Legal

Privacy Policy

Effective 15 June 2026

1. Who we are

This Privacy Policy explains how Pulser, operated by Maximillian Faulhaber (sole trader) ("Pulser", "we", "us", "our") collects, uses, shares, and protects personal data when you use the PULSER website and dashboard at pulser.pro (the "Service").

We are the data controller for the personal data described in this policy. For any privacy question or to exercise your rights, contact us at max@faulhaber.co.uk.

We are based in the United Kingdom and this policy is governed by UK data protection law, namely the UK GDPR and the Data Protection Act 2018.

2. The data we collect

We collect the following categories of personal data:

  • Account data: your name and email address, provided through our authentication provider (Clerk) when you create an account.
  • Authentication data: login state and session tokens used to keep you signed in. We never see or store your password; that is handled by Clerk.
  • Billing data: your subscription status and billing identifiers. Card payments are processed by Stripe; we do not store your full card details.
  • Connected marketplace data: when you connect a sales channel or supplier (eBay, TikTok Shop, Shopify, Amazon, AliExpress, Alibaba, CJ Dropshipping), we store the access and refresh tokens that let the Service act on your behalf, together with your seller/store identity. These tokens are encrypted at rest.
  • Product and listing data: product research, drafts, generated listings, and publishing history you create in the Service. This may include business information about your store.
  • Support and feedback data: messages you send us, including any optional email address and technical context (the page you were on, browser type, and recent in-app errors) submitted through the in-product "Report an issue" feature or the contact form.
  • Technical data: IP address, device and browser information, and cookies or similar technologies needed to run and secure the Service.

3. How we use your data, and our legal bases

We use personal data for the following purposes, relying on the legal bases shown:

  • To provide the Service (create your account, authenticate you, run product research, generate listings, and publish to the channels you connect): performance of our contract with you.
  • To act on your behalf with connected marketplaces and suppliers using the tokens you authorise: performance of our contract with you.
  • To take payment and manage subscriptions: performance of our contract with you.
  • To provide support, fix bugs, and improve the Service: our legitimate interests in operating and improving a reliable product, and performance of our contract.
  • To keep the Service secure and prevent abuse: our legitimate interests in protecting the Service and our users.
  • To comply with legal obligations (for example tax and accounting): compliance with a legal obligation.
  • For any optional communications you opt into: your consent, which you may withdraw at any time.

4. Marketplace and supplier connections

When you connect a marketplace or supplier account, you authorise the Service to access that account through the provider's official API using OAuth. We request only the permissions needed to research, create, publish, and manage listings and orders on your behalf.

The access tokens we receive are encrypted before storage and are used solely to perform the actions you trigger in the Service. You can disconnect a channel at any time from the dashboard, which revokes our stored token for that channel.

Your use of each connected platform also remains subject to that platform's own terms and privacy policy.

5. Who we share data with

We do not sell your personal data. We share it only with service providers (processors) who help us run the Service, and only as needed:

  • Clerk, for authentication and account management.
  • Vercel, for application hosting and delivery.
  • Turso, for database storage.
  • Stripe, for payment and subscription processing.
  • Anthropic, for AI-assisted listing generation (we send product details, not your account credentials).
  • The marketplaces and suppliers you choose to connect, when you publish or manage listings and orders.
  • Product research data providers used to surface trends and supplier information.

We may also disclose data where required by law, to enforce our terms, or to protect the rights, safety, and security of Pulser, our users, or others.

6. International transfers

Your data is stored on infrastructure located in the UK and the European Union. Some of our processors (such as Vercel, Clerk, Stripe, and Anthropic) may process data in the United States or other countries.

Where data is transferred outside the UK, we rely on appropriate safeguards such as UK adequacy regulations or the International Data Transfer Agreement / Addendum to the EU Standard Contractual Clauses.

7. How long we keep data

We keep personal data only for as long as needed for the purposes above:

  • Account, listing, and connection data: for the life of your account, then deleted or anonymised after closure (typically within 30 days), unless we must keep it longer for legal reasons.
  • Connected marketplace tokens: until you disconnect the channel or close your account.
  • Billing records: as long as required by tax and accounting law (generally six years).
  • Support and bug-report data: for as long as needed to resolve the issue and improve the Service.

At the end of our relationship with a connected seller or platform, we delete or anonymise the customer data we hold for that relationship.

8. How we protect your data

We use technical and organisational measures appropriate to the risk, including:

  • Encryption in transit (HTTPS/TLS) for all traffic, and encryption at rest for stored marketplace credentials and database storage.
  • Per-user data isolation and least-privilege access to production data.
  • Multi-factor authentication on administrative accounts and a security baseline for our devices.
  • Reputable cloud processors (Vercel, Turso, Clerk, Stripe) that maintain their own network and infrastructure security controls.
  • Dependency and vulnerability monitoring, and an incident-response process for handling any suspected breach.

No method of transmission or storage is completely secure, but we work to protect your data and to notify the relevant authority and affected users without undue delay (within 72 hours where required) if a notifiable breach occurs.

9. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erase your data ("right to be forgotten") where applicable.
  • Restrict or object to our processing in certain circumstances.
  • Data portability, receiving your data in a structured, commonly used format.
  • Withdraw consent at any time where we rely on consent.

To exercise any of these rights, email us at max@faulhaber.co.uk. We will respond within one month. We can also help connected sellers and platforms fulfil data access, correction, and deletion requests relating to data we process for them.

If you are unhappy with how we handle your data, you can complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

10. Cookies

We use only the cookies and similar technologies necessary to run and secure the Service, such as keeping you signed in. We do not use non-essential advertising cookies. You can control cookies through your browser settings, though disabling essential cookies may stop parts of the Service working.

11. Children

The Service is intended for businesses and sellers and is not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us data, contact us and we will delete it.

12. Changes to this policy

We may update this policy from time to time. We will post the updated version here and change the effective date. Material changes will be communicated where appropriate.

13. Contact us

For any question about this policy or your personal data, contact Pulser, operated by Maximillian Faulhaber (sole trader) at max@faulhaber.co.uk.