Amazon Data Handling & Privacy Policy
This policy describes how we collect, process, store, use, share, and dispose of customer information obtained from Amazon through the Selling Partner API. This information is handled in full compliance with Amazon’s Data Protection Policy and Acceptable Use Policy.
Purpose of Data Collection
We collect Amazon customer data solely for the purpose of processing and fulfilling orders placed through the Amazon marketplace. This allows us to generate shipping labels, prepare parcels, and provide delivery tracking updates to Amazon customers.
Types of Data Collected
Through the Amazon Selling Partner API, we collect only the minimum necessary customer information, including:
- Customer name
- Shipping address
- Phone number
- Order details (product name, quantity, etc.)
Data Usage
Customer data is used strictly for order fulfilment activities. This includes label generation, shipping coordination, and updating Amazon with dispatch and tracking information. No Amazon customer data is used for marketing, profiling, or analytics.
Data Storage & Security
Amazon data is stored securely in encrypted databases with access restricted to authorised personnel only. We use industry-standard encryption protocols for data at rest (AES-256) and in transit (TLS 1.2 or higher). All access to Amazon data is logged and monitored.
Data Retention
Personally Identifiable Information (PII) from Amazon orders is retained for no longer than 31 days after order delivery. After this period, the data is automatically and securely deleted from our systems.
Data Sharing
Amazon customer data is not shared with any third parties, except where necessary to complete the fulfilment process (e.g., sharing delivery address and phone number with Royal Mail for shipment). No other external parties have access to this data.
Access Controls
Access to Amazon data is granted only to staff who require it to perform order fulfilment. Each user has a unique login and role-based access. We maintain detailed audit logs and regularly review access rights.
Data Disposal
After the 31-day retention period, Amazon data is deleted securely using automated data purging systems. Backup data is also encrypted and removed in accordance with our retention policy.
Compliance
We fully comply with Amazon’s Data Protection Policy, Acceptable Use Policy, and all relevant data privacy regulations. Our internal processes are reviewed regularly to ensure continued compliance.