary to fulfill the service agreement.
You can request data deletion at any time via account settings or by contacting support.
Upon account termination, all stored data is permanently deleted unless legal obligations require retention.
User Rights & Control Over Personal Data
At PippaSync, we believe in transparency and user control over personal data. Users have various rights under data protection laws such as GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and other applicable regulations.
Your Rights as a User
Depending on your location, you may have the following rights regarding your personal data:
Right to Access
Request a copy of the personal data we hold about you.
Right to Rectification
Correct or update inaccurate or incomplete information.
Right to Erasure ("Right to be Forgotten")
Request deletion of your personal data, subject to legal retention requirements.
Right to Restriction of Processing
Limit how we process your data under certain conditions.
Right to Data Portability
Obtain a structured, commonly used, and machine-readable copy of your data.
Right to Object
Object to processing of your personal data for marketing purposes or in certain circumstances.
Right to Withdraw Consent
If you have provided consent for processing, you may withdraw it at any time.
Right to File a Complaint
Lodge a complaint with a data protection authority if you believe your rights have been violated.
How to Exercise Your Rights
Users can submit data-related requests through the following methods:
Account Settings: Some data updates and deletions can be made directly within your PippaSync account.
Email Support: Contact our Data Protection Team at privacy@pippasync.com with your request.
Official Request Form: Submit a formal request via our Privacy Request Portal (link provided in your account settings).
๐น Verification Process: For security purposes, we may require identity verification before processing requests.
๐น Response Time: We strive to respond within 30 days, with possible extensions for complex requests
Data Security Measures
PippaSync implements industry-leading security measures to protect user data from unauthorized access, breaches, and misuse. Our security framework is aligned with global best practices, including ISO 27001, SOC 2, and GDPR compliance.
Security Framework
Encryption: All sensitive data is encrypted using AES-256 encryption in transit and at rest.
Access Controls: Role-based access ensures that only authorized personnel can access sensitive information.
Secure Authentication: Multi-factor authentication (MFA) and password hashing are enforced for user accounts.
Regular Security Audits: We conduct penetration testing and vulnerability assessments regularly.
Fraud Prevention & Account Protection
PippaSync employs AI-driven threat detection to monitor unusual account activity and potential fraud.
Session Tracking: Users can view and manage active logins from their account settings.
Auto-Logout: Inactive sessions are automatically logged out for security reasons.
Login Alerts: Users receive notifications for logins from new devices or locations.
Incident Response & Breach Handling
24/7 Monitoring: Our security team continuously monitors for potential threats.
Immediate Notification: In the event of a data breach, affected users will be notified promptly.
Mitigation Measures: We take immediate action to secure data and prevent future breaches.
๐น Report Security Concerns: If you suspect a security issue, email us at security@pippasync.com.
Data Transfers & Storage
PippaSync operates globally, and user data may be stored and processed across multiple jurisdictions to ensure performance, reliability, and compliance with legal requirements.
Where Your Data Is Stored
User data is stored securely in data centers located in the United States, European Union, and other regions, depending on user location and regulatory compliance.
For U.S. Users:Data is stored in secure U.S.-based servers compliant with CISA, NIST, and SOC 2 standards.
For EU & UK Users: Data is stored within GDPR-compliant data centers located in Europe.
For Other Regions: Data may be processed in additional locations based on service needs and local legal frameworks.
International Data Transfers
To facilitate global operations, data may be transferred across regions, following strict security and compliance protocols. We ensure cross-border data transfers are compliant with:
โ EU-U.S. Data Privacy Framework
โ Standard Contractual Clauses (SCCs) under GDPR
โ UK Data Transfer Addendum
โ CCPA & CPRA Compliance for U.S. Customers
How We Protect Cross-Border Data
โ End-to-End Encryption: All data transfers are secured using TLS 1.2/1.3 encryption.
โ Third-Party Audits: Independent security reviews ensure compliance with regulatory requirements.
โ Restricted Access: Only authorized personnel can access transferred data under strict controls.
๐น User Control: If you have concerns about data transfers, you may request to store your data in a specific region by contacting our support team.
