Privacy Policy

Effective date: June 14, 2026

ZeroStressPPC LLC (“we”, “us”, “our”) operates ZeroStressPPC, a software-as-a-service platform available at zerostressppc.ai (the “Service”) that helps Amazon sellers analyze and optimize their Amazon advertising and selling activity. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices you have.

This policy applies to data we process when you visit our website, create an account, or connect your Amazon accounts to the Service. For the purposes of applicable data protection law, ZeroStressPPC LLC, 1065 SW 8th St, Unit 5683, Miami, FL 33130, is the data controller of the personal information described in this policy.

1. Information we collect

1.1 Account information

When you register, we collect your name, email address, and organization name. Authentication is handled by our identity provider, Clerk (see Section 4). We do not store your password.

1.2 Billing information

Payments are processed by Dodo Payments, which acts as the merchant of record. We do not store full payment card numbers on our systems. We retain billing records (plan, invoices, payment status) as needed for accounting and tax purposes.

1.3 Amazon data you authorize us to access

When you connect your Amazon accounts through Amazon’s secure authorization flow (Login with Amazon / OAuth), you grant the Service permission to access, on your behalf:

  • Advertising data (Amazon Ads API): campaigns, ad groups, keywords, targets, bids, budgets, placements, and their performance metrics (impressions, clicks, spend, sales).
  • Selling partner data (Selling Partner API): orders data, inventory and catalog information, fees, financial transactions, shipments, and returns related to your seller account.

We do not request or access personal information about your buyers. Our Amazon API authorizations deliberately exclude the roles that expose buyer names, shipping addresses, or other buyer personal data. Order information is processed at the level of order IDs, SKUs/ASINs, quantities, and amounts only.

1.4 Authorization tokens

The OAuth refresh tokens that let the Service access your Amazon accounts are stored encrypted at rest using industry-standard encryption, with encryption keys managed in AWS Key Management Service (KMS). Tokens are decrypted only at the moment they are needed to call Amazon’s APIs, and are never written to logs or shared with third parties. You can revoke our access at any time from your Amazon account settings or by disconnecting within the Service.

1.5 Usage data and cookies

We collect technical logs (IP address, browser type, pages visited, timestamps, errors) to operate, secure, and improve the Service. We use strictly necessary cookies for authentication and session management. We do not use advertising, analytics, or cross-site tracking cookies.

2. How we use information

We use the information described above to:

  • Provide the Service: dashboards, reports, alerts, and the advertising optimizations you configure (for example, bid and budget adjustments submitted to Amazon on your behalf).
  • Operate keyword rank tracking within the quotas of your subscription plan.
  • Authenticate you and secure your account.
  • Bill you for your subscription and manage your plan.
  • Notify you about service events (for example, a disconnected Amazon authorization that needs to be re-linked, or processing failures affecting your account).
  • Monitor, troubleshoot, and improve the Service.
  • Comply with legal obligations.

We may use aggregated and de-identified data (data that can no longer reasonably be linked to you or your Amazon account) for analytics, benchmarking, and service improvement.

We do not sell your data. We do not use your data for third-party advertising. We do not use your Amazon data for any purpose other than providing and improving the Service to you, as permitted by Amazon’s policies.

3. Amazon data protection commitments

Our access to Amazon APIs is governed by Amazon’s developer policies, including the Amazon Selling Partner API Data Protection Policy and Acceptable Use Policy, and the Amazon Ads API terms. In line with those policies, we:

  • Request only the minimum API roles and scopes the Service needs.
  • Encrypt Amazon data in transit (TLS 1.2+) and at rest.
  • Restrict internal access to Amazon data to what is strictly necessary to operate the Service.
  • Keep each customer’s data logically isolated from every other customer’s data.
  • Do not disclose Amazon data to third parties except as described in Section 4.
  • Maintain an incident response process; if a security incident affects your data, we will notify you and the relevant parties (including Amazon, where required) without undue delay.

4. Who we share information with

We share information only with the service providers (subprocessors) we use to run the Service, and we share only the minimum information each provider needs to perform its function (the “Data involved” column below), under contracts that limit their use of the data to providing services to us:

ProviderPurposeData involved
Amazon Web Services (AWS)Cloud hosting, databases, storage, key managementAll Service data (encrypted at rest)
ClerkAuthentication and subscription managementName, email, organization, session data
Dodo PaymentsPayment processing and merchant of recordBilling details, payment status
VercelWebsite and dashboard hostingTechnical/usage data
Amazon (Ads API / Selling Partner API)The data source you authorizeAPI calls on your behalf
HostingerTransactional email notificationsYour email address, notification content

We may also disclose information if required by law, to protect our rights or the rights of others, or as part of a corporate transaction (merger, acquisition), in which case this policy will continue to apply to the data transferred.

5. Security

We protect your information with technical and organizational measures including: encryption in transit (TLS) and at rest, encryption key management in AWS KMS, per-customer data isolation enforced at the application and database layer, least-privilege access controls, audit logging, and automated isolation tests run before each release.

No system is 100% secure. If we become aware of a breach affecting your personal information, we will notify you without undue delay and within any timeframe required by applicable law.

6. Data retention and deletion

  • While your account is active: we retain your Amazon data to provide the Service. Recent data is kept in our live database; older historical data may be moved to encrypted archival storage, where it remains available to your reports.
  • If you disconnect an Amazon account: we stop ingesting new data from it immediately.
  • If you cancel or your account is suspended: your data is retained for 90 days (so you can reactivate without losing history, and for billing/legal reasons), after which it is permanently deleted from our systems. Backups are purged on their normal rotation cycle.
  • Billing and tax records are retained as long as required by applicable law.

You may request earlier deletion at any time (see Section 7).

7. Your rights

Depending on where you live, you may have the right to access, correct, export, restrict, object to the processing of, or delete your personal information, and the right to lodge a complaint with a supervisory authority.

  • If you are in the European Economic Area or the United Kingdom, you have these rights under the GDPR / UK GDPR.
  • If you are a California resident, you have equivalent rights under the CCPA/CPRA. We do not “sell” or “share” personal information as defined by the CCPA.

To exercise any of these rights, contact us at hello@zerostressppc.ai. We will respond within the timeframe required by applicable law.

8. International transfers

The Service is hosted in the United States (AWS, region us-east-1). If you access the Service from outside the United States, your information will be transferred to and processed in the United States. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) for these transfers.

9. Cookies

We use strictly necessary cookies to keep you signed in and to secure the Service. We do not use advertising, analytics, or cross-site tracking cookies.

10. Children

The Service is intended for businesses and is not directed at anyone under 18. We do not knowingly collect personal information from minors.

11. Changes to this policy

We may update this policy from time to time. If we make material changes, we will notify you by email or through the Service before the changes take effect. The “Effective date” at the top indicates the latest revision.

12. Contact

ZeroStressPPC LLC
1065 SW 8th St, Unit 5683, Miami, FL 33130
Email: hello@zerostressppc.ai