Legal

Privacy Policy

What data we collect when you connect your commerce stack, how we use it, who processes it on our behalf, and how to reach our DPO.

Draft, pending counsel review Last updated · May 14, 2026

Overview

margininfo is operated by Margininfo, Inc. ("margininfo", "we", "us"). This Privacy Policy explains what data we collect about you and the commerce workspaces you bring online, how we use it, who we share it with, and the rights you have over it.

We sell a B2B product to commerce operators. Most of the data we process is workspace data belonging to the business that signs up, not personal data about individual consumers. Where this policy addresses your rights as an individual, those rights flow through the workspace owner that controls the account.

Data we collect

We collect the data we need to deliver the product, bill for it, support it, and keep it safe. We do not collect data for resale, ad targeting, or training shared models.

Account data

Name, work email, role, and authentication identifiers (OAuth subject ID, hashed password, MFA factors). Captured when you create or are invited to a workspace.

Connected commerce data

When a workspace owner connects a system (Shopify, Amazon, TikTok Shop, Meta Ads, Google Ads, Klaviyo, ShipStation, NetSuite, etc.) we ingest the operational records needed to compute true contribution profit: orders, refunds, line items, ad spend, campaign metadata, fulfillment events, and SKU/cost data. We ingest only the scopes the workspace owner authorizes.

All connectors are read-only on initial connection. Write actions (e.g. pausing an ad set or repricing a bundle) are opt-in per integration and require a human approval inside the workspace.

Usage and telemetry

Operational telemetry, anonymous page views, feature events, error stacks, and performance traces. Used to fix bugs and improve the product. We do not sell or rent this data.

Billing data

Billing contact, invoicing address, and a payment method tokenized by our payment processor (Stripe). margininfo never stores raw card numbers.

How we use it

We use the data above to provide the product (investigations, true-profit computation, optimization), bill workspaces under the plan they selected, send transactional and security-relevant emails, prevent abuse, and meet our legal obligations.

We use commerce data only to serve the workspace it belongs to. We do not train shared foundation models on customer data. We do not build cross-workspace lookalike audiences or benchmark products that expose another workspace's numbers.

Aggregate, de-identified statistics, for example, "the average margininfo workspace recovers $X/month in true profit", may appear in marketing material, but only after k-anonymity thresholds that make it mathematically impossible to attribute a number back to a specific customer.

Sub-processors

We use a small number of sub-processors to host the product, deliver email, run the AI agent, and keep the lights on. The full list, including purpose, region, and certifications, lives at /subprocessors and is part of our DPA by reference.

We announce new sub-processors at least 30 days before they begin processing customer data, giving workspace owners an opportunity to object or terminate.

Retention

Workspace data is retained for as long as the workspace remains active. On deletion of a workspace, we remove customer data from active systems within 30 days and from encrypted backups within an additional 60 days.

Operational logs (security events, audit logs, billing history) are retained for up to 24 months to meet our security and tax obligations.

You can request earlier deletion of an individual record (subject to legal retention obligations) by emailing privacy@margininfo.com.

Your rights

Depending on where you live, you have rights to access, correct, export, delete, restrict, or object to processing of your personal data. We extend these rights to all users globally, regardless of residency.

If you are an end user of one of our customers (e.g. a shopper of a brand that uses margininfo), the workspace owner is the data controller and you should direct requests to them first; we will support them in responding.

Security

All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Secrets are isolated per workspace and are never exposed to the agent's reasoning context. Money-moving actions are logged with the prompt, the simulation, the approver, and the outcome.

Our full security posture lives in the Security Trust Center, including SOC 2 status, vulnerability disclosure, and the security pack available under NDA.

Contact our DPO

Questions, requests, or complaints can be sent to our Data Protection Officer at dpo@margininfo.com. We respond within 30 days.

If you are in the EU/UK and prefer to escalate, you may contact your local supervisory authority. We will do our best to resolve concerns directly first.

This Privacy Policy is provided in good faith and is being finalised by counsel. Until counsel review completes, it is a working draft and may be updated; meaningful changes will be announced to workspace owners 30 days before they take effect.