ASINSpotlight Privacy Policy
Last updated: July 13, 2026
Introduction
This Privacy Policy describes how Tengro Ltd ("Tengro", "we", "us") collects, uses, and discloses your personal information when you use ASINSpotlight. It covers this website (www.asinspotlight.com), the ASINSpotlight web application at board.asinspotlight.com, the ASINSpotlight desktop application for Windows and macOS, and the ASINSpotlight Scraping API (together, the "Service").
Tengro Ltd is a company registered in Bulgaria (Company No. / EIK 208535747) with its registered office at bul. Gen Totleben 2, ent. G, ap. 2, Sofia 1606, Bulgaria. Tengro Ltd is the data controller for personal information processed through the Service.
Information We Collect
We collect the minimum information necessary to provide our services:
Account Information: When you create an account, we collect your name, email address, and password. We do not collect or store payment card details: all payment processing is handled by our payment providers (see "Service Providers" below).
Contact and Lead Information: When you request a download link, join a waitlist, or request a resource (such as our categories list), we collect your email address and, where you choose to answer, your survey responses. If you contact support or use the live chat, we process the messages you send us.
Device and Technical Information: We may collect non-personal information about your device, including device type, operating system, browser type, and IP address. This helps us provide technical support, protect the Service against abuse, and improve our products.
Usage Analytics (with your consent): If you accept analytics cookies on our website, we collect information about how you use the site, such as pages viewed and interactions with page elements. See our Cookie Policy for details. If you signed up through our website and accepted analytics cookies, usage events may be linked to the email address you provided.
Product Usage Data: When you use the ASINSpotlight web application with your account, we record usage events on our servers, such as which features you use and which actions you complete (for example, running a scan or exporting results). These events are linked to your account and help us understand and improve the product. They are recorded server-side: this does not use cookies and does not store or read anything on your device.
Referral Information: If you arrive through an affiliate partner's link, the link contains the partner's referral code. When you sign up, we record that code and share it with our affiliate platform so we can credit the partner, based on our legitimate interest in operating the affiliate program. With your consent, we additionally use referral cookies that remember the referral across visits (see our Cookie Policy).
Content You Process: Data you scan or retrieve through the Service (such as publicly available Amazon listing data) is processed on your behalf to deliver the Service and is not used to identify you.
How We Use Your Information and Legal Bases
Under the EU General Data Protection Regulation (GDPR), we rely on the following legal bases:
- Performance of a contract: to create and manage your account, generate and manage your license key, deliver purchases and download links, provide the features you use, and respond to support requests.
- Consent: to set analytics, marketing, and live-chat cookies on our website, and to send you occasional product emails where you have opted in. You can withdraw consent at any time (see "Your Rights" below).
- Legitimate interests: to secure the Service, prevent spam and abuse (including bot protection on our forms), administer our affiliate program, measure how the Service's features are used through server-side product usage events, and perform internal research based on aggregated, non-identifying data.
- Legal obligation: to keep accounting and tax records we are required to retain by law.
We do not use your personal data for automated decision-making that produces legal or similarly significant effects on you.
Cookies and Similar Technologies
Our website uses a small number of strictly necessary cookies to function, and, only with your consent, cookies for analytics, referral tracking, and live chat. No non-essential cookies are set before you make a choice, and you can change or withdraw your choice at any time using the "Cookie settings" link in the footer of every page. The full list of cookies, their providers, purposes, and lifetimes is in our Cookie Policy.
Service Providers
We do not sell your personal information. We share it only with service providers who process it on our behalf and under our instructions, and only to the extent needed for the purposes above:
- Paddle (merchant of record and payment processing for current purchases). Paddle receives the billing details needed to complete your purchase; we never see your card number.
- FastSpring (payment processing for some earlier product editions).
- Zoho Corporation (live chat via Zoho SalesIQ, website analytics via Zoho PageSense, and transactional email delivery via ZeptoMail). Our Zoho services are configured to process data in EU data centres.
- Amplitude (product analytics). Website analytics cookies are used only with your consent; server-side product usage events for signed-in accounts are processed based on our legitimate interest, as described above. Amplitude is based in the United States; see "International Transfers" below.
- FirstPromoter (affiliate referral tracking, subject to your consent).
- Google (reCAPTCHA bot protection on our forms, and YouTube for videos embedded in privacy-enhanced mode).
- Hosting and content delivery providers that operate the infrastructure our Service runs on.
We may also disclose information when required by law or legal process, or to protect our rights, privacy, safety, or property.
International Transfers
Where a provider processes personal data outside the European Economic Area (for example, in the United States), we rely on appropriate safeguards recognised by the GDPR, such as the EU-US Data Privacy Framework or the European Commission's Standard Contractual Clauses, together with additional protections where appropriate.
Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service. Lead and contact information is kept until you ask us to delete it or object to further processing. Analytics data is retained according to the retention settings of the relevant provider. Accounting records are kept for the periods required by Bulgarian law. When data is no longer needed, we delete or anonymise it.
Your Rights
Under the GDPR you have the right to:
- access the personal data we hold about you;
- correct inaccurate or incomplete data;
- request deletion of your data;
- restrict or object to processing, including processing based on legitimate interests;
- receive your data in a portable format;
- withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
To exercise any of these rights, contact us at [email protected]. We will respond within one month.
You also have the right to lodge a complaint with a supervisory authority. Our lead authority is the Bulgarian Commission for Personal Data Protection (CPDP), 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, Bulgaria, www.cpdp.bg. You may also complain to the data protection authority in your own EU country.
Security
We implement reasonable technical and organisational measures to protect your personal information from unauthorized access, use, or disclosure, including industry-standard encryption in transit. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.
Children's Privacy
ASINSpotlight is not intended for use by children under the age of 16. We do not knowingly collect personal information from children.
Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites and encourage you to review their privacy policies.
Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on our website, and where the changes affect cookie use we will ask for your consent again.
Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at [email protected].
Data controller: Tengro Ltd, bul. Gen Totleben 2, ent. G, ap. 2, Sofia 1606, Bulgaria. Company No. (EIK): 208535747. Email: [email protected].