Customer Privacy Policy

This Customer Privacy Policy explains how DashVue ("we", "us", "our") collects, uses, stores, and protects your personal data when you create an account and use the DashVue seller dashboard platform (the "Service"). By signing up, you agree to the practices described in this policy.

We are committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

DashVue is the data controller responsible for your personal data. For questions or to exercise your rights, contact us at: privacy@dashvue.co.uk

When you register for and use DashVue, we may collect the following data:

• Account information — your name, email address, and password (encrypted).
• eBay account data — transaction history, sales data, fees, shipping costs, and other order-related information retrieved via the eBay API on your behalf.
• Financial inputs — cost of goods, expenses, and other figures you manually enter to calculate profit and margins.
• Usage data — how you interact with the dashboard, features used, and session information.
• Device and technical data — IP address, browser type, operating system, and device identifiers.

We do not collect sensitive personal data (e.g. health, racial or ethnic origin, political opinions).

We process your data for the following purposes:

• Providing the Service — to display your eBay sales analytics, profit calculations, fee breakdowns, and inventory tracking.
• Account management — to create, maintain, and secure your account.
• Service communications — to send you important updates about your account, billing, and platform changes.
• Product improvement — to understand usage patterns and improve the dashboard experience (anonymised and aggregated where possible).
• Customer support — to respond to your queries and resolve issues.
• Legal compliance — to meet our obligations under applicable law.

We rely on the following lawful bases under the UK GDPR:

• Contract — processing is necessary to deliver the Service you have signed up for.
• Consent — for marketing communications and non-essential cookies. You can withdraw consent at any time.
• Legitimate interest — for improving the Service, preventing fraud, and ensuring platform security, where this does not override your rights.

When you connect your eBay account, we access your seller data through the eBay API. This data is used solely to provide you with profit analytics and dashboard features. We:

• Only request the minimum data necessary to operate the Service.
• Do not sell or share your eBay data with third parties for their own purposes.
• Store your eBay data securely and delete it upon account closure or disconnection of your eBay account.
• Comply with eBay's API License Agreement and data usage policies.

We do not sell, rent, or trade your personal data. We may share data with trusted third-party processors solely to operate the Service, including:

• Cloud hosting and infrastructure providers
• Payment processors (for subscription billing)
• Email service providers (for account and service communications)
• Analytics tools (anonymised data only)

All processors are contractually required to handle your data securely and in accordance with UK GDPR.

• Account data — retained for as long as your account is active. Upon account deletion, personal data is removed within 30 days.
• eBay transaction data — retained for as long as your account is active and your eBay account is connected. Deleted within 30 days of account closure or eBay disconnection.
• Billing records — retained for up to 7 years as required by UK tax law.
• Server logs — retained for up to 12 months, then automatically deleted.

Under the UK GDPR, you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — request correction of inaccurate data.
• Erasure — request deletion of your personal data ("right to be forgotten").
• Restriction — request that we limit processing in certain circumstances.
• Data portability — receive your data in a structured, machine-readable format.
• Object — object to processing based on legitimate interest.
• Withdraw consent — at any time, without affecting prior lawful processing.

To exercise any of these rights, email us at privacy@dashvue.co.uk. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encryption of data in transit (TLS) and at rest
• Secure password hashing
• Role-based access controls
• Regular security reviews and monitoring

Your data may be processed outside the UK by our infrastructure and service providers. Where this occurs, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses) to protect your data in accordance with UK GDPR.

DashVue is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

We may update this Customer Privacy Policy from time to time. If we make material changes, we will notify you via email or through the dashboard. The "Effective date" at the top of this page indicates when the policy was last revised.