ProductWind adheres to strict data protection and privacy policies, ensuring compliance with Amazon's SP-API guidelines, GDPR, and other legal frameworks while maintaining data security, integrity, and controlled access.
ProductWind ensures that we secure your data and use it properly.
The purpose of the documentation is to describe the data maintenance policies of 3rd party data that ProductWind gains access to through the Amazon SP-API platform. All policies in this document are compliant with Amazon’s acceptable use policy for SP-API users. Amazon’s data protection policy, and the Amazon Services API developer agreement.
Legal Compliance
ProductWind complies with all applicable rules and regulations for the jurisdictions in which ProductWind conducts business, including data protection laws and privacy laws, GDPR in the EU and PIPEDA in Canada, as well as data export laws.
Personal Identifiable Information
ProductWind will neither request nor store any Personal Identifiable Information (PII) through SP-API endpoints.
Data Modification/Read Only Access
ProductWind will only request permissions for read endpoint access. ProductWind will not request access to any create, update, or delete endpoints.
Data Integrity
Data obtained from the SP-API will never be shared with third parties. In the case of any potential violation of data integrity policies, ProductWind will notify the impacted clients within 12 hours.
Data Access Control Policies
ProductWind will restrict data access for SP-API obtained raw data to the following job roles: database administrator, senior engineer. Other team members will not be granted access rights. ProductWind administrators and ProductWind users with brand granted access will have access to some data in the ProductWind dashboard.
Meta/Facebook Data 1st Party Data Access
ProductWind collects social media metrics from Meta provided APIs. We do not use 3rd party data for social metrics on Meta content.
Encryption Policies
All data is encrypted in transit and at rest using modern encryption techniques and tooling
Data Retention Policies
ProductWind may retain data obtained through SP-API access in compliance with local privacy laws. In the case where clients may request for ProductWind to remove their data, ProductWind will comply with the client’s request and remove data obtained from the client through the SP-API subject to the condition that the request is a lawful request compliant with local laws regarding data retention.
Client Audit Rights
Clients may request a full audit of the data ProductWind maintains about the client obtained through the SP-API. On request, ProductWind will produce a report including the entirety of clients data and the access logs of clients data.