Your privacy matters.
This policy explains what data Jasin collects, why, how long we keep it, and the choices you have.
Last updated: June 27, 2025
1. What We Collect
| Category | Data Points | Collected From | Purpose |
|---|---|---|---|
| Account | Email, name (optional), Stripe customer ID, email communication preferences | Signup form / Stripe / User settings | Auth, billing, essential notifications, marketing communications |
| Embed Usage | Embed ID, product ASIN, views, clicks, referral URL, page URL | embed.js events | Analytics, quota enforcement |
| Device & Network | IP address*, user-agent, language, timezone, fingerprint hash, bot flags | Server logs, anti-abuse library | Fraud detection, security |
| Payment | Last 4 digits, card type, subscription status | Stripe | Billing |
| Support | Messages, attachments | Email / chat | Customer support |
*IP addresses are stored only as salted hashes in anti-abuse tables.
2. Why We Collect It
- Service delivery – render product cards, enforce credits, remember preferences.
- Analytics & performance – measure views/clicks to improve card layouts.
- Fraud & abuse – detect bot traffic, duplicate accounts, or credit farming.
- Marketing communications – send product updates, new feature announcements, educational content, and promotional offers to help you get the most value from Jasin.
- Legal compliance – fulfill Amazon Associates requirements (click attribution, valid disclosures) and tax laws.
3. Anonymous vs. Authenticated Tracking
- Preview-only visitors – we log minimal event data (hashed IP, user-agent, referer).
- Logged-in users – events are linked to your
user_idfor quota and dashboard metrics. - No cross-site tracking – we track only interactions with Jasin embeds.
4. Cookies & Similar Technologies
| Cookie | Type | Duration | Purpose |
|---|---|---|---|
jasin_session | First-party | 1 week | Maintain login state |
jasin_fingerprint | First-party | 90 days | Abuse prevention |
__stripe_mid | Third-party (Stripe) | 1 year | Fraud prevention |
amazon-afftag | First-party | 24 hrs | Ensure correct affiliate tag on redirect |
We also use localStorage to cache product thumbnails for faster load times.
You can clear cookies at any time; essential cookies are required for Service functionality.
5. Where Data Is Stored
- Supabase (PostgreSQL, U.S. regions) – primary data store
- Stripe – payment data (PCI-DSS compliant)
- Amazon Services LLC – click-through attribution via affiliate tag parameters
All providers are under contractual obligations consistent with GDPR Art. 28 or CCPA service-provider requirements.
6. Affiliate Tag Handling
- Free-tier embeds always include Jasin's tag
affiliatetag-20. - Pro tags are AES-256-encrypted at rest and are never sold or shared outside the Amazon redirect required to credit your account.
- Tag usage logs are retained for auditing Amazon's "Special Link" compliance.
7. Data Retention
| Data | Retention |
|---|---|
| Raw view / click events | 90 days then purged |
| Aggregated stats | 3 years |
| Account & billing records | 7 years (tax) |
| Abuse-signal logs | 1 year |
You may request early deletion where legally permissible.
8. Your Rights
If you are in the EU/EEA/UK (GDPR) or California (CCPA):
- Access – Ask for a copy of the data we hold.
- Erase – Request deletion (exceptions: ongoing subscription, legal retention).
- Correct – Update inaccurate information.
- Portability – Receive your embeds and analytics in JSON/CSV.
- Opt-out of sale/share – We do not sell personal data.
- Limit fingerprinting – You can disable analytics in account settings; essential anti-fraud fingerprinting will still occur.
Contact support@getjasin.com to exercise rights. We respond within 30 days (GDPR) or 45 days (CCPA).
8.5. Email Communications
By creating a Jasin account, you consent to receive the following types of emails:
- Essential service emails – Account verification, password resets, billing notifications, security alerts, and critical service updates. These cannot be unsubscribed from as they are necessary for account security and service operation.
- Product updates – Announcements about new features, improvements, and service changes that may benefit your use of Jasin.
- Educational content – Tips, best practices, tutorials, and resources to help you maximize your affiliate marketing success.
- Promotional offers – Special discounts, limited-time offers, and promotional campaigns for Jasin services.
- Company news – Important announcements, policy changes, and company updates that may affect your account.
Unsubscribe options: You can unsubscribe from marketing emails (product updates, educational content, promotional offers, company news) at any time by clicking the unsubscribe link in any email or updating your preferences in your account settings. Essential service emails cannot be disabled as they are required for account security and service functionality.
9. Disclosures to Third Parties
We share data only with:
| Recipient | Purpose | Safeguards |
|---|---|---|
| Amazon Services LLC | Affiliate click attribution | Data passed in URL only |
| Stripe Payments | Billing & subscription management | PCI-DSS |
| Supabase Inc. | Hosting, auth, storage | SOC 2 Type II |
| Law enforcement | Only upon valid legal request | Strict review |
We will never rent, sell, or trade your personal data.
10. International Transfers
Supabase may process data in the United States. For EU/UK residents we rely on standard contractual clauses and supplementary measures to protect transfers.
11. Security Measures
- TLS 1.3 encryption in transit
- AES-256 at rest
- Row-Level Security on all user tables
- Rate-limited admin access & multi-factor authentication
- Periodic penetration testing
12. Children's Privacy
Jasin is not directed to children under 13 and we do not knowingly collect personal data from them. If you believe a child has provided us data, email support@getjasin.com for removal.
13. Changes to This Policy
We'll post revisions here and notify registered users by email 14 days before changes take effect. Material changes will require renewed consent where required by law.