rilk.aiTerms of Service

Privacy Policy

Last updated: April 5, 2026

1. Introduction

Rilk LLC (“Rilk,” “we,” “us,” or “our”) operates the multi-channel inventory management platform available at rilk.ai (the “Service”). This Privacy Policy explains what data we collect, how we use it, who we share it with, and your rights as a seller and data subject.

By creating an account or using the Service, you agree to this Privacy Policy. If you do not agree, do not use the Service.

2. Data We Collect

2.1 Account Data

When you register for Rilk, we collect your name, email address, company name, and a password. We also store account configuration, feature settings, and subscription tier.

2.2 Marketplace Data (via OAuth)

When you connect a marketplace (Amazon, Walmart, eBay, BackMarket, Shopify), you authorize Rilk to access certain marketplace data on your behalf. This data includes:

  • Orders — order numbers, statuses, line items, quantities, marketplace fees
  • Customer PII — buyer name, shipping address, email (where provided by marketplace); used solely to generate shipping labels and maintain your order records
  • Product/Catalog data — ASINs, SKUs, titles, images, pricing, inventory quantities
  • Financial/Settlement data — settlement amounts, fee breakdowns per order
  • FBA data — inbound shipment status, FBA inventory levels, removal orders

2.3 Google API Data (Gmail, Sheets, Drive)

When you connect your Google account via OAuth, you authorize Rilk to access Gmail (for email import), Google Sheets (for scheduled data exports), and Google Drive (read-only, for listing available spreadsheets). We access only the data necessary to provide these features and do not use Google data for advertising or share it with third parties.

2.4 Operational Data

We collect data you enter while using the Service: purchase orders, vendor records, warehouse bin assignments, serial number logs, shipping carrier credentials (OAuth tokens for UPS, FedEx, USPS), and shipping label history.

2.5 Security & Audit Data

We log authentication events (login attempts, successes, failures) including IP address, browser, operating system, and device type. This data is used for security monitoring and account lockout enforcement. We do not use this data for advertising or profiling.

2.6 Technical Data

We collect standard server log data: IP addresses, request paths, timestamps, and error codes. This data is used for monitoring, debugging, and security.

3. How We Use Your Data

We use your data exclusively to provide and improve the Service:

  • Display your orders, inventory, and financials in the Rilk dashboard
  • Generate shipping labels by passing your buyer’s shipping address to carrier APIs (UPS, FedEx, USPS, Amazon Buy Shipping) — at your explicit instruction
  • Sync inventory quantities back to your connected marketplaces
  • Export data to Google Sheets on your configured schedule — at your explicit instruction
  • Provide warehouse, serial number, and picking workflow functionality
  • Send you transactional emails (account setup, password reset, shipping confirmations)
  • Detect and respond to security threats (account lockout, anomaly detection)
  • Comply with legal obligations

We do not sell your data. We do not use your data for advertising. We do not share marketplace data with any third party except as described in Section 4.

4. Data Sharing and Sub-Processors

We share data only to operate the Service. Below are the third parties (“sub-processors”) that may process your data:

Sub-ProcessorPurposeData Shared
Amazon Web Services (AWS)Cloud hosting, database, logsAll data (encrypted at rest)
Google (Sheets/Drive API)Scheduled data exportsProduct/order data you choose to export — at your instruction only
UPSShipping label generationBuyer shipping address, package dimensions — at your instruction only
FedExShipping label generationBuyer shipping address, package dimensions — at your instruction only
USPS / Stamps.comShipping label generationBuyer shipping address, package dimensions — at your instruction only
StripePayment processingBilling name, email, payment method

We do not share buyer PII with any party other than shipping carriers, and only at the point you explicitly print a label.

5. Data Storage and Security

  • All data is stored in Aurora PostgreSQL on AWS (us-east-2), encrypted at rest using AES-256
  • All data in transit is encrypted via TLS 1.2 or higher
  • The database has no public internet endpoint — accessible only from the application backend inside a private VPC
  • Marketplace OAuth tokens and Google OAuth tokens are stored encrypted with AES-256-GCM
  • Passwords are stored as bcrypt hashes — plaintext passwords are never stored or logged
  • Access to production infrastructure requires multi-factor authentication
  • Application logs are retained in AWS CloudWatch for 90 days

6. Data Retention

We retain your data for as long as your account is active. If you close your account, all personal data and marketplace data associated with your account will be purged within 30 days. Shipping label records may be retained for up to 90 days after deletion to support carrier claim or dispute processes.

Audit logs and security logs (login history, account lockout events) are retained for 90 days, after which they are automatically deleted.

7. Your Rights

You have the right to:

  • Access — request a copy of all data we hold about you and your account
  • Correction — request that we correct inaccurate data
  • Deletion — request that we delete your account and all associated data
  • Portability — request an export of your data in a machine-readable format
  • Revoke OAuth Access — disconnect any marketplace or Google account at any time from your Rilk settings; Rilk will immediately stop accessing that service’s API

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Amazon SP-API Data Usage

Rilk is an Amazon-authorized application. We access Amazon Selling Partner API data only as authorized by you through the OAuth flow. Amazon SP-API data is used solely to provide inventory management, order fulfillment, and shipping services to you (the authorized seller). We comply with Amazon’s Developer Data Protection Policy (DPP):

  • SP-API data is not used for advertising or marketing
  • Buyer PII is displayed only to the authorized seller and their employees
  • SP-API data is not sold or shared with non-essential third parties
  • You may revoke Rilk’s SP-API access at any time through your Amazon Seller Central account under Apps & Services

9. Google API Data Usage

Rilk’s use of Google API data adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • Google user data (Gmail, Sheets, Drive) is used only to provide the features you explicitly configured
  • We do not use Google data for advertising, market research, or email campaigns
  • We do not sell or share Google data with third parties
  • You may revoke Google access at any time from your Email Config settings or from your Google Account permissions page

10. Cookies

Rilk uses session cookies to keep you logged in and remember your preferences. We do not use advertising cookies, tracking pixels, or third-party analytics that profile you across other websites.

11. Children’s Privacy

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have collected data from a minor, contact us immediately at [email protected].

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top and, for material changes, notify you by email or in-app notification. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

13. Contact Us

For questions about this Privacy Policy or to exercise your rights:

Email: [email protected]

Website: https://rilk.ai

Rilk — Marketplace Shipping & Inventory Platform