How It Works Approach Features Who It's For Knowledge Hub Glossary FAQ Contact Us

Privacy Policy

Last updated: January 2026

About e-xponetix

e-xponetix is a working capital management platform for Amazon FBA sellers. This privacy policy explains how we collect, use, protect, and handle your business data.

What We Collect

Business Operating Data

  • Amazon Sales Data: Transaction history, order details, marketplace settlement data (from Amazon Payments Reports)
  • Inventory Data: Stock levels, warehouse balances, in-transit quantities, customer shipments (from Amazon Inventory Ledger)
  • Supplier Information: Company names, payment terms (First Payment Share, Days to First/Second Payment), lead times, VAT rates, minimum order requirements
  • Pricing Data: Purchase prices from suppliers, selling prices on Amazon marketplaces
  • Demand Forecasts: Your uploaded demand predictions by product-marketplace-date

Sensitive Commercial Data

  • Supplier costs and margins
  • Payment terms and working capital arrangements
  • Product performance metrics (DIO, DPO, DSO, CCC)
  • Financial calculations and optimisation results
  • Cash flow projections

Account Information

  • Email address (for authentication)
  • Company name and details
  • User preferences and settings

How We Use Your Data

Service Delivery

  • Financial Analysis: Calculate working capital metrics (DPO, DIO, DSO, CCC, ROI rankings, and other metrics)
  • Optimisation: Run MILP algorithms to recommend purchase quantities within budget constraints
  • Forecasting: Generate delivery, payment, sales, payout and cash flow forecasts
  • Reporting: Display dashboards, charts, and tables with your business insights

Service Improvement

  • Monitor system performance and reliability
  • Fix bugs and improve user experience
  • Develop new features based on usage patterns

What We DO NOT Do

  • Never share your specific costs, suppliers, margins, or pricing with third parties
  • Never use your data to compete with you
  • Never sell your data to anyone
  • No cross-contamination: Your data is isolated from other users through row-level security

Legal Basis for Processing (UK GDPR)

  • Contract: Processing necessary to provide the service you requested
  • Legitimate Interests: Improving platform security, reliability, and functionality
  • Consent: Only for optional marketing communications (you can opt out anytime)

Data Security

Technical Measures

  • Encryption: All data encrypted at rest and in transit (industry-standard encryption via Supabase)
  • Row-Level Security (RLS): Database policies ensure you can only access your company's data
  • Multi-Tenant Isolation: Each company's data is strictly segregated through company_id checks
  • Authentication: Secure one-time password (OTP) email authentication
  • Access Control: Users can only view data for companies they belong to

Organisational Measures

  • Regular security updates and monitoring
  • Secure infrastructure (Supabase/AWS)
  • Access logs for auditing

Your Data Rights (UK GDPR)

You have the right to:

  1. Access: Request a copy of all your personal and business data
  2. Rectification: Correct any inaccurate data
  3. Erasure: Delete all your data via Settings → Danger Zone ("right to be forgotten"). Deletion is immediate and permanent.
  4. Data Portability: Export your data in standard formats (CSV)
  5. Object: Object to certain types of processing
  6. Restrict Processing: Ask us to temporarily stop processing your data
  7. Complain: Lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk

To exercise these rights, use the self-service options in your account settings or contact us at info@e-xponetix.com.

Account and Data Deletion

You can delete your company and all associated data at any time via Settings → Danger Zone. When you delete a company:

  • Immediate Deletion: All company data is permanently deleted immediately, including products, suppliers, pricing, marketplaces, inventory, orders, and calculations
  • User Account: If this is your only company, your user account will also be permanently deleted
  • Irreversible: This action cannot be undone

Data Retention

  • Active Accounts: We retain your data while your account is active
  • Self-Service Deletion: Data is deleted immediately when you use the delete function in Settings
  • Calculation History: Historical analysis results are retained with your active data until deletion
  • Backups: Standard backup retention for disaster recovery (7 days)

Data Sharing and Third Parties

Service Providers

  • Supabase (Database and Authentication): Hosts your data securely
  • Trigger.dev (Background Jobs): Processes analysis tasks
  • Railway (Application Hosting): Hosts and runs the web application
  • Email Service: Sends authentication codes

All service providers are contractually bound to protect your data and use it only for providing our service.

No Data Selling

We do not sell, rent, or trade your data to anyone for any purpose.

International Data Transfers

Your data is stored and processed in the European Union / eu-north-1. If data is transferred outside these regions, we ensure adequate safeguards are in place (such as Standard Contractual Clauses).

Confidentiality Commitment

We treat your business data as confidential commercial information:

  • Your supplier names, costs, and terms remain private
  • Your pricing strategies and margins are never disclosed
  • Your inventory levels and sales data stay confidential
  • You retain all intellectual property rights to your business data

Data You Upload

You are responsible for ensuring you have the right to upload data to e-xponetix:

  • Amazon data (ensure compliance with Amazon's terms)
  • Supplier information (ensure you have rights to share this data)
  • Forecast data (ensure accuracy and appropriate usage rights)

Cookies and Tracking

We use minimal cookies:

  • Authentication: Session management for login
  • Preferences: User interface settings (e.g., sidebar state, locale)
  • No Advertising Cookies: We do not use cookies for advertising or tracking across sites

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by:

  • Updating the "Last updated" date
  • Sending email notification for material changes
  • Posting a notice in the application

Continued use after changes means you accept the updated policy.

Children's Privacy

e-xponetix is a business tool not intended for use by individuals under 16 years old. We do not knowingly collect data from children.

Contact Us

For privacy questions, data requests, or concerns:

Email: info@e-xponetix.com

For UK GDPR complaints, you can also contact the ICO:

Your Responsibilities

  • Verify all recommendations independently before making business decisions
  • Keep your login credentials secure
  • Ensure data you upload is accurate and you have rights to use it
  • Review forecasts and optimisation results with appropriate business judgment

This privacy policy is designed to be transparent about how we handle your sensitive business data while providing valuable working capital management insights.

Join the Free Beta

Be among the first to experience cash flow optimization.