EximAgent

Privacy Policy

Last updated: June 11, 2026

EximAgent (“the exim lab”, “we”, “us”) organizes international-trade data into one CLI for agents. This policy explains what we collect when you use the EximAgent CLI, the web app, and our websites (including the blog and the HS-code documentation hub), how we use it, and the choices you have.

Information you provide

  • Account data — the email address you sign up with and the credentials tied to your account: OAuth sessions created through the device flow and any personal access tokens (PATs) you generate.
  • Saved records — collections, corridors, templates, per-company negotiation notes, and knowledge-base entries you choose to store under your account. These stay private to your account unless you share them.
  • Outreach content — drafts, templates, recipient lists, and the stage-tracking history of campaigns you run through the CLI.
  • Communications — emails you send to support and, if you subscribe on the blog, the address you give us for the newsletter.

Information collected automatically

  • Usage data — the commands you run, query parameters, timestamps, token/credit consumption, and error logs. We use this to operate the service, meter billable runs, debug, and prevent abuse.
  • Device and log data — IP address, user-agent, and CLI version, kept in standard server logs for security and reliability.
  • Website analytics — aggregate page-view metrics on our websites. We do not run third-party advertising trackers.

Business data in our index

EximAgent’s results include records about companies engaged in international trade — company names, business addresses, trade activity, and business contact details of importers, exporters, and distributors. This data comes from licensed discovery providers, public customs and registry datasets, WTO and national tariff schedules, the OFAC SDN sanctions list, and crawls of publicly available company websites. Every result carries its source and a confidence label (verified, extracted, or inferred) so you can judge provenance yourself.

If you are a representative of a company that appears in our index and want your business contact details reviewed, corrected, or removed, email us and we will handle the request.

How we use information

  • Provide trade-data results and maintain your saved records.
  • Authenticate you, secure your account, and detect fraud or abuse.
  • Meter, bill, and account for confirmed (billable) runs.
  • Improve the product, including aggregate usage analysis.
  • Send transactional messages (receipts, security notices). We send marketing or newsletter email only if you opted in, and every such email includes an unsubscribe link.

We do not sell your personal data.

How we share information

  • Service providers — hosting, storage, email delivery, and payment processors that handle data on our behalf under contractual confidentiality.
  • Data providers — queries may be forwarded to upstream trade-data providers to fetch results; we send what is needed to answer the query, not your account profile.
  • Legal — when required by law, or to protect the rights, safety, and security of EximAgent and its users.
  • Business transfers — if we are involved in a merger, acquisition, or asset sale, data may transfer with notice to you.

Data retention

Account data is kept while your account is active. Saved records and outreach history remain until you delete them or close your account. Server and usage logs are kept for a limited period for security and billing reconciliation, then deleted or anonymized.

Security

Traffic is encrypted in transit. Access tokens are stored hashed and can be revoked at any time from your account; PATs can be scoped to the minimum access they need. Internal access to production data is limited to what operating the service requires.

Your rights and choices

  • Access, export, correct, or delete your account data.
  • Revoke OAuth sessions and PATs at any time.
  • Unsubscribe from the newsletter with one click.
  • Depending on your jurisdiction (for example under the GDPR or similar laws), you may have additional rights such as objection, restriction, and portability. Email us to exercise them.

International transfers

We may process and store data in countries other than your own. Where required, we use appropriate safeguards for cross-border transfers.

Children

EximAgent is a business tool and is not directed to children under 16. We do not knowingly collect their data.

Changes

We may update this policy. Material changes will be reflected by the “last updated” date above, and significant changes will be announced to account holders.

Contact

Questions about this policy or a data request? Email [email protected].