Security & Compliance

This page describes the security controls and compliance practices used to protect your account and data when using our Amazon Seller Central integration.

Account security

  • Passwords must be at least 12 characters and include a special character.
  • Multi-factor authentication (MFA) is enforced for administrative access.
  • Password expiration is set to 365 days with annual rotation.

Credential handling

  • Credentials, access keys, and tokens are stored securely and never committed to public repositories.
  • Secrets are managed via a dedicated secrets manager with access controls and audit logs.
  • Applications do not hardcode credentials; access is scoped and rotated as needed.

Data protection

  • Data is encrypted in transit using HTTPS/TLS.
  • Sensitive data is encrypted at rest where applicable and protected by least-privilege access controls.
  • Access to production systems is restricted and monitored.

Monitoring and response

  • Security events and access are logged for auditability and anomaly detection.
  • Incident response procedures are in place for rapid containment and notification.

Last updated: March 1, 2026