Privacy Policy

Last updated: April 4, 2026

At MerchIntel, we take your privacy seriously. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our website (merchintel.com) and our SaaS platform (app.merchintel.com).

We built MerchIntel to help Merch by Amazon sellers research niches, analyze competition, and track trends. We only collect the data we need to deliver that service and keep it safe.

By using MerchIntel, you agree to the practices described in this policy. If you disagree with any part, please discontinue use of our services.

1. Information We Collect

Information you provide directly: When you create an account, we collect your name, email address, and password. If you subscribe to a paid plan, our payment processor Stripe collects your billing address and payment method. We never store your full credit card number on our servers.

Information collected automatically: When you visit our website, we automatically collect your IP address, browser type, operating system, referring URLs, pages visited, and time spent on each page. We use Google Analytics (via Google Tag Manager) and Cloudflare to gather this data.

Cookies and similar technologies: We use cookies to maintain your session, remember your preferences, and understand how you use our site. See Section 4 for details on the specific cookies we use.

Information from third parties: We may receive basic account verification data from Stripe when you complete a payment. We do not purchase personal data from data brokers.

2. How We Use Your Information

To provide our service: We use your account information to create and manage your MerchIntel account, process your subscription, give you access to our research tools, dashboards, and trademark checking features.

To improve our product: We analyze usage patterns (in aggregate) to understand which features are most valuable, identify bugs, and make MerchIntel better for all sellers.

To communicate with you: We send transactional emails (account confirmation, password resets, payment receipts) and, if you opt in, product updates and tips for Merch by Amazon sellers. You can unsubscribe from marketing emails at any time.

To protect our platform: We use your data to detect fraud, prevent abuse, enforce our Terms of Service, and maintain the security of our systems.

To comply with the law: We may process your data when required by law, regulation, or legal process (such as a court order or tax obligation).

3. Who We Share Your Data With

We do not sell your personal information. We do not share your data for cross-context behavioral advertising.

Service providers: We share data with trusted third parties that help us operate MerchIntel:

Stripe — processes payments and manages subscriptions. Stripe is PCI-DSS Level 1 certified. Stripe Privacy Policy

Google Analytics & Google Tag Manager — helps us understand website traffic and usage. Google Privacy Policy

Cloudflare — provides CDN delivery, DDoS protection, and edge caching. Cloudflare Privacy Policy

Legal requirements: We may disclose your information if required by law, subpoena, court order, or government request. We will notify you if legally permitted to do so.

Business transfers: If MerchIntel is acquired or merged, your information may be transferred to the new entity. We will notify you before your data becomes subject to a different privacy policy.

4. Cookies and Tracking Technologies

Cookies are small text files stored on your device. We use the following types:

Essential cookies: Required for the site to function (session management, security tokens). These do not require consent.

Analytics cookies: Google Analytics sets cookies (_ga, _gid) to help us measure traffic and understand how visitors use our site. These cookies expire after 14 months and 24 hours, respectively.

Performance cookies: Cloudflare sets cookies (__cf_bm) for bot detection and DDoS protection. These are session-based.

You can control cookies through your browser settings. Disabling non-essential cookies will not affect core functionality, but may limit our ability to improve the service based on usage data.

5. Data Retention

We keep your data only as long as necessary for the purposes described in this policy:

Account data — retained while your account is active, then deleted within 90 days of account closure

Payment records — retained for 7 years as required by tax and financial regulations

Analytics data — retained for 14 months (Google Analytics default), then automatically deleted

Support tickets — retained for 1 year after resolution

Server logs — retained for 30 days for debugging and security purposes

When data is no longer needed, we delete it or anonymize it so it can no longer identify you.

6. Your Privacy Rights

For all users: You can access, update, or delete your account information at any time through your account settings or by contacting us at support@merchintel.com.

For EEA residents (GDPR): You have the right to access your data, correct inaccuracies, request erasure, restrict processing, data portability, and object to processing based on legitimate interest. You may also lodge a complaint with your local data protection authority. To exercise these rights, email support@merchintel.com with "GDPR Request" in the subject line. We will respond within 30 days.

For California residents (CCPA/CPRA): You have the right to know what personal information we collect and how we use it, request deletion of your data, and opt out of the sale or sharing of your data. We do not sell your personal information. To exercise these rights, email support@merchintel.com with "CCPA Request" in the subject line. We will respond within 45 days. We will not discriminate against you for exercising your rights.

For other US states: Residents of Virginia, Colorado, Connecticut, Utah, and other states with privacy laws have similar rights. Contact us using the same process described above.

7. Data Security

We protect your data using industry-standard security measures including HTTPS/TLS encryption for all data in transit, encrypted data at rest, access controls limiting employee access to personal data, and regular security reviews.

Stripe handles all payment processing and is PCI-DSS Level 1 certified. We never store your full credit card number, expiration date, or CVV on our servers.

No system is 100% secure. If we discover a data breach affecting your personal information, we will notify you and relevant authorities within 72 hours as required by applicable law.

8. International Data Transfers

MerchIntel operates from the United States. If you access our service from outside the US, your data may be transferred to and processed in the United States.

For transfers from the European Economic Area, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission. Our processors (Google, Stripe, Cloudflare) maintain their own SCCs and data protection safeguards.

9. Children's Privacy

MerchIntel is not intended for anyone under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 16, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at support@merchintel.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy on this page with a new "Last Updated" date. For significant changes (such as new data uses or sharing practices), we may also notify you by email.

Your continued use of MerchIntel after changes are posted constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or want to exercise your privacy rights, contact us:

Email: support@merchintel.com

Website: merchintel.com

We aim to respond to all privacy-related inquiries within 30 days.