Privacy Policy

1. Who We Are

Agileninjas Tech Private Limited / Konex.System

2. Scope of This Policy

This Privacy Policy applies to:

Visitors of konex.systems, atninjas.com, agileninjas.tech
Users who create an account on our platform
Merchants / sellers who connect one or more marketplaces or stores
Authorized users and team members of those merchants
Any other individual whose data is processed as part of order, shipping, or inventory operations via our platform

It does not cover the privacy practices of marketplaces (e.g., Amazon, Flipkart, Shopify, etc.), payment providers, or other third-party services that you use independently.

3. Information We Collect

We collect information in three main categories:

3.1 Information You Provide to Us

Name, company name, and job title
Email address and contact details
Account login credentials (stored in hashed form, not plain text)
Billing and invoicing details (if you purchase a subscription)
Support communications and feedback

3.2 Marketplace & Store Data (via APIs and Integrations)

When you connect marketplaces or stores (for example, Amazon, Flipkart, Myntra, Shopify, Magento, WooCommerce, etc.), we may process:

Order data
- Order IDs, timestamps, order status
- Product details, quantities, prices, discounts, taxes
Buyer/delivery information (PII)
- Recipient name
- Shipping/billing address
- Phone number
- Email address
Product & catalog data
- SKUs, titles, descriptions, images, attributes
- Pricing, stock levels, categories
Fulfillment and shipping data
- Warehouse or 3PL details
- Shipping methods, tracking numbers, carriers
Reports and performance data
- Settlement/reconciliation reports
- Operational metrics required for your own analytics

For Amazon specifically, we access only the data allowed by the Amazon Selling Partner API roles you authorize and follow Amazon’s AUP and Data Protection Policy.

3.3 Automatically Collected Technical Data

When you use our website or app, we may collect:

IP address and general location (city/country-level)
Browser type and version, operating system, device type
Referring URLs and pages visited
Log data such as timestamps, request metadata, and performance metrics
Cookies and similar technologies (see Section 8)

We do not record full Amazon or marketplace login passwords. Access is granted via secure OAuth or API credential flows.

4. How We Use the Information

We use collected information to:

Provide and operate our multi-marketplace integration and automation platform
Sync orders, inventory, listings, pricing, and fulfillment data between channels
Send order and shipping details to warehouses/3PLs to generate labels and complete deliveries
Provide dashboards, reports, and seller-specific analytics and insights
Manage customer support, bug fixes, and service improvements
Enforce security, fraud detection, and access control
Meet legal, accounting, and compliance obligations

We do not:

Sell personal data to third parties
Use marketplace data to build cross-seller analytics or expose competitor insights
Publish or sell insights about any marketplace’s own business performance

5. Legal Bases for Processing (Where Applicable)

Depending on your jurisdiction, we rely on one or more of the following legal bases:

Contractual necessity – to provide the Services you subscribe to
Legitimate interests – to secure and improve our platform, prevent abuse, and support customers
Consent – for certain cookies, marketing communications, or optional features
Legal obligations – to comply with bookkeeping, tax, or regulatory requirements

6. How We Share Information

We only share information when necessary and under strict safeguards.

6.1 Warehouse, Fulfillment, and Logistics Partners

If you connect a warehouse, fulfillment center, or 3PL via KoneX, we share the minimum necessary data to fulfill orders:

Recipient name
Shipping address
Phone number and/or email
Order items, quantities, and special instructions

This data is shared only for order fulfillment, typically via API, SFTP, or other encrypted channels.

6.2 Cloud Hosting and Infrastructure Providers

We use reputable cloud providers (e.g., for compute, databases, storage, backup, logging) to host our platform. These providers act as data processors and are bound by contractual and technical safeguards:

Encryption at rest and in transit
Access controls and least-privilege principles
No use of data for their own marketing or profiling

6.3 Other Service Providers

We may use third-party tools for:

Email delivery and communications
Error tracking and performance monitoring
Analytics on our own website usage (non-PII or aggregated where possible)
Payment processing (where applicable)

These providers receive only the data needed to perform their services and are not allowed to use it for other purposes.

6.4 Legal and Compliance

We may disclose information if required by law, regulation, court order, or to protect our rights, security, or the rights and safety of others.

6.5 No Unauthorized Sharing of Marketplace Data

We do not:

Share Amazon or other marketplace data with unrelated third parties (e.g., marketers, data brokers)
Sell or license marketplace data
Expose one merchant’s data to another merchant

7. Data Retention

We retain data only as long as necessary for the purposes described above or as required by law.

Operational data about your account and settings – for as long as your account is active and for a reasonable period thereafter (e.g., for legal or accounting reasons).
Marketplace order and PII data – typically retained only for the period needed for order processing, customer support, reconciliation, or dispute resolution. For certain marketplaces like Amazon, PII may be retained no longer than 31 days after order shipment, unless a longer period is required by law or explicitly allowed.
Backups – stored for limited periods and then deleted or overwritten according to our backup rotation policies.

We periodically review and securely delete data that is no longer needed.

8. Cookies and Similar Technologies

We may use cookies and similar technologies to:

Maintain session state and keep you logged in
Remember your preferences and settings
Improve site performance and user experience
Collect usage statistics in aggregate form

You can control cookies via your browser settings. Disabling certain cookies may affect the functionality of the Services.

9. Security Measures

We take security very seriously and implement multiple layers of protection, including:

Encryption at rest: Databases and storage containing customer and marketplace data are encrypted (e.g., AES-256).
Encryption in transit: All communication between your browser, our services, and integrated systems uses HTTPS/TLS.
Network security: Use of VPCs, private subnets, firewalls, security groups, network ACLs, and WAF to restrict public access.
Access control: Role-based access, least-privilege IAM, strong password policies, account lockout, and mandatory MFA for administrative access.
Endpoint security: Managed devices, EDR/antivirus, full-disk encryption, OS patching.
Logging and monitoring: Centralized logging of security events, anomaly detection, and alerting.
Secure development: Code reviews, dependency checks, vulnerability scanning, and test environments with no production PII.

No system is perfectly secure, but we continuously monitor and enhance our security program.

10. Incident Response

If we detect or suspect a security incident involving personal data or marketplace data, we follow a structured incident response process:

Detection & triage – investigate alerts or reports of suspicious activity.
Containment – isolate affected systems, revoke or rotate credentials, block malicious traffic.
Eradication & recovery – patch vulnerabilities, remove malicious artifacts, and restore from clean backups.
Assessment – determine the scope, including whether personal data or marketplace data was affected.
Notification – where required by law or marketplace policy, notify affected merchants, relevant regulators, and impacted marketplace partners (e.g., Amazon) within the specified timelines.
Post-incident review – document root causes and improve controls to prevent recurrence.

11. Your Rights and Choices

Depending on your jurisdiction, you may have the right to:

Access personal data we hold about you
Request correction or deletion of your personal data
Restrict or object to certain processing
Data portability (receive a copy in structured format)
Withdraw consent where processing is based on consent
Lodge a complaint with a supervisory authority

We may need to verify your identity before processing certain requests. For requests related to marketplace buyer data, we may redirect you to the relevant merchant or marketplace where appropriate.

To exercise your rights, contact us at [privacy@konex.systems].

12. Children’s Privacy

Our Services are not intended for children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us information, please contact us so we can delete it.

13. International Data Transfers

Because we operate a cloud-based platform, data may be processed in multiple countries. Where required, we implement appropriate safeguards such as standard contractual clauses, data processing agreements, and technical measures (encryption, access controls) to protect data during cross-border transfers.

14. Third-Party Links

Our website or platform may contain links to third-party sites or services. We are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you use.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The “Last Updated” date at the top indicates the latest revision. Significant changes will be communicated through our website or, where appropriate, by email or in-app notifications.

Your continued use of the Services after changes are posted constitutes your acceptance of the revised policy.

16. How to Contact Us

For any questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us at:
Email: [support@atninjas.com]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.