Amazon Listing AuditorSign In

Privacy Policy

Effective date: March 1, 2025

1. Introduction

TaskOn AI, Inc. (“we”, “us”, or “our”) operates Amazon Listing Auditor (“Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

Information You Provide

  • Account information: name, email address, password (hashed, never stored in plain text)
  • Organization information: organization name, billing details
  • Connection credentials: Amazon Vendor Central API keys and Salsify API keys (encrypted with AES-256-GCM)
  • Product data: product information synced from your connected data sources

Information Collected Automatically

  • Usage data: pages visited, features used, audit history
  • Device and browser information
  • IP address and general location (country/region)
  • Error and performance data via Sentry
  • Aggregate analytics via Vercel Analytics

3. How We Use Your Information

  • To provide and operate the Service, including running listing audits and generating reports
  • To authenticate your identity and maintain your session
  • To process payments and manage your subscription via Stripe
  • To send transactional emails (audit results, alerts, team invitations) via Resend
  • To monitor and improve Service performance and reliability
  • To respond to support requests and communicate about your account

4. How We Share Your Information

We do not sell your personal data. We may share information with:

  • Service providers: Neon (database), Vercel (hosting), Stripe (payments), Resend (email), Inngest (background jobs), Sentry (error monitoring) — each bound by appropriate data processing agreements
  • Team members: Users you invite to your organization can access your organization’s product and audit data per their role permissions
  • Legal requirements: When required by law or to protect our rights

5. Data Security

We implement industry-standard security measures to protect your data:

  • All data transmitted over HTTPS with HSTS enabled
  • Third-party API credentials encrypted at rest using AES-256-GCM
  • Passwords hashed using bcrypt — never stored in plain text
  • Session tokens rotated regularly and scoped to individual users
  • All database queries scoped by organization ID to prevent cross-tenant data access

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. You may request deletion of your account and associated data by contacting us. Some data may be retained for legal or legitimate business purposes after account closure.

7. Your Rights

Depending on your location, you may have rights to:

  • Access, correct, or delete your personal data
  • Object to or restrict certain processing of your data
  • Data portability (receive your data in a machine-readable format)
  • Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@taskon.ai.

8. Cookies

We use cookies solely for authentication (session tokens) and CSRF protection. We do not use advertising or tracking cookies. Third-party analytics (Vercel Analytics) use privacy-preserving, cookieless measurement.

9. Children's Privacy

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice in the Service. Continued use after changes constitutes acceptance of the revised Policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, contact us at:

TaskOn AI, Inc.
639 Alder Ln
Walnut, CA 91789
privacy@taskon.ai