Privacy Policy

English

1. Who we are

This Privacy Policy applies to the A2B Chrome Extension and the A2B platform (together, the "Service"). A2B is a private business automation tool for authorized A2B clients. It is not a general browsing tool and does not operate on unrelated websites.

A2B automates the order-fulfillment workflow between the order-management system and the shipping/courier provider that each client connects. Each client signs in with their own A2B account and runs a configuration built for their business.

2. The Service's single purpose

The Service has one narrow purpose: to help an authorized client process their own orders. It reads order data from the client's connected order-management system, applies the client's business rules, creates shipments with the client's connected courier, monitors fulfillment status, and writes tracking numbers or handled-status updates back to the order-management system.

3. Systems the Service accesses

The systems below are the ones each client connects and authorizes. A2B accesses only what is required for the client's own workflow.

4. Data the Service processes

The Service may process the following business data when needed for the workflow:

• Customer names, phone numbers, email addresses, and shipping addresses.
• Order numbers, item details, SKUs, quantities, package counts, order values, and shipping fees.
• Order status, validation results, tracking status, tracking numbers, and workflow errors.
• Website content from the allowed pages required for the automation.
• In-extension activity, such as run start time, run mode, success counts, errors, and exported logs.

The Service also stores settings and the credentials or API tokens a client enters for the systems they connect. These secrets are stored encrypted on the client's own computer and are never sent to the A2B backend in readable form.

5. Local storage on the client's computer

The Extension stores the following locally in Chrome extension storage:

• Extension settings and feature toggles.
• A randomly generated device ID used for local event correlation.
• Encrypted credential/token blobs for the systems the client connects.
• Current run state, local run summaries, and temporary event logs shown in the dashboard.

6. A2B cloud backend and telemetry

A2B uses a secure cloud backend (hosted on Supabase) for client sign-in, delivery of each client's configuration, subscription/entitlement status, and operational telemetry. Telemetry is designed to be redacted before it leaves the client's computer and may include:

• Run ID, version, timestamps, run mode, and device ID.
• Success counts, pending counts, error counts, and workflow status.
• Error messages and technical event records needed to debug failed runs.
• Hashed or shortened order references.

The uploaded telemetry is designed to exclude raw customer payloads, full phone numbers, full email addresses, full shipping addresses, full customer names, and full order numbers. Per-client data in the backend is isolated so that each client can access only their own data. Subscription payments are processed by Stripe; A2B does not store full card details.

7. How data is used

• Running the client's authorized order-fulfillment workflow.
• Creating or updating the relevant records in the systems the client connects.
• Showing run status, pending items, success counts, and errors in the dashboard.
• Authenticating the client and confirming an active subscription.
• Monitoring reliability, generating support telemetry, and fixing workflow failures.

8. Data sharing and transfers

A2B does not sell data and does not transfer data for advertising, analytics, profiling, or marketing. Data may be transferred only in these cases:

• To the order-management system and courier the client connects, as required to complete the workflow.
• To the A2B backend (Supabase) as configuration and redacted telemetry.
• To Stripe, to process subscription billing.
• To comply with applicable law or security requirements, if legally required.

9. Remote code, ads, analytics, and tracking

The Extension does not load or execute remote JavaScript, remote WebAssembly, or remotely fetched logic. All extension logic is bundled in the submitted package.

The Extension does not use advertising, personalized advertising, analytics scripts, third-party tracking scripts, or browser fingerprinting.

10. Security

Credentials and tokens entered in the Extension are stored locally as encrypted blobs in Chrome extension storage; the A2B backend never receives them in readable form. Telemetry is redacted before upload, backend data is isolated per client, and all backend communication uses HTTPS. No security method is perfect, but the Service is designed to limit access to the minimum systems needed for its purpose.

11. Data retention

• Credentials, settings, and the device ID remain in local Chrome storage until the client clears extension data or uninstalls the Extension.
• Temporary session event logs are cleared when Chrome clears the extension session storage.
• Configuration and redacted telemetry in the backend are retained while the client's account is active and may be deleted on request.
• Data stored in the systems the client connects is controlled by those accounts and their retention settings.

12. Client choices and rights

• Remove or replace stored credentials and tokens at any time.
• Clear local extension data through Chrome settings, or uninstall the Extension.
• Request access to or deletion of backend data by emailing a2b@enolarevenu.com.

13. Children's privacy

The Service is intended for business use by authorized clients. It is not intended for children, and we do not knowingly collect information from children under 16.

14. Changes to this policy

We may update this policy when the Service changes or when legal, operational, or Chrome Web Store requirements change. The "Last updated" date above will show the latest update.

15. Contact

For privacy questions, access requests, or deletion requests, email a2b@enolarevenu.com with the subject line: [A2B Privacy].