Are you ready to start shipping simply? Click here to apply for our trial launch today!

Data protection policy

The Data Protection Policy ("DPP") governs the treatment (e.g., receipt, storage, usage, transfer, and disposition) of the data vended and retrieved through the Marketplace APIs (including the Marketplace Web Service APIs). This Policy supplements the Amazon Marketplace Developer Agreement and the Acceptable Use Policy. Failure to comply may result in suspension or termination of Marketplace API access.

Definitions

"Application" means a software application or website that interfaces with the Marketplace APIs.

"Amazon Information" means any information that is exposed by Amazon through the Marketplace APIs, Seller Central, or Amazon's public-facing websites. This data can be public or non-public, including Personally Identifiable Information about Amazon customers.

"Customer" means any person or entity who has purchased items or services from Amazon's public-facing websites.

"Personally Identifiable Information" ("PII") means information that can be used on its own or with other information to identify, contact, or locate an individual (e.g., Customer or Seller), or to identify an individual in context. This includes, but is not limited to, a Customer or Seller's name, address, e-mail address, phone number, gift message content, survey responses, payment details, purchases, cookies, digital fingerprint (e.g., browser, user device), IP Address, geo-location, or Internet-connected device product identifier.

"Security Incident" means any actual or suspected unauthorized access, collection, acquisition, use, transmission, disclosure, corruption, or loss of Amazon Information, or breach of any environment (i) containing Amazon Information, or (ii) managed by a Developer with controls substantially similar to those protecting Amazon Information.

General Security Policies

Consistent with industry-leading security standards and other requirements specified by Amazon based on the classification and sensitivity of Amazon Information, Ship Simply, LLC will maintain physical, administrative, and technical safeguards, and other security measures (i) to maintain the security and confidentiality of Amazon Information accessed, collected, used, stored, or transmitted by a Developer, and (ii) to protect that information from known or reasonably anticipated threats or hazards to its security and integrity, accidental loss, alteration, disclosure, and all other unlawful forms of processing. Without limitation, Ship Simply, LLC will comply with the following requirements:

1. Network Protection. Ship Simply, LLC has implemented network protection controls (e.g., AWS VPC subnet/Security Groups, network firewalls) to deny access to unauthorized IP addresses and public access must be restricted only to approved users.

2. Access Management. Ship Simply, LLC has assigned a unique ID to each person with computer access to Amazon Information. Ship Simply, LLC will not create or use generic, shared, or default login credentials or user accounts. Ship Simply, LLC implemented baselining mechanisms to ensure that at all times only the required user accounts access Amazon Information. Ship Simply, LLC has reviewed the list of people and services with access to Amazon Information on a regular basis (at least quarterly), and remove accounts that no longer require access. Ship Simply, LLC has restricted developer employees from storing Amazon data on personal devices. Ship Simply, LLC maintains and enforces "account lockout" by detecting anomalous usage patterns and log-in attempts, and disabling accounts with access to Amazon Information as needed.

3. Encryption in Transit. Ship Simply, LLC has encrypted all Amazon Information in transit (e.g., when the data traverses a network, or is otherwise sent between hosts using HTTP over TLS (HTTPS). Ship Simply, LLC has enforced this security control on all applicable external endpoints used by customers as well as internal communication channels (e.g., data propagation channels among storage layer nodes, connections to external dependencies) and operational tooling. Ship Simply, LLC has disabled communication channels which do not provide encryption in transit even if unused (e.g., removing the related dead code, configuring dependencies only with encrypted channels, and restricting access credentials to use of encrypted channels). Ship Simply, LLC has used data message-level encryption (e.g., using AWS Encryption SDK) where channel encryption (e.g., using TLS) terminates in untrusted multi-tenant hardware (e.g., untrusted proxies).

4. Incident Response Plan. Ship Simply, LLC has created and maintains a plan to detect and handle Security Incidents. The plan identifies the incident response roles and responsibilities, defines incident types that may impact Amazon, defines incident response procedures for defined incident types, and defines an escalation path and procedures to escalate Security Incidents to Amazon. Ship Simply, LLC reviews and verifies the plan every six (6) months and after any major infrastructure or system change. Ship Simply, LLC will investigate each Security Incident, and document the incident description, remediation actions, and associated corrective process/system controls implemented to prevent future recurrence (if applicable). Ship Simply, LLC maintains the chain of custody for all evidences or records collected, and such documentation must be made available to Amazon on request (if applicable).
Ship Simply, LLC will inform Amazon (via email to 3p-security@amazon.com) within 24 hours of detecting any Security Incidents. Ship Simply, LLC cannot notify any regulatory authority, nor any customer, on behalf of Amazon unless Amazon specifically requests in writing that the Developer do so. Amazon reserves the right to review and approve the form and content of any notification before it is provided to any party, unless such notification is required by law, in which case Amazon reserves the right to review the form and content of any notification before it is provided to any party. Ship Simply, LLC will inform Amazon within 24 hours when their data is being sought in response to legal process or by applicable law.

