Privacy & Data Protection
Last updated: 13 July 2026
This policy explains how SmitIQ Ltd ("SmitIQ", "we", "us") collects, uses, secures and retains personal data — both on this website and inside our products, including data we handle on behalf of Amazon sellers. We are the data controller for this website; contact details are at the end of this page.
Who we are
SmitIQ Ltd is a software company registered in England & Wales (company no. 17322822). Our registered office address is stated in our Terms of Use. We build and operate SaaS products for ecommerce businesses, including ProfitEdge, a platform for Amazon sellers.
What we collect on this website
- Contact form: your name, email address and message — used solely to respond to your enquiry.
- Technical logs: our hosting infrastructure (Amazon Web Services) records standard request logs, such as IP address, timestamp and pages requested, used for security monitoring and troubleshooting.
This website does not use advertising or cross-site tracking cookies.
What our products collect
When an Amazon seller connects ProfitEdge to their Amazon selling account, we access data through Amazon's Selling Partner API strictly to deliver the services the seller has asked for: sales and profit analytics, fee breakdowns, inventory and listing synchronisation, and operational reporting. This may include order data, listing data, fee data and, where a service requires it, limited customer information contained in orders.
How we use data
- To provide, operate and support our products and this website.
- To respond to enquiries you send us.
- To meet our legal and security obligations.
We do not sell personal data, use it for advertising, or share it with third parties except the service providers that host and run our infrastructure (principally Amazon Web Services), under contracts that protect it.
Amazon data — our commitments
Data received through Amazon's Selling Partner API is handled in line with Amazon's Acceptable Use Policy and Data Protection Policy:
- We retrieve only the data needed to deliver the services described above, and use it for no other purpose.
- Amazon data is encrypted in transit (TLS) and at rest.
- Access is restricted to least-privilege roles; credentials and API tokens are stored in secured, access-controlled systems and are never embedded in code.
- Personally identifiable information from orders is retained no longer than needed to deliver the service and is deleted or anonymised after no more than 30 days, unless the seller requires it for a longer period permitted by Amazon's policies (for example, tax records).
- We do not disclose Amazon data to third parties except sub-processors required to operate the service, bound by equivalent obligations.
Legal bases (UK GDPR)
- Contract: operating our products for customers who sign up to them.
- Legitimate interests: responding to enquiries, securing our systems.
- Legal obligation: records we must keep by law.
Retention
- Contact form messages: kept while we handle your enquiry and for up to 12 months afterwards, then deleted.
- Product data: kept while the customer's account is active; deleted or anonymised on account closure, subject to the Amazon-data limits above and any legal retention duties.
- Technical logs: rotated automatically on a short cycle.
Your rights
Under UK data protection law you can ask us for access to, correction of, or deletion of your personal data, object to or restrict processing, and ask for portability. You can also complain to the Information Commissioner's Office (ico.org.uk). To exercise any right, email us — we respond to data queries within one calendar month.
Contact for data queries
Email contact@smitiq.com, or write to Data Protection, SmitIQ Ltd, at our registered office (stated in our Terms of Use).
Changes to this policy
If we change this policy we will update this page and the date at the top. Significant changes affecting product customers will be notified by email.