Last Updated: September 11, 2025
1. Introduction
EcomATM ("we," "our," or "us") operates ecomatm.net, a comprehensive SaaS e-commerce automation platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
2. Information We Collect
2.1 Personal Information
We collect the following personal information:
- Account Information: Name, email address, password, phone number, business details
- Profile Data: Business name, address, contact information, profile pictures, business logos
- Payment Information: Billing address, payment method details (processed securely through Moneroo)
- Communication Data: WhatsApp numbers, Telegram handles, email addresses for customer communication
- Business Data: Store information, product catalogs, customer data, order information
- Affiliate Information: Bank details, tax information, commission payments data
2.2 Automatically Collected Information
- Usage Data: Pages visited, features used, time spent on platform, click patterns
- Device Information: IP address, browser type, operating system, device identifiers
- Analytics Data: Website performance, user interactions, error logs
- Location Data: General geographic location based on IP address
- Cookies and Tracking: Session tokens, preferences, authentication status
2.3 Third-Party Data
- Google Services: Gmail data, Google Sheets data, OAuth profile information
- Social Media: WhatsApp Business account data, Telegram bot interactions
- E-commerce Platforms: Shopify, WooCommerce, and other platform integrations
- Chrome Extension: WhatsApp contact extraction, browser interaction data
3. How We Use Your Information
3.1 Primary Services
- Providing e-commerce automation and store management services
- Processing orders and managing customer communications
- Facilitating WhatsApp and Telegram messaging automation
- AI-powered closing services and lead management
- Bulk messaging campaigns and customer outreach
- Analytics and performance tracking
- Affiliate program management and commission payments
3.2 AI Services
We use artificial intelligence services including:
- OpenAI GPT: For automated customer responses and content generation
- DeepSeek: For advanced analytics and pattern recognition
- Google Gemini: For multi-modal AI processing and insights
- OpenRouter: For AI model routing and optimization
Your data may be processed by these AI services to provide intelligent automation features. We implement appropriate safeguards and data anonymization where possible.
3.3 Communication and Marketing
- Sending transactional emails and notifications
- Providing customer support and technical assistance
- Marketing communications (with consent)
- Product updates and feature announcements
- Affiliate program communications
4. Data Sharing and Disclosure
4.1 Third-Party Service Providers
We share data with trusted third-party providers:
- Payment Processing: Moneroo for payment processing and billing
- Communication: SterChat for WhatsApp services, Telegram API for bot services
- Cloud Services: Supabase for database services, Vercel for hosting
- Email Services: Resend for transactional emails
- Analytics: Internal analytics services for performance monitoring
- AI Services: OpenAI, DeepSeek, Google, and OpenRouter for AI processing
4.2 Business Transfers
In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction, with appropriate notice to users.
4.3 Legal Requirements
We may disclose information when required by law or to:
- Comply with legal obligations and court orders
- Protect our rights, property, and safety
- Prevent fraud and abuse
- Respond to government requests
5. Data Security
We implement comprehensive security measures including:
- Encryption: Data encryption in transit and at rest
- Access Controls: Role-based access controls and authentication
- Regular Audits: Security assessments and vulnerability testing
- Secure Infrastructure: Cloud-based security with enterprise-grade protection
- Data Minimization: Collecting only necessary data for services
- Regular Backups: Secure data backup and recovery procedures
6. International Data Transfers
Our services operate globally, and data may be transferred to and processed in countries outside your residence, including the United States and European Union. We ensure appropriate safeguards are in place for international transfers, including:
- Standard Contractual Clauses for EU data transfers
- Adequate country decisions where applicable
- Additional safeguards for sensitive data
7. Data Retention
We retain personal information for the following periods:
- Account Data: Until account deletion plus 90 days for backup purposes
- Transaction Records: 7 years for tax and legal compliance
- Communication Logs: 2 years for support and quality purposes
- Analytics Data: 3 years in aggregated, anonymized form
- Marketing Data: Until consent withdrawal
8. Your Rights and Choices
8.1 Access and Control
You have the right to:
- Access and review your personal information
- Update or correct inaccurate data
- Delete your account and associated data
- Export your data in a portable format
- Restrict processing of your information
- Object to certain processing activities
8.2 Communication Preferences
- Opt-out of marketing communications
- Manage notification preferences
- Control cookie settings
- Withdraw consent for data processing
8.3 GDPR Rights (EU Residents)
If you're an EU resident, you have additional rights under GDPR:
- Right to be informed about data processing
- Right of access to personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent at any time
9. Cookies and Tracking Technologies
We use cookies and similar technologies for:
- Essential Cookies: Authentication, security, and core functionality
- Performance Cookies: Analytics, error tracking, and performance monitoring
- Functional Cookies: User preferences and personalization
- Third-Party Cookies: Integration services and external tools
You can control cookie preferences through your browser settings or our cookie management tool.
10. Children's Privacy
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware of such collection, we will take steps to delete the information promptly.
11. Changes to Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of material changes through email or prominent notice on our platform. Continued use of our services after changes indicates acceptance of the updated policy.
12. Contact Information
For questions about this Privacy Policy or to exercise your rights, contact us at:
EcomATM Data Protection Team
Email: privacy@ecomatm.net
Address: [Company Address]
Phone: [Contact Number]
Data Protection Officer: dpo@ecomatm.net
13. Complaints and Disputes
If you have concerns about our data handling practices, you may file a complaint with the relevant data protection authority in your jurisdiction. EU residents may contact their local Data Protection Authority or the Irish Data Protection Commission.
Important Notice: This Privacy Policy is part of our Terms of Service. By using EcomATM services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.