• +447471879785
  • info@prepment.com
Icon-facebook Instagram Whatsapp
Get a Quote

Privacy & Data Use Policy

  • prepment

Last Updated: May 10, 2026

Prepment (“we,” “our,” or “us”) is committed to protecting the privacy and security of data retrieved through the Amazon Selling Partner API (SP-API). This policy outlines our standards for collecting, processing, storing, and disposing of Amazon Information in full compliance with Amazon’s Data Protection Policy (DPP) and Acceptable Use Policy (AUP).

1. Data Collection and Usage

We collect Amazon Information (including Personally Identifiable Information – PII) strictly to provide e-commerce fulfillment and warehouse management services to our authorized users. This includes: 

  • Order Fulfillment: Retrieving order details to facilitate merchant-managed shipping (FBM). 
  • Logistics: Generating compliant shipping labels and providing real-time tracking updates. 
  • Inventory Management: Synchronizing stock levels across warehouse locations. 

2. Data Storage and Infrastructure

Our infrastructure is designed with security as a priority, hosted entirely on Amazon Web Services (AWS): 

  • Encryption at Rest: All Amazon Information and PII are stored using industry-standard AES-256 encryption via AWS Key Management Service (KMS). 
  • Encryption in Transit: Data is protected using TLS 1.2 or higher during all transmissions between Amazon, our servers, and the end-user. 
  • Network Isolation: Our database servers are located within an Amazon VPC in private subnets with no direct public internet access. 

3. Data Retention and Disposal

We strictly follow the principle of data minimization as required by Amazon: 

  • 30-Day PII Purge: Personally Identifiable Information (buyer names, shipping addresses, phone numbers) is retained for a maximum of 30 days after order shipment. 
  • Automatic Disposal: After this 30-day period, PII is programmatically scrubbed and permanently deleted from our production databases. 
  • Backups: Encrypted backups follow the same strict 30-day redaction schedule. 

4. Access Control & Monitoring

  • Role-Based Access: Access to Amazon data is restricted to authorized personnel on a “need-to-know” basis. 
  • Authentication: we enforce Multi-Factor Authentication (MFA) and a strict password policy (minimum 12 characters) for all administrative access. 
  • Audit Logging: All access to PII is logged via AWS CloudTrail. Logs are retained for 12 months and reviewed regularly for suspicious activity. 

5. Third-Party Sharing

We do not sell, trade, or share Amazon Information with third parties for marketing or advertising. Data is shared only with authorized shipping carriers (e.g., UPS, FedEx, DHL) solely to execute the shipping requested by the user. 

6. Incident Response Plan

In the event of a suspected security breach, our Incident Management Point of Contact (IMPOC) will notify Amazon Security (security@amazon.com) within 24 hours of detection and initiate containment and forensic analysis procedures. 

7. Contact Information / IMPOC

For any privacy-related inquiries, please contact our Data Protection Officer: Email:info@prepment.com