Amazon Seller Sync

Trust, security and privacy

How we protect your data: what we collect, what we deliberately never touch, how everything is encrypted, and what happens when you leave.

In one sentence

We never collect your shoppers' personal details for the everyday price, product and stock features; the secure keys that let us work on your behalf are always encrypted with bank grade AES 256; and everything travels over an encrypted (HTTPS) connection.

What we handle, and what we don't

Your business details
Store address, name, contact email, country and currency.
Secure permission keys
Tokens from Shopify and Amazon that let the app act for you, always stored encrypted.
Product information
Which product matches which listing, prices, and (if enabled) titles and descriptions.
Not your shoppers' data
No shopper names, emails, addresses or card details for price, product or stock features.

The one exception, and it is your choice: if you turn on Amazon Multi Channel Fulfilment (letting Amazon ship your Shopify orders), we pass the delivery name, address and phone number for each order to Amazon so your parcel can be delivered. That information is used at the moment of fulfilment and is never saved in our systems. Payment card details are never touched, because billing is handled entirely by Shopify. We never sell or share your data.

The personal data we handle, at a glance

InformationWhoseStored?Why
Store email, name, countryYou (the merchant)YesSupport, billing, running the app
Shopify and Amazon permission keysActs on your behalfYes, encryptedSync prices, products and stock for you
Shopper delivery detailsYour customerNo, passed to Amazon to shipDeliver the order (only if you enable fulfilment)
Shopper email or payment detailsYour customerNever accessedNot needed

How we protect it

Encrypted connections everywhere. Every connection uses HTTPS and TLS, the same protection used by online banking.
Bank grade encryption at rest. The sensitive keys that let us work for you are encrypted with AES 256 before they are stored, using a secret key kept separately from the data. A copy of the database alone would be useless without it.
Least access. We only ask Shopify and Amazon for the permissions the features you use actually need.
Controlled staff access. Our support team helps you through a secure internal console that requires company Microsoft sign in, is limited to named staff, and records every action.

What happens when you uninstall

When you remove the app, your permission keys and app data are wiped straight away. Shopify then sends a final deletion instruction about 48 hours later, and all remaining data for your store is permanently deleted. Nothing lingers.

Your privacy rights

We support your rights under GDPR and UK GDPR, including access, correction and erasure of your data. Uninstalling triggers deletion automatically, and you can contact us any time for a data export or a specific request.

Trusted providers

To run the service we rely on a small set of reputable, security certified providers: Shopify (the platform), Amazon (the Seller Central integration), our cloud host, and Microsoft (for staff sign in only). If you enable AI powered content features, product text, never customer data, may be sent to an AI provider, and you can use your own provider account.

Questions or a formal security review?

We are happy to help with security questionnaires and due diligence. A detailed data handling and security document is available to customers and auditors on request (under NDA where appropriate).

support@latasys.com