Pro-cess eBay Manager

Privacy Policy

Last updated: 01 June 2026

1. Who We Are

Pro-cess eBay Manager ("Pro-cess", "we", "us", "our") is an eBay listing and order management platform operated by Pro-cess Ltd, a company registered in England and Wales. Our website is ebay.pro-cess.co.uk.

For data protection queries, contact us at support@pro-cess.co.uk.

2. What Data We Collect

When you use Pro-cess eBay Manager, we collect and process the following categories of personal data:

  • Account information: your name, email address, and hashed password when you register.
  • eBay account data: when you connect your eBay account via OAuth, we receive and store your eBay username, user ID, OAuth access and refresh tokens, store name, feedback score, and seller level.
  • eBay listing data: titles, descriptions, prices, images, SKUs, quantities, categories, and item specifics for your eBay listings.
  • Order and customer data: buyer usernames, shipping addresses, order totals, item details, and transaction fees synced from eBay.
  • Message data: messages exchanged with buyers through eBay's messaging system.
  • Return data: return requests, reasons, and resolution details from eBay.
  • Financial data: eBay fee breakdowns (final value fees, promoted listing fees, regulatory fees) synced from the eBay Finances API.
  • Billing data: subscription plan, billing status, and payment history. Card details are handled entirely by Stripe and are never stored on our servers.
  • Technical data: IP address, browser type, and session cookies for authentication.

3. How We Use Your Data

  • To provide and operate the eBay management platform, including listing creation, order tracking, and analytics.
  • To sync data between your eBay account and our platform.
  • To process your subscription payments via Stripe.
  • To send transactional emails (account verification, password resets).
  • To maintain platform security and prevent abuse.
  • To comply with legal and regulatory obligations.

4. Legal Basis for Processing

Under UK GDPR, we process your data on the following bases:

  • Contract: processing necessary to provide the service you've signed up for.
  • Legitimate interest: platform security, fraud prevention, and service improvement.
  • Legal obligation: tax and financial record-keeping requirements.
  • Consent: where required, for example for marketing communications (which we do not currently send).

5. Third-Party Processors

We share your data with the following third-party services, each of which has their own privacy policy:

  • eBay: we access your eBay data via their official APIs (Trading API, Sell Inventory API, Sell Marketing API, Finances API) under your OAuth authorisation.
  • Stripe: processes subscription payments. Card details are handled directly by Stripe and never touch our servers. See Stripe's Privacy Policy.
  • Hetzner: our servers are hosted in Hetzner's EU data centres (Germany). See Hetzner's Privacy Policy.
  • Laravel Forge: server management and deployment tooling.

We do not sell, rent, or share your personal data with any other third parties.

6. Data Storage and Security

  • All data is stored on servers within the EU (Hetzner, Germany).
  • Database connections use encrypted channels.
  • Passwords are hashed using bcrypt (never stored in plain text).
  • eBay OAuth tokens are stored securely and refreshed automatically.
  • Daily automated database backups with 7-day retention.
  • Access to production servers is restricted to authorised personnel only.

7. Data Retention

  • Account data: retained for the lifetime of your account. Deleted within 30 days of account deletion, except where required by law.
  • Order and financial data: retained for 7 years for tax and accounting obligations under HMRC requirements.
  • eBay OAuth tokens: deleted immediately when you disconnect your eBay account or delete your Pro-cess account.
  • Session data: automatically expires after inactivity.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access: request a copy of all personal data we hold about you.
  • Rectification: request correction of inaccurate data.
  • Erasure: request deletion of your data (subject to legal retention requirements).
  • Portability: request your data in a machine-readable format.
  • Object: object to processing based on legitimate interest.
  • Restriction: request restriction of processing in certain circumstances.

To exercise any of these rights, email support@pro-cess.co.uk. We will respond within 30 days.

9. Cookies

We use only essential cookies required for authentication and session management. We do not use tracking cookies, analytics cookies, or advertising cookies.

10. eBay Marketplace Account Deletion

If you close your eBay account, eBay will send us a notification via webhook. Upon receiving this notification, we will delete or anonymise all personal data associated with your eBay account within 30 days, except where retention is required by law (e.g., tax records).

11. Children

Pro-cess eBay Manager is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on our platform. Continued use of Pro-cess after changes constitutes acceptance.

13. Contact & Complaints

For privacy-related queries: support@pro-cess.co.uk

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.