AMZ POD Explorer

Last Updated: March 29, 2026

1. Introduction

This Privacy Policy describes how TOOFITRY LTD ("AMZ POD Explorer", "we", "us", or "our") collects, uses, and protects your personal information when you use our websites, Chrome Extension, and related services (collectively, the "Service").

We are committed to protecting your privacy and complying with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR).

2. Quick Summary (Plain English)

  • We do not sell your personal data.
  • Extension scope: the AMZ POD Explorer extension runs on supported Amazon pages and reads product/search-page information needed to provide its features.
  • Local vs server: some data is processed locally in your browser, and some data is sent to our servers when you use server-backed features (e.g., account connection, syncing tracked products, tracking history).
  • Payments: payments are processed by Stripe; we do not store your card details.

3. Chrome Extension Privacy Notice

This section applies specifically to the AMZ POD Explorer Chrome Extension.

3.1 Where the extension runs

  • The extension is designed to run on supported Amazon marketplaces (for example: amazon.com, amazon.co.uk, amazon.de, amazon.fr, amazon.it, amazon.es, amazon.co.jp, amazon.ca, amazon.com.au).
  • The extension does not run on, or read page content from, unrelated websites.

3.2 Data the extension reads on Amazon pages

To provide its features, the extension may read information shown on Amazon product/search pages, such as:

  • ASIN, title, images, price, rating, reviews count, badges, add date, and Best Sellers Rank (BSR) when available on the page.
  • Search keywords you enter on Amazon or that you explicitly trigger via the extension tools (e.g., context menu searches).

3.3 Data stored locally in your browser

The extension stores some data locally (via Chrome extension storage) to function properly, for example:

  • Extension settings and UI preferences.
  • Tracked products list and local tracking/cache state.
  • Authentication tokens (when you connect the extension to your account).

3.4 Data sent to our servers (when you use server-backed features)

When you connect the extension and use server-backed features, the extension may send data to app.amzpodexplorer.com, including:

  • Account authentication data: your email address and authentication information (transmitted over HTTPS) to authenticate your account.
  • Device information: device identifier and basic environment info (e.g., browser) to manage device limits and security.
  • Tracking sync data: tracked ASINs and related tracking metrics (e.g., BSR/price snapshots and tracking history) to enable syncing, history charts, and viewing in the web app.

We do not collect your general browsing history. The extension only accesses Amazon page content required for its features.

3.5 Third-party requests made by the extension

  • Amazon: the extension reads Amazon page content and may request Amazon resources needed for features (e.g., product images hosted by Amazon).
  • Amazon suggestions: keyword tools may query Amazon’s suggestions endpoint (e.g., completion.amazon.<tld>) to provide keyword suggestions.
  • Connectivity check: the extension may request a lightweight URL (e.g., clients3.google.com/generate_204) to detect connectivity and improve reliability.

3.6 How you can control or delete extension data

  • You can disconnect the extension (which removes the authentication token stored locally in the extension).
  • You can clear extension local data using your browser’s extension settings, or by uninstalling the extension.
  • You can request deletion of your server-side account data by contacting us (see Contact section).

4. Information We Collect

We collect information in the following ways:

A. Information You Provide

  • Account Information: when you create an account, we collect your first name, last name, and email address.
  • Password: your password is stored server-side in a secure hashed form. We do not store your password in plain text.
  • Support Communications: when you contact us, we collect your name, email, and the contents of your message.

B. Information We Collect Automatically

  • Account Technical Information: we may collect technical information when you log in, such as IP address and browser type (User Agent), for security and abuse prevention.
  • Log Files: our servers may log standard data (IP, timestamps, requested pages) for troubleshooting, security, and analytics.
  • Cookies: we use essential cookies to manage your session and keep you logged in. We do not use third-party tracking or advertising cookies.

C. Information We Do Not Collect

Payment and billing information: we do not collect, store, or process your payment card details. Payments are handled directly by our payment processor, Stripe.

5. How We Use Your Information

  • To provide and maintain the Service: create accounts, authenticate users, and operate features.
  • To manage subscriptions: manage subscription status and entitlements (payments handled by Stripe).
  • To communicate with you: support responses, service updates, and administrative messages.
  • To ensure security: detect and prevent fraud, unauthorized access, and prohibited activities.
  • To improve the Service: understand usage and improve performance and reliability.

6. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share it with the following providers as needed to operate the Service:

  • Stripe (Payment Processor): we share your email address and internal identifiers needed to manage subscriptions. You provide payment details directly to Stripe.
  • Email service provider (Brevo / mail proxy): to send transactional emails (activation codes, password resets) and service communications.
  • Google reCAPTCHA: used on our sign-up page to prevent automated abuse (subject to Google’s terms/privacy).
  • Legal requirements: we may disclose data if required by law or valid legal process.

7. Data Security

We use HTTPS and apply security measures to protect your data. No method of transmission over the Internet is 100% secure.

8. Data Retention

We retain personal data for as long as your account is active. We may retain some data for a reasonable period after closure to comply with legal obligations, resolve disputes, and enforce agreements.

9. Your Data Protection Rights (UK GDPR)

As we are based in the United Kingdom, you may have the following rights under the UK GDPR (subject to applicable conditions):

  • Access (request a copy of your data).
  • Rectification (correct inaccurate data).
  • Erasure (request deletion of your data).
  • Restrict processing.
  • Object to processing.
  • Data portability.

To exercise your rights, please contact us via our Contact Page.

10. CCPA Privacy Rights (California)

If you are a California resident, you may have rights under the CCPA. We do not sell personal information.

  • Request disclosure of categories and specific pieces of personal data collected.
  • Request deletion of personal data (subject to exceptions).

To exercise these rights, please contact us.

11. Children's Privacy

Our Service is not intended for use by anyone under the age of 18 (as per our Terms of Use). We do not knowingly collect personal information from children under 13.

12. Changes to This Privacy Policy

We may update this policy from time to time. We will post updates on this page and update the “Last Updated” date when the policy content changes.

13. Contact Us

If you have questions about this Privacy Policy, please contact us: