SmartSellerSync
AnalyticsListingsOrdersFinancePricingSecurity
Sign InRequest Access

How SmartSellerSync protects your Amazon, eBay and Shopify data

SmartSellerSync connects to Amazon, eBay and Shopify through official APIs and is bound by Amazon's Data Protection Policy and Acceptable Use Policy for Amazon Information. Here is exactly what that means in practice for every platform you connect.

Encryption

Marketplace data from Amazon, eBay and Shopify — including Amazon Information — is encrypted in transit using TLS 1.2 or higher, and at rest using AES-256. Encryption keys are managed in a dedicated key management service and rotated on a defined schedule.

Access control

Access to Amazon, eBay and Shopify data is role-based and restricted by job function under a least-privilege model. Multi-factor authentication is enforced on all internal accounts and infrastructure consoles. Access is reviewed periodically and revoked immediately on personnel change.

Network controls

Application and database tiers run in private subnets with no public ingress. Firewall rules permit only the ports required for operation. Intrusion detection and prevention mechanisms monitor for unauthorized access attempts.

Credential management

No credentials, encryption keys, or secret access keys are stored in source control, hard-coded into the application, or shared between personnel. Secrets are held in a managed secret store with audited access.

Incident response

SmartSellerSync maintains a documented incident response plan covering monitoring, detection, containment, eradication, recovery and post-incident review. Security incidents affecting Amazon Information are reported to security@amazon.com in line with Amazon's Data Protection Policy. Incidents affecting eBay or Shopify data are handled under the same plan and reported to affected customers.

Data retention and deletion

Personally identifiable information obtained through marketplace APIs is retained for no longer than 30 days after order delivery, except where a longer period is required by law or for tax purposes. It is then permanently deleted. When you revoke authorization or close your account on Amazon, eBay or Shopify, SmartSellerSync ceases all API calls for that connection immediately and purges related data.

Data sharing

SmartSellerSync does not share, sell, or disclose Amazon, eBay or Shopify data to any third party. We do not aggregate data across customers, we do not build benchmark or market-intelligence datasets, and we do not calculate or publish insights about the health of Amazon's, eBay's or Shopify's business.

Data sources

All marketplace data is retrieved exclusively through official APIs — Amazon Selling Partner API, eBay APIs and Shopify Admin APIs — using authorization granted directly by you. SmartSellerSync does not scrape Amazon, eBay or Shopify storefronts, purchase marketplace data from brokers, or ingest that data from any non-official source.

SmartSellerSync does not currently hold a SOC 2 or ISO 27001 certification and does not claim one. The controls described above are implemented and can be evidenced on request.

Ready to see your Amazon, eBay and Shopify data properly?

Tell us about your catalogs and we'll get back to you within one business day.

Request Access