5. Request for Deletion or Return. Ship Simply, LLC will promptly (but within no more than 72 hours after Amazon's request), permanently, and securely delete (in accordance with industry-standard sanitization processes, e.g., NIST 800-88) or return Amazon Information upon and in accordance with Amazon's notice requiring deletion and/or return. Ship Simply, LLC must also permanently and securely delete all live (online or network accessible) instances of Amazon Information within 90 days after Amazon's notice. If requested by Amazon, the Developer will certify in writing that all Amazon Information has been securely destroyed.

Additional Security Requirements Specific to Personally Identifiable Information

The following additional Security Requirements must be met for all Personally Identifiable Information ("PII") (see PII definition in Section 1). PII is granted to Ship Simply, LLC for merchant fulfilled shipping purposes, on a must-have basis. If a Marketplace API contains PII, or PII is combined with non-PII, then the entire data store must comply with the following requirements:

1. Data Retention and Recovery. Ship Simply, LLC will retain PII only for the purpose of, and as long as is necessary to fulfill orders (no longer than 30 days after order shipment). If a Ship Simply, LLC is required by law to retain archival copies of PII for tax or similar regulatory purposes, this archived Amazon Information will be stored as a "cold" or offline (e.g., not available for immediate or interactive use) backup stored in a physically secure facility, and all archived data on backup media must be encrypted. In the event that PII is lost, Ship Simply will be able to recover all PII lost (i.e., the data is erased or unavailable for processing due to system crash or ransomware).

2. Data Governance. Ship Simply, LLC has created, documented, and abides by a privacy and data handling policy for their Applications or services which govern the appropriate conduct and technical controls to be applied in managing and protecting information assets. Ship Simply, LLC will keep inventory of software and physical assets (e.g. computers, mobile devices) with access to PII, and update regularly. A record of data processing activities such as specific data fields and how they are collected, processed, stored, used, shared, and disposed for all PII Information should be maintained to establish accountability and compliance with regulations. Ship Simply, LLC established and abides by their privacy policy for customer consent and data rights to access, rectify, erase, or stop sharing/processing their information where applicable or required by data privacy regulation.

3. Encryption and Storage. Ship Simply, LLC encrypts all PII at rest (e.g., when the data is persisted) using industry best practice standards (e.g. using either AES-128, AES-256, or RSA with 2048-bit key size (or higher). The cryptographic materials (e.g., encryption/decryption keys) and cryptographic capabilities (e.g., daemons implementing virtual Trusted Platform Modules and providing encryption/decryption APIs) used for encryption of PII at rest are only accessible to the Ship Simply, LLC’s processes and services. Ship Simply, LLC will not store PII in removable media (e.g., USB) or unsecured public cloud applications (e.g., public links made available through Google Drive). Ship Simply, LLC will securely dispose of any printed documents containing PII.

4. Least Privilege Principle. Ship Simply, LLC implemented fine-grained access control mechanisms to allow granting rights to any party using the Application (e.g., access to a specific set of data at its custody) and the Application's operators (e.g., access to specific configuration and maintenance APIs such as kill switches) following the principle of least privilege. Application sections or features that vend PII are protected under a unique access role, and access granted on a "need-to-know" basis.

5. Logging and Monitoring. Ship Simply, LLC gathers logs to detect security-related events (e.g., access and authorization, intrusion attempts, configuration changes) to their Applications and systems. Ship Simply, LLC implemented this logging mechanism on all channels (e.g., service APIs, storage-layer APIs, administrative dashboards) providing access to Amazon Information. All logs have access controls to prevent any unauthorized access and tampering throughout their lifecycle. Logs themselves do not contain PII and are retained for at least 90 days for reference in the case of a Security Incident. Ship Simply, LLC has built mechanisms to monitor the logs and all system activities to trigger investigative alarms on suspicious actions (e.g., multiple unauthorized calls, unexpected request rate and data retrieval volume, and access to canary data records). Ship Simply, LLC performs an investigation when monitoring alarms are triggered, and this is documented in Ship Simpy’s Incident Response Plan.

Audit

Ship Simply, LLC maintains all appropriate books and records reasonably required to verify compliance with Amazon’s Acceptable Use Policy, Data Protection Policy, and Amazon Marketplace Developer.