Third-Party Sharing & Integrations
PippaSync integrates with various third-party services to enhance platform functionality, improve user experience, and ensure seamless multi-channel eCommerce operations. We are committed to responsible data sharing, ensuring compliance with GDPR, CCPA, and other applicable laws.
Categories of Third Parties We Share Data With
We never sell user data. However, we may share limited data with trusted third parties in the following categories:
Category
Purpose of Data Sharing
Cloud & Hosting Providers
Secure storage & performance optimization (e.g., AWS, Microsoft Azure, Google Cloud).
Payment Processors
Secure payment transactions & fraud prevention (e.g., Stripe, PayPal).
Integration Partners
Enabling marketplace & eCommerce platform connections (e.g., Amazon, eBay, Shopify, Walmart).
Analytics & Performance Tracking
Enhancing user experience through insights & improvements (e.g., Google Analytics, Mixpanel).
Right to Data Portability
Obtain a structured, commonly used, and machine-readable copy of your data.
Customer Support & Communication Tools
Providing real-time support & notifications (e.g., Zendesk, Intercom, Twilio).
Legal & Compliance Entities
Ensuring regulatory compliance & fraud prevention.
Third-Party Service Providersโ Responsibilities
All third-party providers must sign strict data processing agreements to ensure compliance with GDPR, CCPA, and relevant privacy laws.
We require third-party vendors to implement strong security measures, preventing unauthorized access to shared data.
Third parties cannot use shared data for purposes outside the agreed services.
How to Manage Third-Party Data Sharing
Users can manage their third-party integrations from their PippaSync account settings.
Enable or Disable Integrations: Users have the ability to activate or deactivate integrations that require data sharing.
Withdraw Consent: Users may revoke consent for third-party data sharing by contacting privacy@pippasync.com.
Request Data Deletion: Users can request that third-party providers delete shared data if permitted by law.
Legal Disclosures & Compliance with Law
PippaSync is committed to operating transparently and ethically while complying with legal obligations and government regulations.
When We May Disclose Your Data
We may disclose user data in the following circumstances:
โ Compliance with Law & Regulations
We may disclose personal data if required by law, court order, or regulatory authority (e.g., GDPR, CCPA, FTC regulations)
โ Law Enforcement Requests & Fraud Prevention
We may share user data with law enforcement agencies if:
It is necessary to detect, prevent, or investigate fraud, cybercrime, or security threats
It is required to comply with a legally binding law enforcement request
โ Protection of PippaSync & User Interests
We may disclose data to enforce our Terms of Service, protect our rights, prevent fraud, security threats, or abuse, or defend against legal claims
โ Business Transfers (Mergers & Acquisitions)
In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of business continuity efforts
We will notify affected users before such data transfers occur.
Users retain the right to opt out of continued service under new ownership.
โ Consent-Based Disclosures
If a user explicitly authorizes data disclosure to third parties for specific purposes, we will process the request accordingly
๐น User Notification: Unless prohibited by law, we strive to notify users before disclosing data in response to legal or law enforcement requests.
Data Retention & Deletion Policy
PippaSync follows a strict data retention policy to ensure that user data is stored only as long as necessary for service operations, legal compliance, and business continuity.
How Long We Retain User Data
We retain personal data based on the purpose of collection:
Data Type
Retention Period
Reason for Retention
Account Information
Retained as long as the account is active.
Required for service functionality.
Billing & Transaction Data
Retained for 7 years.
Compliance with tax & financial regulations.
Support & Communication Logs
Retained for 2 years.
Internal analysis & customer service record-keeping.
Marketing Preferences & Email Records
Retained until opt-out or 2 years of inactivity.
Ensuring compliance with email marketing laws.
Technical Logs & Security Data
Retained for 12-24 months.
Fraud detection & security monitoring.
User-Controlled Data Deletion
Users have the right to request deletion of their personal data.
Steps to Request Data Deletion:
a. Through Account Settings
Users can initiate a self-service account deletion under "Privacy & Security Settings.
b. By Contacting Support
Email privacy@pippasync.com with a data deletion request (verification required).
c. Legal Restrictions on Deletion
Certain data may be retained for legal, tax, or compliance reasons.
