Privacy Policy

Last updated: June 2026

1. Introduction

Welcome to ball8n.

We take the protection of your personal data seriously and are committed to processing your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

This Privacy Policy explains how ball8n collects, uses, stores, and protects your personal information when you visit our website, create an account, or use our services.

2. Data Controller

The data controller responsible for the processing of personal data is:

ball8n GbR
Donaustraße 44
12043 Berlin
Germany
Email: contact@ball8n.com

3. Information We Collect

Information You Provide

When you use our website or services, we may collect:

  • Name
  • Email address
  • Company name
  • Billing information
  • Account credentials
  • Communications with us
  • Any information you voluntarily provide

Information Collected Automatically

When you visit our website, certain information may be collected automatically, including:

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Referring website
  • Pages visited
  • Date and time of access
  • Usage and interaction data

Information from Connected Services

If you connect third-party services such as Amazon Seller Central or other integrations, we may collect:

  • Product information
  • Pricing data
  • Sales performance metrics
  • Inventory information
  • Experiment and testing results
  • Other data necessary to provide our services

We only process such information as required to deliver and improve the ball8n platform.

4. How We Use Your Information

We use personal data for the following purposes:

  • Providing and maintaining our services
  • Creating and managing user accounts
  • Delivering pricing experimentation and analytics features
  • Responding to inquiries and support requests
  • Improving platform functionality and user experience
  • Ensuring security and fraud prevention
  • Complying with legal obligations
  • Sending product updates and communications where permitted

5. Legal Basis for Processing

Where the GDPR applies, we process personal data based on one or more of the following legal grounds:

  • Contract Performance — Article 6(1)(b) GDPR. To provide the services requested by users.
  • Legal Obligations — Article 6(1)(c) GDPR. To comply with applicable laws and regulations.
  • Legitimate Interests — Article 6(1)(f) GDPR. For platform security, service improvement, fraud prevention, and business operations.
  • Consent — Article 6(1)(a) GDPR. Where consent is required, such as for marketing communications or non-essential cookies.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve our website. Cookies may be used to:

  • Maintain user sessions
  • Remember preferences
  • Analyze website performance
  • Improve user experience

Where legally required, non-essential cookies are only used with your consent.

You can manage cookie preferences through your browser settings.

7. Data Sharing

We do not sell personal data. We may share information with:

  • Hosting providers
  • Cloud infrastructure providers
  • Analytics providers
  • Payment processors
  • Professional advisors
  • Authorities where required by law

All third-party service providers are required to protect personal data and process it only for authorized purposes.

8. International Data Transfers

Some service providers may process data outside the European Economic Area (EEA). Where such transfers occur, we implement appropriate safeguards, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions
  • Other legally recognized transfer mechanisms

9. Data Retention

We retain personal data only for as long as necessary to:

  • Provide our services
  • Fulfill contractual obligations
  • Comply with legal requirements
  • Resolve disputes
  • Enforce agreements

When personal data is no longer required, it will be securely deleted or anonymized.

10. Security

We implement appropriate technical and organizational measures designed to protect personal data against:

  • Unauthorized access
  • Disclosure
  • Alteration
  • Loss
  • Destruction

However, no method of transmission or storage can be guaranteed to be completely secure.

11. Your Rights

If you are located in the European Economic Area, you may have the following rights:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time

To exercise any of these rights, please contact us at: contact@ball8n.com

12. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that personal information from a child has been collected, we will take steps to delete it promptly.

13. Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third-party sites. Users should review the privacy policies of any third-party services they visit.

14. Supervisory Authority

If you believe that the processing of your personal data violates applicable data protection laws, you have the right to lodge a complaint with a supervisory authority.

For users in Germany, the relevant authority may be: Berliner Beauftragte für Datenschutz und Informationsfreiheit

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or business practices. The latest version will always be available on our website, and the "Last updated" date will be revised accordingly.

16. Contact

If you have any questions regarding this Privacy Policy or our data processing practices, please contact:

ball8n GbR
Donaustraße 44
12043 Berlin
Germany
Email: contact@ball8n.com


Amazon Data Protection & Handling Policy

Data Minimization & Retention:

ball8n strictly adheres to Amazon's Data Protection Policy. Personally Identifiable Information (PII) is retained for no longer than 30 days after order delivery. Non-PII marketplace data is retained for a maximum of 18 months. Internal security and access logs are retained for a minimum of 12 months.

Data Encryption:

All Amazon Information is encrypted in transit using HTTPS with TLS 1.2 or higher. All data at rest, including databases and backups, is encrypted using industry-standard AES-256 encryption via a dedicated Key Management System (KMS).

Data Deletion:

Upon request or account termination, all Amazon Information is permanently and securely deleted from our active systems within 30 days using industry-standard media sanitization processes (such as NIST 800-88).

Incident Management Point of Contact (IMPOC):

ball8n GbR maintains a dedicated Incident Management Point of Contact (IMPOC) available 24/7 for security escalations. Our IMPOC can be reached at contact@ball8n.com. In the event of any actual or suspected security incident or unauthorized access involving Amazon Information, our IMPOC will notify Amazon at security@amazon.com within 24 hours of detection.