Amazon data handling

When Amazon order ingestion is enabled, we process the order header, line items, and the restricted buyer and shipping details required to fulfill and support an Amazon order.

This can include recipient name, shipping address, phone number, buyer email, order identifiers, and limited tax or purchase-order fields when Amazon provides them.

Amazon order and buyer data is used only for operational tasks such as order import, shipment label creation, delivery troubleshooting, shipment tracking updates, returns support, and legally required accounting or tax records.

We do not use Amazon buyer information for advertising, audience building, or resale.

Amazon information is shared only with service providers required to complete the order workflow, such as shipping carriers or shipping service providers used to purchase labels or transmit tracking updates.

If an operational notification is sent, the minimum required order-contact fields may also be processed by our transactional email provider. We do not disclose Amazon information to unrelated third parties.

Restricted Amazon buyer and shipping PII is retained only for active fulfillment, delivery support, returns handling, and related operational needs.

Our application is configured to delete stored Amazon restricted PII after 30 days using an automated retention sweep. Non-PII order records may be retained longer for reconciliation and accounting purposes.

Amazon information is transmitted over HTTPS in transit. Restricted Amazon PII stored by the application is encrypted at rest before being written to the database.

Access to Amazon operational data is limited to authenticated internal admin surfaces and authorized backend services. Administrative actions are role-based and auditable.