privacy
Privacy and Data Handling Policy
Our organization collects and processes Amazon data solely for the purpose of order management and shipping operations on behalf of authorized sellers using the Amazon Selling Partner API.
1. Collection
Amazon data, including order and shipping-related Personally Identifiable Information (PII), is collected only after explicit seller authorization via OAuth. We access only the data necessary to perform approved API operations.
2. Processing
Amazon data is processed strictly for:
-
Order fulfillment
-
Easy Ship scheduling
-
Pickup coordination
-
Shipment tracking and operational support
We do not use Amazon data for marketing, profiling, resale, analytics resale, or any unrelated purpose.
3. Storage
-
Data is stored in secure, access-controlled environments.
-
Databases are not publicly accessible.
-
Data is encrypted in transit (TLS 1.2+) and encrypted at rest.
-
Access is restricted using role-based access controls (RBAC).
4. Use Limitation
Access to Amazon data is limited to authorized personnel on a need-to-know basis. Employees are assigned unique user accounts, and all access is logged.
5. Sharing
We do not sell, rent, or share Amazon data with third parties.
Data is processed only on behalf of the authorized seller and only as required to perform fulfillment-related operations.
6. Retention and Disposal
Amazon PII is retained only for the minimum period necessary to complete operational and compliance requirements (maximum 30 days post-fulfillment unless legally required otherwise).
After the retention period:
-
Data is securely deleted from active systems, or
-
Anonymized so it can no longer be linked to an individual.
7. Security Controls
We implement:
-
Network access restrictions
-
Firewalls and private infrastructure
-
Multi-factor authentication (MFA)
-
Access logging and monitoring
-
Periodic access reviews
These measures ensure Amazon data is protected against unauthorized access, disclosure, alteration, or misuse.