Privacy Policy

Last updated: 11 August 2025

This Privacy Policy explains how Vilmar Trading (“Vilmar Trading”, “we”, “us”, “our”) collects, uses, discloses, and protects information about you when you visit vilmartrading.com, communicate with us, or use our products, apps, and services that link to this Policy (collectively, the “Services”).

Quick summary: We collect only what we need to provide and improve our Services. We do not sell personal information. If you connect an Amazon account or we access Amazon data via an Amazon API, we use it only for the purposes disclosed here and required by Amazon, store it securely, and retain it only as long as necessary.

1) Who we are & contact details

Controller/Business: Vilmar Trading
Registered entity: Vilmar Trading Pty Ltd
Email: privacy @ vilmartrading.com
Data Protection Contact: Privacy Officer

2) What we collect

(a) Information you provide

  • Contact details (name, email, phone), account credentials, support messages.
  • Business details you submit to use our Services.
  • Payment details (processed by our payment processor; we do not store full card numbers).

(b) Information we collect automatically

  • Device and usage data (IP address, browser type, pages viewed, referring/exit pages, timestamps).
  • Cookies and similar technologies for essential site functions, analytics, and preferences. See “Cookies & tracking”.

(c) Information from third parties

  • Amazon data obtained via Amazon services you connect to us (e.g., Login with Amazon, Amazon Ads/Attribution, Amazon Selling Partner API, or other Amazon developer APIs). See “Use of Amazon data” below.
  • Analytics and anti-fraud providers (aggregated or pseudonymous data).

3) How we use information

  • Provide, maintain, and improve the Services; fulfill requests; operate accounts and features you enable.
  • Authenticate users and secure the Services; prevent fraud, abuse, and misuse.
  • Customer support and service communications.
  • Analytics to understand usage and improve performance and user experience.
  • Legal compliance and to enforce our terms or protect rights, safety, and property.
  • With your consent, send marketing or product updates (you can opt out anytime).

4) Use of Amazon data (for Amazon Developers)

When you choose to connect or use features that rely on Amazon services (e.g., Login with Amazon, Amazon Ads/Attribution, Amazon Selling Partner API, or other Amazon developer APIs), we will handle any data obtained from Amazon (“Amazon Data”) as follows:

  • Purpose limitation: We access, use, retain, and disclose Amazon Data only as necessary to provide the feature you requested, to comply with law, or as otherwise permitted by Amazon policies and your settings/consents.
  • Least privilege & minimization: We request the minimum scopes/permissions required and limit access to authorized personnel with a need to know.
  • No selling or linking for targeted advertising: We do not sell Amazon Data, nor combine it with third-party data to build profiles for cross-context behavioral advertising.
  • Storage & security: Amazon Data is transmitted over TLS and stored using industry-standard encryption and access controls.
  • Retention: We retain Amazon Data only as long as needed for the permitted purpose(s) or as required by law. If you disconnect your Amazon account or revoke permissions, we will delete or de-identify Amazon Data within a reasonable period unless retention is legally required.
  • Sharing: We do not share Amazon Data except with (i) service providers under contract to process it on our behalf in accordance with this Policy and Amazon requirements, (ii) as required by law, or (iii) with your consent.
  • User controls: You can revoke access via your Amazon account settings and/or by contacting us (see “Your rights & choices”).
  • Tokens & credentials: We protect any Amazon tokens/credentials and do not expose or embed them client-side.
  • Contract: To provide and administer the Services you request.
  • Legitimate interests: To secure, operate, and improve the Services, and to prevent fraud (balanced against your rights).
  • Consent: For optional cookies/analytics and marketing where required.
  • Legal obligation: To meet regulatory and record-keeping requirements.

6) Sharing of information

  • Service providers: Hosting, analytics, payment processing, email, support tooling under confidentiality and data-processing terms.
  • Business transfers: In a merger, acquisition, or asset sale, your information may transfer as part of the transaction, subject to this Policy.
  • Legal: When required by law or to protect rights, safety, and property.
  • With your consent: We may share in other ways with your explicit permission.

7) International data transfers

If we transfer your information outside your country/region, we will do so using appropriate safeguards (e.g., contractual clauses or equivalent mechanisms) as required by applicable law.

8) Retention

We keep personal information only as long as needed for the purposes described or as required by law. Typical retention:

  • Account data: while your account is active and for up to [X months/years] after closure.
  • Transactional records: for [X years] to meet tax/accounting obligations.
  • Amazon Data: for the minimum time necessary to provide the connected feature or until you revoke access, then deleted or de-identified within a reasonable period unless legally required to retain.

9) Security

We use administrative, technical, and physical safeguards designed to protect personal information, including TLS in transit, encryption at rest (where applicable), least-privilege access, and regular monitoring. No system is 100% secure; please protect your account credentials and contact us if you suspect unauthorized activity.

10) Your rights & choices

(a) Rights under GDPR/UK GDPR (EEA/UK)

You may have the right to request access, correction, deletion, restriction, portability, and to object to certain processing. Where processing is based on consent, you can withdraw it at any time.

(b) Rights under CCPA/CPRA (California)

California residents can request to know/access specific pieces and categories of personal information we collect, request deletion, correct inaccurate information, and opt out of sharing for cross-context behavioral advertising (we do not sell personal information). We will not discriminate against you for exercising your rights.

(c) Other regions

You may have similar rights under your local laws. We will honor valid requests as required.

(d) Exercising your rights

To submit a request, contact us at [privacy @ vilmartrading.com]. We may need to verify your identity. Authorized agents (where allowed by law) can submit on your behalf with proof of authorization.

11) Cookies & tracking

We use cookies and similar technologies:

  • Essential: Required for core site functionality.
  • Analytics: To understand and improve how the Services are used (e.g., page performance and aggregate usage). Where required, we will ask for your consent.
  • Preferences: To remember your settings.

You can control cookies through your browser settings. Some features may not work properly without essential cookies.

12) Children’s privacy

Our Services are not directed to children under 13 (or the age required by your jurisdiction), and we do not knowingly collect personal information from them. If you believe a child has provided personal information to us, please contact us to request deletion.

13) Third-party links & services

Our Services may link to third-party sites or integrate third-party features. Their privacy practices are governed by their own policies, not this one.

14) Changes to this Policy

We may update this Privacy Policy from time to time. We will post the updated version with an effective date. Material changes will be highlighted or otherwise notified as appropriate.

15) How to contact us

Email: [privacy@vilmartrading.com]
If you are in the EEA/UK, you may also lodge a complaint with your local supervisory authority.