Privacy Policy

Last updated: 2 March 2026

ScoreMyASIN ("we", "our", "us") is a product scoring tool for Amazon sellers, operated by WH Limited. This policy explains how we collect, use, and protect your personal data when you use our web dashboard and Chrome extension.

1. Data We Collect

We collect only the minimum data necessary to provide the service:

• Account information: Your email address (used for login and communication). If you register with a password, we store a salted cryptographic hash — we never store or see your plain-text password.
• Evaluation data: The ASINs you evaluate, buy prices you enter, and the scoring results. This is stored against your account so you can access your history.
• Profile settings: Your minimum margin, profit targets, marketplace preference, and any other settings you configure.
• Payment data: If you subscribe to a paid plan, payment processing is handled entirely by Stripe. We do not store your card number, CVC, or any payment details on our servers. We receive only your Stripe customer ID and subscription status.

2. Chrome Extension Data

The ScoreMyASIN Chrome extension:

• Reads the current Amazon product page URL to extract the ASIN (product identifier), product title, brand, and listed price.
• Sends this data to our server for scoring. No data is collected from non-Amazon pages.
• Stores your authentication token locally in chrome.storage.sync so you remain logged in across sessions.
• Does not track your browsing history, does not collect data from any website other than Amazon product pages, and does not inject advertising.

3. How We Use Your Data

• To provide product scoring and evaluation results
• To maintain your evaluation history and profile settings
• To send login links via email (if using magic link authentication)
• To manage your subscription and billing status
• To monitor system health and prevent abuse (rate limiting, usage tracking)

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Third-Party Services

We use the following third-party services to operate ScoreMyASIN:

• Keepa — for Amazon product data (BSR, pricing history, seller information). We send ASINs to Keepa; no personal data is shared.
• Amazon SP-API — for fee estimation and gating checks. If you connect your Amazon Seller account, your Selling Partner credentials are stored securely and used only for these checks.
• Stripe — for payment processing. See Stripe's Privacy Policy.
• Resend — for sending login emails. See Resend's Privacy Policy.
• Railway — for hosting. Our server and database run on Railway's infrastructure.

5. Data Storage and Security

• Your data is stored in a PostgreSQL database hosted on Railway's infrastructure.
• All connections to our service use HTTPS encryption.
• Passwords are hashed using scrypt with unique salts.
• Session tokens expire after 30 days and magic link tokens expire after 15 minutes.
• We do not store your data longer than necessary. You can request deletion at any time.

6. Your Rights

Under UK GDPR, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Object to processing of your data

To exercise any of these rights, contact us at the email below.

7. Cookies

The ScoreMyASIN dashboard uses localStorage to store your session token and email for authentication. We do not use tracking cookies, analytics cookies, or any third-party cookies.

8. Children

ScoreMyASIN is a business tool designed for Amazon sellers. We do not knowingly collect data from anyone under the age of 18.

9. Changes

We may update this policy from time to time. Material changes will be communicated via the email associated with your account. The "Last updated" date at the top of this page reflects the most recent revision.

10. Contact