Privacy Policy

Last updated: January 30, 2025

1. Information We Collect

1.1 Personal Information You Provide

When you use our account reinstatement services, we may collect the following personal information:

• Contact Information: Name, email address, phone number, mailing address
• Account Information: Marketplace seller account details, account IDs, usernames
• Business Information: Company name, business registration details, tax identification numbers
• Financial Information: Payment information, billing addresses, transaction history
• Communication Data: Correspondence with our team, support tickets, consultation notes
• Service-Related Documents: Suspension notices, invoices, supplier agreements, product documentation
• Identity Verification: Government-issued IDs, business licenses (when required)

1.2 Information Collected Automatically

When you access our website or services, we automatically collect certain information:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent on pages, click patterns, referral sources
• Cookies and Tracking: Session cookies, analytics cookies, preference settings
• Log Data: Server logs, error reports, system activity

1.3 Information from Third Parties

We may receive information from third-party services when you authorize connections, including marketplace platforms, payment processors, and analytics providers.

2. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: Provide account reinstatement services, prepare appeals, draft Plans of Action
• Client Communication: Respond to inquiries, provide updates, send case progress reports
• Account Management: Create and manage your client account, process payments, maintain records
• Service Improvement: Analyze usage patterns, improve our services, develop new features
• Legal Compliance: Comply with legal obligations, respond to legal requests, enforce our terms
• Fraud Prevention: Detect and prevent fraudulent activity, protect our systems and users
• Marketing Communications: Send newsletters, promotional offers, service announcements (with consent)
• Research and Analytics: Generate anonymized statistics, conduct market research, create case studies

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data under the following legal bases:

• Contract Performance: Processing necessary to fulfill our service agreement with you
• Legitimate Interests: Processing for business operations, fraud prevention, service improvement
• Legal Obligation: Processing required to comply with legal and regulatory requirements
• Consent: Processing based on your explicit consent (marketing communications)

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our business, including payment processors, cloud hosting providers, email services, analytics platforms, and customer support tools. These providers are contractually obligated to protect your information.

4.2 Marketplace Platforms

With your authorization, we submit information to marketplace platforms (Amazon, eBay, Walmart, etc.) as part of our reinstatement services. This includes appeals, documentation, and supporting evidence.

4.3 Legal Requirements

We may disclose your information when required by law, legal process, litigation, or government request:

• Comply with court orders, subpoenas, or legal obligations
• Enforce our Terms and Conditions or other agreements
• Protect our rights, property, or safety, or that of others
• Investigate fraud, security issues, or technical problems

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the successor entity. We will notify you of any such change.

4.5 With Your Consent

We may share your information for other purposes with your explicit consent or at your direction.

5. Data Security

We implement industry-standard security measures to protect your personal information:

• Encryption: SSL/TLS encryption for data in transit, AES encryption for data at rest
• Access Controls: Role-based access, multi-factor authentication, regular access reviews
• Infrastructure Security: Secure cloud hosting, firewall protection, intrusion detection
• Data Backup: Regular backups, disaster recovery procedures, redundancy systems
• Employee Training: Security awareness training, confidentiality agreements, background checks
• Monitoring: Continuous security monitoring, vulnerability assessments, penetration testing
• Incident Response: Security incident procedures, breach notification protocols

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law:

• Active Client Data: Retained for the duration of our service relationship
• Case Files: Retained for 7 years after case completion for legal and business purposes
• Financial Records: Retained for 7 years to comply with tax and accounting regulations
• Communication Records: Retained for 5 years for quality assurance and dispute resolution
• Marketing Data: Retained until you withdraw consent or request deletion
• Technical Logs: Retained for 90 days for security and troubleshooting purposes

After the retention period expires, we securely delete or anonymize your personal information. You may request earlier deletion subject to legal and contractual obligations.

7. Your Privacy Rights

7.1 General Rights

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Restriction: Request restriction of processing in certain circumstances
• Objection: Object to processing based on legitimate interests or for direct marketing
• Data Portability: Request transfer of your data to another service provider
• Withdraw Consent: Withdraw previously given consent at any time

7.2 GDPR Rights (EEA, UK, Switzerland)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

7.3 CCPA Rights (California)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request information about data collection, use, and sharing
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale of personal information (Note: We do not sell personal information)
• Right to Non-Discrimination: Not be discriminated against for exercising your rights

7.4 Exercising Your Rights

To exercise your privacy rights, please contact us at privacy@reinstate.io. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

8.1 Types of Cookies

• Essential Cookies: Required for website functionality, session management, security
• Analytics Cookies: Help us understand usage patterns, measure performance (Google Analytics)
• Functional Cookies: Remember your preferences, language settings, customization
• Marketing Cookies: Track conversion, measure ad effectiveness, personalize marketing

8.2 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality. Most browsers allow you to refuse cookies or delete existing cookies. You can also opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

9. Third-Party Services

Our services may integrate with or link to third-party services:

• Payment Processors: Stripe, PayPal (handle payment information securely)
• Cloud Services: AWS, Google Cloud (host and process data)
• Communication Tools: Email services, customer support platforms
• Analytics Services: Google Analytics, Mixpanel (track usage and performance)
• Marketing Platforms: Email marketing services, advertising platforms

These third-party services have their own privacy policies. We are not responsible for their privacy practices. We encourage you to review their policies before providing information.

10. International Data Transfers

We operate globally and may transfer your information to countries outside your residence:

• Data Transfer Mechanisms: We use Standard Contractual Clauses (SCCs), adequacy decisions, and other approved mechanisms for international transfers
• Data Protection: We ensure transferred data receives adequate protection regardless of location
• US-EU Data Transfers: We comply with applicable frameworks and regulations for transatlantic data transfers
• Third-Party Processors: Our service providers are contractually required to protect data and comply with data protection laws

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete such information. If you believe we have collected information from a child, please contact us immediately.

12. California "Do Not Track" Disclosure

We do not currently respond to "Do Not Track" signals from browsers because there is no industry standard for compliance. We will continue to monitor developments in this area.

13. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

• Assess the breach and determine its scope and impact
• Take immediate steps to contain and remediate the breach
• Notify affected individuals within 72 hours (or as required by law)
• Report the breach to relevant regulatory authorities as required
• Provide information about the breach, affected data, and protective measures
• Offer assistance such as credit monitoring services if appropriate

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notification for significant changes
• Requiring acceptance of new terms for continued service use (when required)

We encourage you to review this Privacy Policy periodically. Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

15. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices: