Effective Date: 08 March 2026 | Last Updated: 08 March 2026

1. About This Policy
Infytrix Ecom Private Limited (“Infytrix”, “we”, “us”, or “our”) is committed to protecting the privacy and security of the information we handle. This Privacy Policy explains how we collect, use, store, share, and delete information when you use our website (www.infytrix.com) and our suite of e-commerce intelligence and analytics services, including the Mark8IQ platform.

This policy applies to all clients, website visitors, and individuals whose information is processed by us in the course of providing our services. By using our services, you acknowledge that you have read and understood this policy.

2. Who We Are
Infytrix provides e-commerce analytics, performance intelligence, and financial reconciliation services to brand manufacturers and sellers operating across online marketplaces. We integrate with e-commerce platforms and marketplace APIs on behalf of our clients — who are authorised sellers and brand owners — to retrieve, process, and present their own business data in unified dashboards and reports.

We act as a data processor on behalf of our clients with respect to their marketplace and business data, and as a data controller with respect to information provided to us directly such as registration details and communications.

3. Information We Collect
We collect the following categories of information:

a) Account and Registration Information

• Name, job title, and company name of the individual registering on our platform

• Business email address and login credentials

• Billing and contact information

b) Marketplace and Business Data — processed on behalf of clients

When clients connect their marketplace accounts to our platform, we access and process data made available through authorised API integrations. This data belongs to and is controlled by the client, and may include:

• Sales performance metrics, order data, and inventory information

• Financial and transactional records, including settlement, payment, and tax-related data

• Product listing data, advertising performance, and customer feedback metrics

• Account health indicators and compliance-related data

This data is accessed exclusively through the client’s explicit authorisation via the official OAuth-based consent mechanism provided by each platform. We access only the data scopes authorised by the client and use it solely to deliver the services they have subscribed to.

c) Usage and Technical Data

• IP address, browser type, device information, and operating system

• Pages visited, features used, session duration, and interaction logs

• Error logs and performance data to help us maintain and improve the platform

d) Communication Data

• Emails, support tickets, and messages sent to us through any channel

• Feedback and survey responses

4. How We Use Your Information
We use the information we collect for the following purposes:

• To provide, operate, and maintain our analytics, reporting, and reconciliation services

• To process and display marketplace and financial data within the client’s authorised dashboard

• To generate performance reports, alerts, and insights on behalf of the client

• To manage client accounts, billing, and communications

• To improve platform functionality, user experience, and service reliability

• To respond to support queries and resolve technical issues

• To meet our legal, regulatory, and contractual obligations

We do not use client marketplace data for any purpose beyond delivering the services requested by that client. We do not use this data for advertising, profiling unrelated to the service, resale, or to benefit any party other than the authorising client.

5. Legal Basis for Processing
We process personal data on the following legal bases:

• Contract performance — processing necessary to deliver the services agreed with the client

• Legitimate interests — processing for platform security, fraud prevention, and service improvement

• Legal obligation — processing required to comply with applicable laws and regulations

• Consent — where you have given explicit consent, for example for marketing communications

6. Data Sharing and Disclosure
Infytrix does not sell, rent, or trade personal data or client business data to any third party. We share data only in the following limited circumstances:

• With the client whose data it is — their own data is made available to them through our platform

• With authorised sub-processors such as cloud infrastructure, security monitoring, and analytics service providers — strictly under data processing agreements and only to the extent necessary to deliver our services

• With legal or regulatory authorities where required by applicable law, court order, or regulatory demand

• In connection with a corporate transaction such as a merger, acquisition, or asset sale, where the receiving party agrees to honour this policy

• With your prior written consent for any other purpose

All third-party sub-processors are bound by contractual obligations to process data only as instructed, maintain appropriate security, and not use the data for their own purposes.

7. Data Storage and Security
We take the security of the data entrusted to us seriously. Our technical and organisational measures include:

• Encryption of data at rest using AES-256 and encryption of data in transit using TLS 1.2 or higher

• Role-based access controls ensuring that only authorised personnel access client data on a strict need-to-know basis

• Company-issued and centrally managed devices for all employees handling client data, with endpoint security and data loss prevention controls enforced

• Secure credential and secrets management — API keys and sensitive credentials are never stored in source code

• Regular security assessments and vulnerability monitoring

• A formal Incident Response Plan governing detection, containment, notification, and recovery in the event of a security incident

In the event of a data breach affecting your information, we will notify you and any relevant regulatory authority as required by applicable law and without undue delay.

8. Data Retention
We retain data only for as long as necessary for the purpose for which it was collected, or as required by law:

• Active client account data — retained for the duration of the client relationship

• Marketplace and financial data — retained for up to 3 years from the date of collection for reconciliation and audit purposes, after which it is securely deleted

• Inactive or terminated accounts — all associated data is deleted within 30 days of account termination, unless a longer retention period is required by law

• System and access logs — retained for 12 months, then automatically purged

• Communications and support records — retained for 2 years from the date of last interaction

9. Your Rights
Depending on your location and applicable law, you may have the following rights with respect to your personal data:

• Right of access — request a copy of the personal data we hold about you

• Right to rectification — request correction of inaccurate or incomplete data

• Right to erasure — request deletion of your data, subject to our legal retention obligations

• Right to restriction — request that we restrict processing of your data in certain circumstances

• Right to data portability — receive your data in a structured, machine-readable format

• Right to object — object to processing based on legitimate interests

• Right to withdraw consent — where processing is based on consent, withdraw it at any time

To exercise any of these rights, please contact us at legal@infytrix.com. We will respond within 30 days. Identity verification may be required before processing your request.

10. Third-Party Platform Integrations
Our platform integrates with third-party e-commerce marketplaces and services to retrieve data on behalf of our clients. These integrations operate through official, authorised API programmes provided by each platform. Our access is:

• Granted exclusively by the client through the platform’s official authorisation mechanism

• Limited to the data scopes explicitly approved by the client

• Used solely to provide the analytics and reconciliation services the client has subscribed to

• Revocable by the client at any time through the respective platform’s account settings

We comply with the developer terms, data usage policies, and acceptable use guidelines of each platform we integrate with. Data obtained through these integrations is not used for any purpose beyond service delivery to the authorising client.

11. Cookies
Our website uses cookies to enable core functionality such as session management and security, analyse usage patterns via analytics tools, and improve the user experience. You can manage or disable non-essential cookies through your browser settings. Disabling cookies may affect some features of the platform.

12. Children’s Privacy
Our services are intended for businesses and professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected such data, please contact us immediately at legal@infytrix.com.

13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify active clients of material changes by email or through a notice on the platform. The ‘Last Updated’ date at the top of this page will always reflect the most recent revision. Continued use of our services after any update constitutes acceptance of the revised policy.

14. Contact Us
For privacy-related enquiries, data requests, or to report a concern: