THE SILVER TUNA MARKETPLACE™
INCLUDED DOCUMENT: SELLER PRIVACY POLICY
Incorporated into Seller Agreement
Document Version: 1.0
Last Updated: November 2024
PURPOSE
This Seller Privacy Policy explains how The Silver Tuna Marketplace (“Platform,” “we,” “us”) and our sellers collect, use, protect, and share personal information. This policy applies to sellers, customers, and website visitors
IMPORTANT DISTINCTION You are the data controller for your customer data. We are the data processor. This means: Your customers’ data belongs to you, not to us. You decide how customer data is used. You’re responsible for complying with privacy laws (GDPR, CCPA, etc.) We process customer data on your behalf, following your instructions. You’re liable for customer data protection and privacy compliance
This policy covers: Seller business information and data. Customer data processed on behalf of sellers through seller websites. Seller responsibilities for customer data protection. Data sharing between Platform and sellers Seller privacy rights and obligations
This policy does NOT cover: Public website visitors (see Public Privacy Policy at www.thesilvertuna.com/privacy). Customer privacy rights when shopping (see Public Privacy Policy). General marketplace privacy practices (see Public Privacy Policy).
Note: Customers who purchase from sellers are covered by the Public Privacy Policy. This document focuses on seller-specific data practices and obligations.
1. SELLER INFORMATION WE COLLECT
1.1 Business Information
When you sign up as a seller, we collect: Business name, DBA, and legal entity information Owner/principal contact information (name, email, phone, address). Business registration and tax identification numbers. Business licenses and permits (if required). Bank account information for payments (ACH). Credit card information for monthly fees (processed securely)
1.2 Website and Product Data
For building and operating your website, we collect: Product images, descriptions, and pricing Inventory and SKU information. Business logo and branding materials Website content and copy. Policies (shipping, returns, terms) Business story and about information.
1.3 Sales and Performance Data
During ongoing operations, we collect: Sales transactions and revenue data. Order details and fulfillment information. Customer purchase history (on your behalf). Website traffic and analytics. Advertising performance metrics. Conversion rates and ROI data. Dashboard usage and activity.
1.4 Communication and Support Data
When you interact with us, we collect: Support tickets and correspondence. Email communications and responses. Phone call records (if applicable). Feedback and survey responses. Referral information (for Token Referral Program). Advisory Board participation (if applicable).
1.5 Customer Data Processed on Your Behalf
When customers purchase from your website, we process (but do not own): Customer contact information (name, email, phone). Shipping and billing addresses. Order history and purchase data. Payment information (tokenized through Payment Processor). Website browsing behavior on your site. Customer service communications.
Important: Customer data belongs to you (the seller). We process it on your behalf to operate your website and fulfill Platform services. You are the data controller; we are the data processor.
2. HOW WE USE SELLER INFORMATION
2.1 To Provide Platform Services
We use your business information to: Build and maintain your custom website. Process your monthly fee payments. Provide technical support and maintenance. Host your website and ensure uptime. Manage your seller dashboard and tools. Deliver advertising and marketing services. Generate performance reports and analytics.
2.2 To Manage Your Business Relationship
We use your information to: Communicate service updates and announcements. Send billing invoices and payment confirmations. Provide training and onboarding materials. Respond to support requests and inquiries. Facilitate Advisory Board participation (if applicable). Track referrals and token credits (first 25 sellers). Manage contract renewals and terminations.
2.3 To Process Customer Orders (On Your Behalf)
We use customer data to: Process orders and payments through your website. Send order confirmations and shipping notifications. Provide customer support on your behalf. Manage returns and refunds. Track order fulfillment and delivery. Generate sales reports and analytics for you.
Note: We process customer data as your service provider. You remain responsible for customer data protection and privacy compliance.
2.4 To Improve Platform Services
We use aggregated and anonymized data to: Analyze Platform performance and reliability. Optimize website speed and functionality Improve advertising campaign effectiveness. Develop new features and tools. Benchmark performance across sellers Identify trends and opportunities.
2.5 For Legal and Security Purposes
We use your information to:
Comply with legal obligations (tax reporting, subpoenas, audits). Prevent fraud and unauthorized access. Protect Platform security and integrity. Enforce Seller Agreement terms Investigate policy violations. Respond to legal requests and proceedings.
3. HOW WE SHARE SELLER INFORMATION
3.1 You Control Customer Data
Important distinction: Customer data belongs to you (the seller). We process it on your behalf to operate your website. We do not share “your” customer data with other sellers. We do not sell or rent customer data. You are responsible for customer data protection.
3.2 Sharing with You (The Seller)
We provide you access to: Your own sales and transaction data. Your customer information (for order fulfillment). Your website analytics and performance metrics. Your advertising campaign results. Your referral tracking data (if applicable).
You can access this data through: Your seller dashboard Monthly performance reports Quarterly ROI reviews. Data export tools (upon request).
3.3 Sharing with Service Providers
We share seller and customer data with trusted service providers who help us operate the Platform. Providers we use may be listed here, but are not limited to the following:
Payment Processing: Processes customer payments on your behalf. Processes your monthly fee payments PCI DSS Level 1 compliant. Subject to payment processors privacy policy.
Hosting Providers: Host your website and store data. Provide infrastructure and security. Subject to their privacy policies and security standards.
Email Service Providers: Send transactional emails to your customers (order confirmations, shipping notifications). Send marketing emails on your behalf (if you opt in) Track email delivery and engagement.
Analytics and Advertising Platforms: Google Analytics (website traffic analysis). Google Ads (advertising campaigns) Facebook Pixel (advertising and retargeting) Process anonymized or aggregated data when possible.
All service providers: Are contractually obligated to protect data. May only use data for specified purposes. Must comply with privacy laws and regulations. Are vetted for security and reliability.
3.4 Sharing for Legal Reasons
We may share seller or customer information when required by law: To comply with legal obligations (subpoenas, court orders, tax audits). To protect our rights and property. To prevent fraud or illegal activity. To protect the safety of users or the public. In connection with legal proceedings or investigations.
We will notify you of legal requests when permitted by law.
3.5 Business Transfers
In the event of a business transfer: Merger, acquisition, or sale of Platform assets. Bankruptcy or reorganization. Change of ownership or control.
Your seller information and customer data may be transferred to the new entity. You will be notified of any such transfer and your options, which may include terminating your Agreement.
3.6 Aggregated and Anonymized Data
We may share aggregated or anonymized data that cannot identify you or your customers: Industry reports and benchmarks (e.g., “average conversion rate across sellers”). Marketing materials and case studies (with your permission for identifiable data). Research and analysis Investor presentations and materials.
This data cannot be used to identify individual sellers or customers.
3.7 With Your Consent
We will not share your identifiable business data or customer data with third parties without your explicit consent, except as described in this policy.
4. DATA SECURITY
4.1 Security Measures
We protect data with: SSL/TLS encryption for all data transmission (HTTPS). Secure servers and infrastructure Firewalls and intrusion detection systems. Regular security audits and updates. Access controls and authentication. Employee training on data security Incident response and breach protocols.
4.2 Payment Security
Payment information is protected by: PCI DSS compliance through Tokenization (no storage of full card numbers). Encryption of payment data. Fraud detection and prevention. Secure payment processing infrastructure.
We do NOT store full credit card numbers on our servers. All payment processing is handled by your selected payment processor.
4.3 Data Retention
We retain your information for: Seller data: Duration of Agreement + 7 years (for legal/tax purposes) Customer data: Duration of customer relationship + 3 years Transaction data: 7 years (for legal/tax purposes) Analytics data: 2 years (for performance analysis) Support tickets: 3 years (for reference and quality assurance). After retention periods, data is securely deleted or anonymized.
4.4 Data Breaches
In the event of a data breach:
We will investigate and contain the breach immediately. Affected sellers will be notified within 24 hours of discovery. Affected customers will be notified within 72 hours (as required by GDPR). We will provide details on what data was compromised. We will offer guidance on protective measures. We will report to relevant authorities as required by law. We will implement additional security measures to prevent recurrence.
5. YOUR PRIVACY RIGHTS
5.1 Access & Correction
You have the right to:
Access your business information Correct inaccurate or incomplete information. Request a copy of your data. Update your contact information and preferences.
To exercise these rights: Contact [email protected].
5.2 Deletion & Erasure
You have the right to:
Request deletion of your business information. Withdraw consent for data processing. Object to certain uses of your data.
Limitations: We may retain data required for legal or contractual obligations. We may retain data necessary for fraud prevention or security. Deletion requests may take up to 30 days to process.
5.3 Data Portability
You have the right to:
Receive your data in a structured, machine-readable format. Transfer your data to another service provider. Request export of your data.
To request data export: Contact [email protected]
5.4 Marketing Opt-Out
You have the right to:
Opt out of marketing emails at any time. Unsubscribe from promotional communications. Manage your communication preferences.
To opt out: Click “unsubscribe” in any marketing email. Update preferences in your dashboard. Contact [email protected].
Note: You cannot opt out of transactional emails (billing, service updates, etc.).
6. COOKIES & TRACKING TECHNOLOGIES
6.1 Types of Cookies We Use
Essential Cookies: Required for website functionality Enable dashboard and seller tools Maintain login sessions Cannot be disabled.
Analytics Cookies: Track website usage and performance Measure traffic and behavior Improve user experience Can be disabled in settings.
Advertising Cookies: Deliver targeted ads for your products Measure ad performance Retarget website visitors Can be disabled in settings.
Preference Cookies: Remember your settings and preferences Personalize your experience Can be disabled in settings.
6.2 Third-Party Cookies
We use third-party cookies including but not limited to: Google Analytics (website analytics) Facebook Pixel (advertising and retargeting) Google Ads (advertising and conversion tracking) Stripe (payment processing).
Third-party cookies are subject to their respective privacy policies.
6.3 Cookie Consent
We obtain consent for non-essential cookies: Cookie consent banner on first visit Option to accept or reject cookies Ability to manage preferences at any time. Compliance with GDPR and CCPA requirements.
6.4 Do Not Track
We respect Do Not Track (DNT) signals: If your browser sends a DNT signal, we will not track your behavior for advertising purposes. Essential cookies and analytics may still be used. You can enable DNT in your browser settings.
7. AGE RESTRICTIONS
7.1 Seller Requirements
Sellers must be at least 18 years old to participate in The Silver Tuna Marketplace. By signing the Seller Agreement, you represent that you are at least 18 years old.
7.2 Customer Age
Verification Sellers are responsible for: Ensuring compliance with age restrictions for their products Verifying customer age when required by law. Not selling age-restricted products to minors.
7.3 If a Minor Participates
Improperly If we discover that a seller is under 18: The account will be closed The Seller Agreement will be terminated. Personal information will be deleted Any outstanding fees will be due.
If you believe a seller is under 18, contact: [email protected]
8. INTERNATIONAL DATA TRANSFERS
8.1 Data Location
Data is stored and processed in: United States (primary location). Cloud servers operated by trusted providers. Locations compliant with applicable privacy laws.
8.2 International Transfers
If you are located outside the United States: Your data may be transferred to and processed in the United States. We use appropriate safeguards for international transfers. We comply with GDPR, CCPA, and other applicable privacy laws.
8.3 EU & UK Sellers
For sellers in the EU or UK: We comply with GDPR requirements We use Standard Contractual Clauses for data transfers. You have additional rights under GDPR (see Section 5). You may lodge complaints with your local data protection authority.
9. CALIFORNIA PRIVACY RIGHTS (CCPA)
9.1 CCPA Rights
California sellers have the right to: Know what personal information is collected Know whether personal information is sold or disclosed Access personal information Delete personal information Opt out of the sale of personal information Non-discrimination for exercising privacy rights.
9.2 Information We Collect
(CCPA Categories) Identifiers: Name, email, phone, address, IP address Commercial information: Sales data, transaction history Internet activity: Website interactions, dashboard usage Geolocation data: IP-based location Professional information: Business name, tax ID.
9.3 Sale of Personal Information
We do NOT sell personal information as defined by CCPA.
We share information with service providers for business purposes (as described in Section 3), but this does not constitute a “sale” under CCPA.
9.4 Exercising CCPA Rights
To exercise your CCPA rights: Email: [email protected] Subject line: “CCPA Request” Include: Your name, email, and specific request. We will respond within 45 days.
10. POLICY UPDATES
10.1 Changes to This Policy
We may update this Privacy Policy:
To reflect changes in our practices. To comply with new laws or regulations To improve clarity and transparency. To add new features or services.
10.2 Notification of Changes
When we update this policy: We will post the updated policy at https://thesilvertunamarketplace.com/seller-network/seller-included-documents/. We will update the “Last Updated” date. We will notify sellers via email for material changes.Continued participation after notice constitutes acceptance of changes.
10.3 Material Changes
For material changes affecting your rights: We will provide 30 days’ advance notice. We will clearly explain the changes. You will have the opportunity to object or terminate your Agreement. We will obtain consent where required by law.
11. CONTACT & COMPLAINTS
11.1 Privacy Questions
For questions about this Privacy Policy: Email: [email protected]: 470-422-9199.
11.2 Data Requests
To exercise your privacy rights: Email: [email protected]. Subject line: “Privacy Rights Request” Include: Your name, email, and specific request.
We will respond within: 30 days for general requests 45 days for CCPA requests 30 days for GDPR requests.
11.3 Complaints
If you have a complaint about our privacy practices: Contact [email protected] first. We will investigate and respond within 30 days If not satisfied, you may contact: FTC (U.S.): ftc.gov/complaint ICO (UK): ico.org.uk/concerns Your local data protection authority (EU).
12. SELLER RESPONSIBILITIES FOR CUSTOMER DATA
12.1 You Are the Data Controller
As a seller, you are the data controller for your customer data: You determine how customer data is collected and used. You are responsible for compliance with privacy laws (GDPR, CCPA, etc.). You must respond to customer privacy requests (access, deletion, etc.). You are liable for data breaches caused by your negligence. The Platform acts as your data processor, following your instructions.
12.2 Customer Data Protection Requirements
You must: Protect customer data with appropriate security measures. Use customer data only for order fulfillment, customer service, and authorized marketing. Not sell or share customer data with third parties without consent. Implement access controls for employees who handle customer data. Train employees on data privacy and security. Report suspected data breaches to the Platform immediately.
12.3 Privacy Policy Requirements
You must: Display a privacy policy on your website (we provide a template). Link to the Platform’s Public Privacy Policy. Clearly explain how you collect, use, and protect customer data. Obtain consent for marketing communications. Provide opt-out mechanisms for marketing emails. Update your privacy policy when practices change.
12.4 Marketing Compliance
When marketing to your customers, you must: Obtain explicit consent before sending marketing emails Include clear unsubscribe links in all marketing emails. Honor opt-out requests within 48 hours Comply with CAN-SPAM Act (U.S.) and similar regulations. Not send excessive or unsolicited communications Segment customers who have opted out.
12.5 Customer Privacy Requests
You must respond to customer requests for: Access: Provide customers with their personal data Correction: Update inaccurate or incomplete data Deletion: Delete customer data (subject to legal retention requirements) Portability: Provide data in machine-readable format Opt-out: Stop marketing communications.
Response timeframe: Within 30 days of request (or as required by applicable law).
The Platform can assist with technical aspects of these requests, but you are ultimately responsible for responding to your customers.
12.6 Data Breach
Notification If you suspect or discover a data breach affecting customer data: Notify the Platform immediately (within 24 hours) Email: [email protected]. Provide details: what data, how many customers, how breach occurred. Cooperate with Platform investigation and remediation. Notify affected customers as required by law (within 72 hours for GDPR).
Failure to report breaches may result in: Termination of Seller Agreement Legal liability for damages Regulatory fines and penalties Loss of first 25 seller benefits.
12.7 Compliance with Privacy Laws
You are responsible for complying with: GDPR (if you have EU customers). CCPA (if you have California customers). Other state and federal privacy laws International privacy laws (if you ship internationally).
The Platform provides tools and guidance, but you are ultimately responsible for legal compliance.
12.8 Consequences of Privacy Violations
Violations of customer data protection requirements may result in: First offense: Written warning and mandatory corrective action. Second offense: Suspension of services for 30 days. Third offense: Termination of Seller Agreement Severe violations: Immediate termination, legal action, regulatory reporting.
Severe violations include: Selling customer data without consent. Failing to report known data breaches Intentional misuse of customer data. Repeated violations after warnings.
13. RELATIONSHIP TO PUBLIC PRIVACY POLICY
13.1 Two Separate Policies
The Silver Tuna Marketplace has two privacy policies:
Public Privacy Policy: Applies to website visitors and customers, Explains how we collect and use customer data, Describes customer privacy rights, Covers marketplace browsing and shopping.
Sellers Privacy Policy (this document): Applies to sellers only. Explains how we collect and use seller business data. Describes seller responsibilities for customer data. Covers seller-Platform data relationship.
13.2 No Overlap or Conflict
These policies work together: Customers are protected by the Public Privacy Policy. Sellers are governed by this Sellers Privacy Policy. No conflicts between the two policies. Both policies comply with applicable privacy laws.
13.3 Customer Questions
If customers have privacy questions: Direct them to the Public Privacy Policy Direct them to [email protected]. You may also answer questions about your own data practices. Ensure your answers are consistent with both policies.
Policy Updates
This policy may be updated with 30 days’ notice. Continued participation in the marketplace constitutes acceptance of updates. Material changes will be clearly communicated via email and seller dashboard notifications.
This Seller Privacy Policy is incorporated into your Seller Agreement and is binding upon all sellers and users of The Silver Tuna Marketplace.
By participating in The Silver Tuna Marketplace, you agree to the advertising services, strategies, and terms outlined in this document.
Questions and Support
Email Support: [email protected]
Phone: 470-422-9199 | Support Hours: Daily 9 AM – 9 PM EST
Emergency Support: 365/24/7 for critical issues | Issues not deemed critical after hours may be charged for time and service.
Questions about this or any other document? Contact us – we’re here to help you succeed.
© The Silver Tuna Marketplace™ is a trademark of Branded Brain Studio. All rights reserved. No part of this document may be reproduced, distributed, or transmitted in any form or by any means without the prior written permission of Branded Brain Studio.