We will inform users if some data cannot be immediately deleted due to legal obligations.
Anonymization & Aggregated Data
Certain data may be retained for legal, tax, or compliance reasons.
We will inform users if some data cannot be immediately deleted due to legal obligations.
๐น Final Confirmation: Users will receive a confirmation email once their deletion request is processed.
Data Protection Rights & User Controls
Overview of User Rights Under GDPR & CCPA
PippaSync ensures that users have full control over their personal data. Depending on location (e.g., GDPR in the EU, CCPA in California), users may have the following rights:
Right to Access
Request a copy of personal data we store about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure (Right to Be Forgotten)
Request deletion of your personal data (subject to legal obligations).
Right to Restrict Processing
Limit how we use your data in certain situations.
Right to Data Portability
Request to receive your data in a structured, commonly used format.
Right to Object to Processing
Opt out of data processing for marketing or other purposes.
Right to Withdraw Consent
Revoke consent for data collection and marketing communications at any time.
How to Exercise Rights & Contact PippaSync
Users can submit requests via:
Email: privacy@pippasync.com
Account Settings: Manage data preferences directly in Privacy & Security Settings.
Support Portal: Submit a request through our helpdesk.
We respond to all verified requests within 30 days, as per GDPR and CCPA guidelines.
International Data Transfers
PippaSync operates globally, which means user data may be transferred and processed in different regions where our servers or trusted partners are located.
Data Transfers Outside the User's Country
We ensure that all data transfers comply with:
โ EU General Data Protection Regulation (GDPR)
โ UK Data Protection Act
โ California Consumer Privacy Act (CCPA)
โ Other applicable laws
For users in the EU, UK, or Switzerland, we use the following mechanisms to ensure lawful data transfers:
โ Standard Contractual Clauses (SCCs) approved by the European Commission
โ Data Privacy Framework for transfers to U.S.-based service providers
Security Measures for International Transfers
We implement strict data protection measures, including:
โ Encryption of data during transmission.
โ Access controls and authentication protocols
โ Contractual safeguards with third-party vendors
๐น Users may contact us at privacy@pippasync.com if they require further information about international data transfers.
Security Measures & Data Protection Practices
PippaSync takes robust security measures to protect user data from unauthorized access, loss, misuse, or alteration.
Security Measures We Implement
โ Encryption: All sensitive data is encrypted in transit and at rest.
โ Access Control: Strict user authentication and role-based access permissions.
โ Regular Security Audits: Continuous monitoring for vulnerabilities.
โ Incident Response Plan: In case of a data breach, affected users will be notified promptly.
โ Two-Factor Authentication (2FA): Optional security layer for user accounts.
User Best Practices for Security
We recommend that users:
โ Enable Two-Factor Authentication (2FA).
โ Use strong passwords and avoid reuse across platforms.
โ Monitor account activity for any unauthorized actions.
โ Immediately report suspicious activity to security@pippasync.com
'%20fill='url(%23paint0_radial_3247_8448)'/%3e%3crect%20width='947'%20height='1'%20transform='translate(0.5%200.78125)'%20fill='url(%23paint1_linear_3247_8448)'/%3e%3cdefs%3e%3cradialGradient%20id='paint0_radial_3247_8448'%20cx='0'%20cy='0'%20r='1'%20gradientUnits='userSpaceOnUse'%20gradientTransform='translate(470%2054)%20rotate(6.55418)%20scale(473.092%20107.294)'%3e%3cstop%20stop-color='%23C7C7C7'%20stop-opacity='0.05'/%3e%3cstop%20offset='0.7'%20stop-opacity='0'/%3e%3c/radialGradient%3e%3clinearGradient%20id='paint1_linear_3247_8448'%20x1='0'%20y1='0.5'%20x2='947'%20y2='0.5'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-opacity='0'/%3e%3cstop%20offset='0.5'%20stop-color='%2333C702'%20stop-opacity='0.65'/%3e%3cstop%20offset='1'%20stop-opacity='0'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)
