1. Overview
Molioon Technologies, Inc. (“Molioon”, “we”, “us”, or “our”) operates the Molioon platform, accessible at molioon.com (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Service.
By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree with this policy, do not use the Service.
2. Information We Collect
2.1 Information you provide directly
- Account information: Name, email address, company name, job title, and password when you register.
- Billing information: Payment card details (processed by our payment provider; we do not store raw card numbers), billing address, and tax identification numbers where required.
- Communications: Messages you send us via email, support tickets, or our contact form, including their content and metadata.
- Survey and feedback data: Responses to surveys, NPS scores, or feedback you voluntarily provide.
2.2 Advertising account data (Customer Data)
When you connect a Marketplace advertising account, we access:
- Campaign structure, targeting settings, budgets, and bid data
- Search term reports, keyword data, and match type configurations
- Impression, click, spend, and conversion metrics
- ASIN-level performance data
- Audience and placement data (where applicable)
This data is classified as Customer Data and is owned by you. It is used solely to provide the Service to your account and is never shared with other customers or used to train shared AI models.
2.3 Usage data
- Log data: IP address, browser type and version, pages visited, time and date of visits, time spent on pages, and other diagnostic data.
- Device data: Device type, operating system, and browser settings.
- Feature usage: Which features of the Service you use, how often, and in what sequence — used to improve the product.
2.4 Cookies and similar technologies
We use cookies, local storage, and similar tracking technologies. See Section 8 (Cookies & Tracking) for details.
2.5 Information from third parties
We may receive information about you from third-party sources such as LinkedIn, Clearbit, or similar enrichment services, which we combine with your account information to better understand our customers. You may opt out of this enrichment by contacting us.
3. How We Use Your Information
| Purpose | Legal basis (GDPR) |
|---|---|
| Providing and operating the Service, including generating AI recommendations within your account | Contract performance |
| Processing payments and managing your subscription | Contract performance |
| Sending transactional communications (e.g. alerts, invoices, password resets) | Contract performance |
| Responding to support requests and inquiries | Contract performance / Legitimate interests |
| Detecting and preventing fraud, abuse, and security incidents | Legitimate interests |
| Improving and developing the Service (using aggregated, de-identified usage data) | Legitimate interests |
| Sending product updates and marketing communications (you may opt out at any time) | Consent / Legitimate interests |
| Complying with legal obligations | Legal obligation |
4. Sharing & Disclosure
We do not sell your personal data or Customer Data to third parties. We share information only as follows:
4.1 Service providers
We share data with trusted sub-processors who help us operate the Service, such as cloud hosting (AWS), payment processing (Stripe), analytics (Amplitude), and customer support (Intercom). All sub-processors are contractually required to protect your data and use it only for the services they provide to us. A current list of sub-processors is available at contact@molioon.com.
4.2 Business transfers
In connection with a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred. We will notify you of any such transfer and any choices you may have.
4.3 Legal requirements
We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect our rights, prevent fraud, or protect the safety of our users.
4.4 With your consent
We may share your information with third parties when you have given explicit consent, such as when you participate in a co-marketing program or case study.
5. Data Retention
We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy, unless a longer retention period is required by law.
- Account and billing data: Retained for the duration of your subscription plus 7 years for tax and accounting purposes.
- Customer Data (advertising data): Retained for the duration of your subscription. Upon account closure, Customer Data is deleted within 30 days. You may request an earlier deletion.
- Usage logs: Retained for up to 24 months in identifiable form, then anonymized.
- Support communications: Retained for 3 years following the close of the relevant support case.
You may request deletion of your personal data at any time by contacting contact@molioon.com. We will respond within 30 days. Note that some data may be retained as required by law or for legitimate business purposes (e.g. fraud prevention).
6. Security
We implement industry-standard technical and organizational measures to protect your information against unauthorized access, disclosure, alteration, or destruction. These measures include:
- Encryption in transit: All data is transmitted over TLS 1.3.
- Encryption at rest: Customer Data is encrypted using AES-256. Per-tenant encryption keys are managed via AWS KMS; Enterprise customers may bring their own keys (BYOK).
- Access controls: Access to production systems is restricted to authorized personnel via MFA and role-based access control. All access is logged and audited.
- SOC 2 Type II: We undergo annual third-party security audits. Reports are available under NDA.
- Penetration testing: We conduct annual third-party penetration testing of our infrastructure and application layer.
- Vulnerability disclosure: To report a security issue, please email security@molioon.com.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
7. Your Rights
Depending on your location, you may have the following rights with respect to your personal data:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you. |
| Rectification | Request correction of inaccurate or incomplete personal data. |
| Erasure | Request deletion of your personal data, subject to legal retention requirements. |
| Restriction | Request that we restrict the processing of your personal data in certain circumstances. |
| Portability | Receive a copy of your personal data in a structured, machine-readable format. |
| Objection | Object to processing based on legitimate interests, including direct marketing. |
| Withdraw consent | Where processing is based on consent, withdraw it at any time without affecting prior processing. |
To exercise any of these rights, submit a request to contact@molioon.com. We will verify your identity and respond within 30 days (or within 45 days where an extension is permitted by law).
California residents (CCPA)
California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising CCPA rights.
EEA / UK residents (GDPR)
If you are located in the European Economic Area or the United Kingdom, Molioon Technologies, Inc. acts as the data controller for personal data processed under this policy. You have the right to lodge a complaint with your local supervisory authority.
8. Cookies & Tracking
We use cookies and similar tracking technologies to operate and improve the Service. A cookie is a small text file placed on your device. You can control cookies through your browser settings, though disabling certain cookies may affect the functionality of the Service.
| Category | Purpose | Examples |
|---|---|---|
| Essential | Required for the Service to function (e.g. authentication, session management) | Session cookies, CSRF tokens |
| Analytics | Understand how users interact with the Service to improve it | Amplitude, PostHog |
| Functional | Remember your preferences and settings | Theme, language, last viewed page |
| Marketing | Track visits from marketing campaigns (only on public marketing pages, not within the app) | Google Analytics, LinkedIn Insight |
You may opt out of analytics and marketing cookies using our cookie preference center (accessible via the cookie banner on our marketing pages). Essential cookies cannot be disabled as they are required for the Service to function.
9. International Data Transfers
Molioon is headquartered in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.
For transfers of personal data from the EEA, UK, or Switzerland to countries not deemed adequate by the European Commission, we rely on Standard Contractual Clauses (SCCs) as the legal transfer mechanism. A copy of the applicable SCCs can be requested at contact@molioon.com.
Customers with specific data residency requirements may elect to store their data in the EU or APAC region. Contact enterprise@molioon.com for details.
10. Children's Privacy
The Service is intended for use by businesses and professionals and is not directed to children under the age of 16 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately at contact@molioon.com so we can delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will notify you by posting the updated policy on our website and, where appropriate, by email, at least 14 days before the changes take effect.
The “Last updated” date at the top of this page indicates when this policy was last revised. We encourage you to review this policy periodically.
12. Contact & Data Protection Officer
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Molioon Technologies, Inc.
Attn: Privacy Team
340 Pine Street, Suite 1100
San Francisco, CA 94104
United States
General: contact@molioon.com
Privacy: privacy@molioon.com
Security: security@molioon.com
For EEA/UK data subjects who have not received a satisfactory response, you may also contact our EU representative or lodge a complaint with your local data protection authority.