Prices shown in your local currency. VAT/taxes may apply depending on your location. EU & UK residents: GDPR rights apply. Swiss residents: see Impressum.

Privacy Policy

Last Updated: June 1, 2026

1. Introduction

eStack, Inc. (“Company”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, maintain, protect, and disclose information when you use our website (www.estack.com) and our software-as-a-service platform (collectively, the “Services”).

This policy applies to all users of the Services regardless of location. Where applicable, additional jurisdiction-specific rights are described in Section 12.

2. Information We Collect

Account and Billing Information

When you create an account or subscribe, we collect your name, email address, company name, billing address, and payment information. Payment details are processed by our payment processor and are not stored on our servers.

Transaction and Usage Data

We collect records of your subscription, purchases, feature usage, log data (IP address, browser type, device type, operating system, pages visited, timestamps), and crash reports.

Customer Data

You may upload or input data into the Services including product catalogs, order information, inventory data, and supplier details (“Customer Data”). You own your Customer Data. We process it only to provide the Services.

Communications

If you contact us by email, phone, or contact form, we retain those communications and their contents.

Cookies and Tracking Technologies

We use cookies and similar technologies as described in Section 9 of this policy.

3. How We Use Information

We use the information we collect to:

  • Provide, maintain, and improve the Services;
  • Process transactions and manage your subscription;
  • Communicate with you about your account, updates, and support;
  • Send product updates and marketing communications (you may opt out at any time);
  • Detect and prevent fraud, abuse, and unauthorized access;
  • Comply with legal obligations;
  • Enforce our Terms of Service and Software License Agreement.

Our legal basis for processing (under GDPR/UK GDPR) is: performance of a contract (account and subscription management), legitimate interests (security, fraud prevention, service improvement), legal obligation (tax and regulatory compliance), and consent (marketing communications and non-essential cookies).

4. Children’s Privacy

The Services are intended for business users and are not directed at children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have done so, we will delete it promptly.

5. Disclosure of Information

We may share your information with:

  • Service providers — hosting, payment processing, email delivery, analytics, and customer support tools that process data on our behalf under data processing agreements;
  • Third-party platform integrations — Amazon, Walmart, Shopify, eBay, and shipping carriers, to the extent required to fulfill the Services you have configured;
  • Legal and regulatory authorities — when required by law, court order, or to protect our legal rights;
  • Business transfers — in connection with a merger, acquisition, or sale of assets, with notice to you.

We do not sell your personal information to third parties.

6. International Data Transfers

We are headquartered in the United States. If you access the Services from the EU, UK, or Switzerland, your personal data will be transferred to and processed in the United States, which may have different data protection laws than your country.

For transfers from the EU and UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and UK ICO respectively. For transfers from Switzerland, we comply with the requirements of the revFADP. You may request a copy of our transfer safeguards by contacting support@estack.com.

7. Data Security

We use commercially reasonable administrative, technical, and physical safeguards to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

8. Data Retention

We retain personal information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. When you close your account, your Customer Data is available for export for 30 days and then permanently deleted. Billing and transaction records may be retained for up to 7 years for tax and legal compliance purposes.

9. Cookies and Tracking

We use the following categories of cookies:

  • Essential cookies — strictly necessary for the website and Services to function (session management, security). These cannot be disabled.
  • Analytics cookies — help us understand how visitors interact with our website (e.g., page views, traffic sources). Enabled only with your consent.
  • Preference cookies — remember your settings such as language and currency selection. Enabled only with your consent.

You can manage your cookie preferences using the banner displayed on your first visit to our website, or by adjusting your browser settings. Note that disabling non-essential cookies may affect some functionality.

10. Your Choices

You may at any time:

  • Update or correct your account information in your account settings;
  • Opt out of marketing emails by clicking “unsubscribe” in any email we send;
  • Request a copy of your personal data by contacting us;
  • Request deletion of your personal data, subject to legal retention obligations;
  • Withdraw consent for non-essential cookies via the cookie banner.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will post updates on this page with a new “Last Updated” date. For material changes, we will notify you by email or in-app notification at least 14 days before the change takes effect.

12. Jurisdiction-Specific Rights

European Union — GDPR Rights

If you are located in the EU, you have the right to: access your personal data; rectify inaccurate data; erase your data (“right to be forgotten”); restrict processing; data portability; object to processing based on legitimate interests; and not be subject to solely automated decision-making that significantly affects you.

To exercise these rights, contact us at support@estack.com. We will respond within 30 days. You may also lodge a complaint with your local supervisory authority.

United Kingdom — UK GDPR Rights

If you are located in the UK, equivalent rights apply under UK GDPR and the Data Protection Act 2018. You may contact the Information Commissioner’s Office (ICO) at ico.org.uk or 0303 123 1113.

Switzerland — revFADP Rights

If you are located in Switzerland, your rights are governed by the revised Federal Act on Data Protection (revFADP), in force since September 1, 2023. You have the right to access, correct, restrict, and request deletion of your personal data. Contact us at support@estack.com. You may also contact the Federal Data Protection and Information Commissioner (FDPIC) at edoeb.admin.ch.

California — CCPA/CPRA Rights

California residents have the right to know what personal information we collect and how it is used, request deletion, opt out of the sale of personal information (we do not sell personal information), and non-discrimination for exercising these rights. To submit a CCPA request, contact support@estack.com.

13. Contact Information

eStack, Inc.
2120 1st Avenue N, Unit B-6
Seattle, WA 98109 — United States

Email: support@estack.com
Phone: +1 (206) 890-0196

Impressum / Legal Notice

eStack, Inc. — a Delaware corporation registered as a foreign corporation in the State of Washington
2120 1st Avenue N, Unit B-6 — Seattle, WA 98109 — United States
Phone: +1 (206) 890-0196  ·  Email: support@estack.com

eStack® is a registered trademark of eStack, Inc. EU/UK GDPR & Swiss revFADP inquiries: support@estack.com