Commercium
Privacy Policy
Commercium is designed as a secure data infrastructure layer, enabling businesses to connect and synchronize data across marketplaces, ERP systems, e-commerce platforms, and other third-party systems.
Data Protection Roles
Depending on the context:
For account registration, billing, website usage, and support interactions.
For all customer data processed through Commercium on behalf of our clients.
We process customer data strictly on documented instructions.
Categories of Data We Process
- Name, email, company details
- Billing and subscription information
- Customer names, email addresses, phone numbers
- Shipping and billing addresses
- Order details, transaction records
- Customer messages (if integrated via support systems)
- Payout and settlement data
- IP address, device information
- Logs and system activity
- API usage data
- Collected via tools like Google Analytics and Mouseflow
How We Use Data
We use personal data to:
- Provide and operate the Commercium platform
- Synchronize data between integrated systems
- Monitor performance and ensure reliability
- Provide customer support
- Ensure platform security and fraud prevention
Sub-Processors
We use trusted third-party providers to support our services.
| Provider | Purpose |
|---|---|
| AWS | Hosting and infrastructure |
| Cloudflare | CDN, security, and DDoS protection |
| Google Workspace | Email communication |
| Google Analytics | Website analytics |
| Mouseflow | User behavior analytics |
| Rollbar | Error monitoring |
| Pulsetic | Uptime monitoring |
| Tawk.to | Customer support |
| SE Rankings | SEO monitoring (limited use) |
All sub-processors are contractually bound to protect data and comply with applicable data protection laws.
International Data Transfers
Personal data may be processed outside the European Economic Area (EEA), including in the United States and India. Where such transfers occur, we rely on:
- Standard Contractual Clauses (SCCs)
- Other legally recognized safeguards
Data Retention
We retain data as follows:
| Data Type | Retention Period |
|---|---|
| Account data | 60 days after termination |
| System logs | 30 days |
| Backup data | 60 days |
After these periods, data is securely deleted or anonymized.
Security Measures
We implement industry-standard security practices, including:
Data Subject Rights
Under GDPR, individuals have the right to:
Requests can be submitted to [email protected]. We respond within 30 days.
Breach Notification
In the event of a personal data breach, we will notify affected customers without undue delay, in accordance with applicable laws.
Automated Decision-Making
We do not engage in automated decision-making or profiling that produces legal or significant effects.
Cookies & Tracking
We use cookies and similar technologies for:
- Analytics (Google Analytics)
- User behavior tracking (Mouseflow)
Users may manage cookie preferences via browser settings or consent mechanisms.
Data Processing Agreement (DPA)
A Data Processing Addendum (DPA) is available upon request and governs our obligations as a data processor.
Updates to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or platform notification.
15. Contact Information
ConstaCloud LLC — Delaware, USA