Amazon Data Handling & Security Policy

1. Data Collection

• Method: Information is retrieved exclusively through the Amazon SP-API. No data is retrieved from external, non-Amazon sources.
• Scope: We collect Personally Identifiable Information (PII) including Buyer Name, Shipping Address, and Phone Number only to fulfill the order.
• Purpose: We also collect personalization strings for custom leather goods and financial data for internal tax reconciliation and settlement analysis.

2. Data Processing

• Operations: Processing includes generating shipping labels, managing tracking uploads, real-time inventory synchronization, and price updates.
• Accuracy: We process personalization instructions specifically to link them to the correct order and shipping destination, preventing waste and mis-shipments.
• Testing: We enforce a “Production Data Isolation” policy. Real PII is never used for testing or development; instead, we use synthetic (dummy) datasets.

3. Data Storage

• Encryption at Rest: We utilize Transparent Data Encryption (TDE) at the database level. Data is encrypted using the industry-standard AES-256 algorithm.
• Key Management: We use HashiCorp Vault as the authoritative secure repository for encryption keys. This ensures a strict Separation of Duties, keeping keys logically separate from the data storage.
• Network Security: Databases reside in a dedicated, isolated private subnet with no public IP exposure. Public access is blocked via hardware firewalls and strict network segmentation.
• Backups: We adhere to the 3-2-1 backup rule using Veeam. Primary backups are stored on-site, while a secondary encrypted copy is replicated to a geographically separated data center.

4. Data Usage

• Identification: Every employee is identified through unique user accounts; shared or generic accounts are strictly prohibited.
• Restrictions: PII is used only for fulfillment, delivery support, and returns. It is never used for marketing or any purpose outside of order processing.
• MFA: Multi-Factor Authentication is mandatory for all user accounts with access to Amazon Information.
• Password Policy: Minimum length of 16 characters, 90-day expiration, and history depth of 10 passwords to prevent reuse.
• Termination: Access is disabled/removed within 24 hours for terminated employees.

5. Data Sharing

• Third Parties: We do not share Amazon Information or PII with any outside parties, subcontractors, or third-party service providers.

6. Data Disposal

• PII Purging: All Buyer PII and personalization data are automatically purged from our systems no later than 30 days after shipment.
• Non-PII Retention: Any non-PII data is deleted within 18 months, unless a longer period is required by applicable law.
• Deletion Notices: Upon notice from Amazon, we securely delete the specified information within 30 days.

7. Logging, Monitoring, and Incident Response

• Logging: We capture User IDs, timestamps, source IPs, and action types (success/fail). Logs do not contain any PII and are retained for at least 12 months.
• Monitoring: We use the Zabbix Centralized Monitoring System to detect anomalies like brute-force attacks or unauthorized data exports.
• Employee Confidentiality: All employees who process PII are bound by contractual confidentiality provisions (NDA).
• Incident Response: We have a formal Incident Response Plan (IRP). In the event of a breach, we will notify Amazon at [email protected] within 24 hours.

8. Vulnerability Management

• Scanning: Vulnerability scans occur every 30 days; penetration tests every 365 days.
• Remediation: Critical vulnerabilities are fixed within 7 days; high-risk within 30 days.