Privacy Policy
Effective date: June 1, 2026
1. Who we are
CommerceBase (“we”, “us”, “our”) provides an AI-powered product catalog management platform available at commercebase.io and through our Chrome browser extension ("CommerceBase Capture").
2. What data we collect
We collect only what is necessary to provide the service:
- Account data: email address and hashed password when you register.
- Product data: product information (titles, descriptions, images, prices) that you import or capture via the extension.
- Usage data: API request logs (timestamp, endpoint, response code) for debugging and security purposes.
- Browser extension: the extension reads product page content only on the e-commerce sites you visit while the extension is active, and only when you explicitly trigger a capture action. We do not track your browsing history.
3. How we use your data
- To provide and operate the CommerceBase platform.
- To process and enrich your product catalog using AI models.
- To send transactional emails (account confirmation, password reset).
- To detect and prevent abuse or unauthorized access.
We do not sell your data. We do not use your data for advertising.
4. Data storage and security
Your data is stored on servers located in the European Union (Frankfurt, Germany). We use encrypted connections (TLS) for all data in transit. Passwords are hashed using bcrypt and never stored in plain text. API keys are stored encrypted at rest.
5. Third-party services
We use the following third-party services to operate the platform:
- Paddle — payment processing. Your payment details are handled by Paddle (Merchant of Record) and never stored by us. Paddle handles VAT collection and compliance on our behalf.
- OpenAI / third-party LLM providers — product description enrichment. Product data is sent to these providers only when you explicitly request AI enrichment.
- DigitalOcean — cloud infrastructure and file storage.
6. Chrome extension permissions
The CommerceBase Capture extension requests the following browser permissions:
- activeTab: to read product data from the current tab when you click the capture button.
- storage: to save your API key and settings locally in your browser.
- tabs: to detect which e-commerce site you are on and activate the appropriate content script.
The extension only communicates with api.commercebase.io. It does not send data to any other server.
7. Data retention
We retain your account and product data for as long as your account is active. If you delete your account, your data is permanently deleted within 30 days. You may request deletion at any time by contacting us.
8. Your rights (GDPR)
If you are in the European Union, you have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion of your data ("right to be forgotten").
- Export your data in a machine-readable format.
- Object to or restrict certain processing.
To exercise any of these rights, contact us at the email below.
9. Cookies
We use only a session cookie for authentication after login. We do not use tracking cookies or third-party analytics cookies.
10. Changes to this policy
We may update this policy as our services evolve. If changes are material, we will notify registered users by email at least 14 days before they take effect. Continued use of the service after that date constitutes acceptance of the new policy.
11. Contact
Questions about this policy? Contact us at: privacy@commercebase.io