← Back to Home

Privacy Policy

This Privacy Policy ("Privacy Policy") sets out the policies and practices of Yaar AI ("we", "us", "our") with respect to the collection, receipt, storage, processing, handling, use, disclosure, transfer, and protection of information obtained from users ("you", "your") through our website, applications, integrations, APIs, and services (collectively, the "Services").

By accessing or using the Services, you consent to the collection, use, processing, storage, and disclosure of information in accordance with this Privacy Policy and applicable laws. If you do not agree, you should discontinue use of the Services.

This Privacy Policy is published in compliance with applicable Indian laws, including the Information Technology Act, 2000, the Digital Personal Data Protection Act, 2023, and related rules and regulations, and shall be interpreted in accordance with such laws.

1. Information We Collect

Yaar AI follows a data-minimization and privacy-first approach and collects only such information as is reasonably necessary to provide its Services.

Business Information: Yaar AI does not collect information related to your business operations, such as sales data, order summaries, transaction metadata, revenue metrics, cost analytics, and other operational or financial information generated through your use of the Services.

Personal Information: Yaar AI does not collect personal information such as name, email address, or phone number unless explicitly required for account support, compliance, or communication initiated by you.

2. Amazon Marketplace Data

For users who connect their Amazon Seller accounts through the Amazon Selling Partner API (SP-API), Yaar AI processes marketplace data strictly in accordance with Amazon's Data Protection Policy.

We do not collect or store Amazon Customer Personally Identifiable Information (PII), including but not limited to customer names, shipping addresses, phone numbers, or contact details, except where such data is transiently required for order logistics and financial analysis.

Retention Policy: Any Amazon customer-related data, including any incidental PII, is automatically and permanently deleted from our systems within 30 days from the order date.

Users retain the Right to be Forgotten and may request immediate deletion of any customer-related records by contacting Yaar AI support.

3. Amazon Advertising Data

For users who connect their Amazon Advertising accounts through the Amazon Ads API, Yaar AI processes advertising data strictly in accordance with Amazon's Data Protection Policy (DPP) and the Amazon Advertising API License Agreement.

Data We Process: Campaign performance metrics (impressions, clicks, spend, ACOS, ROAS), keyword and search term reports, bid and budget configurations, Sponsored Products / Sponsored Brands / Sponsored Display data, and aggregated advertising analytics.

How We Use It: Advertising data is processed solely to provide analytics, reporting, and optimization recommendations to the authorized account holder. We do not use advertising data for any purpose other than delivering the Services to you.

Data Restrictions: Amazon Advertising data is never sold, rented, combined with third-party data without express written approval from Amazon, used for re-identification of individuals, sublicensed, transferred to unauthorized parties, or made publicly available.

We do not cache, store, or retain Amazon Advertising data beyond its intended use for providing analytics services.

Compliance: We comply with Amazon's Data Protection Policy (DPP) and the Amazon Advertising API License Agreement. All advertising data handling adheres to the Amazon Ads Partner Network Policies.

4. OAuth & Credential Handling

We use Login with Amazon (LWA) OAuth for authorization. We never store Amazon seller passwords or login credentials. OAuth access tokens are encrypted at rest and automatically refreshed as needed. Access tokens expire after 60 minutes and are not persisted beyond their validity period.

Users may revoke Yaar AI's access at any time through their Amazon account settings. Upon revocation, all associated tokens are immediately invalidated.

5. Usage, Device, and Log Information

We may collect limited technical and usage-related information to ensure proper functioning, performance optimization, and security of the Services.

  • Feature usage and interaction patterns
  • System logs, timestamps, and error diagnostics
  • Device type, operating system, browser, and IP address

6. Local-First Data Processing

Yaar AI adopts a local-first data architecture to prioritize user control and confidentiality. Sensitive business and financial information is processed locally on user-controlled or user-authorized infrastructure wherever feasible.

7. Sharing of Information

We do not sell, rent, or trade your information. Information may be shared only in the following limited circumstances:

  • With trusted service providers acting under confidentiality agreements
  • To comply with legal obligations or lawful requests
  • During mergers, acquisitions, or business restructuring

8. Sub-Processors

The following categories of third-party service providers may process data on our behalf, each bound by confidentiality and data protection agreements:

  • Cloud hosting and infrastructure providers
  • AI and language model providers (for AI Chat features)
  • Analytics and error monitoring services
  • Email and communication service providers

Sub-processors are selected for their compliance with industry security standards and are contractually prohibited from using your data for any purpose other than providing services to Yaar AI.

9. Data Security

We implement reasonable administrative, technical, and organizational safeguards including encryption (TLS 1.2+ in transit, AES-256 at rest), role-based access controls, and monitoring mechanisms to protect information against unauthorized access or misuse.

However, no system is completely secure and Yaar AI cannot guarantee absolute security of data transmitted or stored.

10. Data Retention

Information is retained only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or to comply with applicable legal obligations. Specific retention periods include:

  • Amazon customer PII: deleted within 30 days from order date
  • Advertising performance data: up to 13 months for trend analysis
  • Campaign configuration data: duration of active service plus 30 days
  • Account and usage data: duration of active service
  • All user data: permanently deleted within 30 days of account termination

11. Your Rights

  • Right to access and review information
  • Right to correction or deletion
  • Right to withdraw consent, where applicable
  • Right to data portability, where technically feasible

Data Deletion Process: To request deletion of your data, email sabir@tryyaar.com. Deletion will be processed within 30 days and confirmed via email.

12. GDPR Compliance (EU Users)

For users in the European Union, we process your personal data on the following lawful bases:

  • Contractual necessity: to provide the Services you have subscribed to
  • Legitimate interest: for analytics improvement and security
  • Consent: where you have explicitly provided it

EU users have additional rights, including the right to lodge a complaint with a supervisory authority, the right to restrict processing, and the right to object to processing.

For GDPR-related inquiries, contact sabir@tryyaar.com.

13. CCPA Compliance (California Users)

If you are located in California, the California Consumer Privacy Act (CCPA) provides you with the following:

  • We do not sell your personal information to third parties.
  • You have the right to know what personal information we collect and how it is used.
  • You have the right to request deletion of your personal information.
  • You have the right to opt out of the sale of your personal information (not applicable, as we do not sell data).
  • You will not be discriminated against for exercising your privacy rights.

14. Vulnerability Disclosure

We maintain a publicly accessible process for security vulnerability reporting. To report a security vulnerability, email sabir@tryyaar.com with details of the vulnerability. We will acknowledge receipt within 24 hours and provide an initial assessment within 72 hours.

For more details, see our Security page.

15. Grievance Redressal

Grievance Officer

Name: Shabbir Agharia

Designation: Head – Sales

Email: sabir@tryyaar.com

Phone: +91 9979320199

16. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of India. Courts located in Mumbai shall have exclusive jurisdiction.

17. Updates to This Policy

We may update this Privacy Policy periodically. Continued use of the Services after such updates constitutes acceptance of the revised Policy.