At RetailCoder, protecting your operational data and your customers' Personally Identifiable Information (PII) is our highest priority. This Privacy Policy outlines the types of data we collect, our strict purpose limitations, and the enterprise-grade security measures we employ to maintain compliance with marketplace standards (including Amazon).
1. Information We Collect
As an operational layer between your storefronts and your warehouse, we process two distinct categories of data:
Merchant Data (Your Data)
Information you provide directly to us when setting up your account, including your name, company details, billing information, email address, and warehouse locations.
E-commerce Data & PII (End-User Data)
Data securely synced from your connected channels (e.g., Amazon, Shopify) strictly necessary to fulfill orders. This includes customer names, shipping addresses, phone numbers, purchased SKUs, and tracking IDs. We act strictly as a Data Processor for this information.
2. Strict Purpose Limitation
Amazon PII and other marketplace customer data is collected and processed solely for the purpose of fulfilling orders, generating shipping labels, computing taxes, and managing seller inventory. We explicitly do not sell, rent, or share this data with unauthorized third parties, nor do we use it for our own marketing purposes.
- Inventory Sync: Calculating real-time stock levels and pushing updates to external marketplaces.
- Fulfillment Routing: Pinging courier APIs to generate shipping labels and update delivery statuses.
3. The 30-Day Data Deletion Rule
To comply with Amazon's Data Protection Policy and global privacy standards, we enforce strict data retention limits on Personally Identifiable Information (PII) such as customer names, shipping addresses, and phone numbers.
- 30-Day Maximum: Amazon PII is retained for no longer than 30 days after an order has been successfully shipped and fulfilled.
- Permanent Deletion: Upon the 30-day expiration, all PII is securely and permanently deleted or fully anonymized from our active databases. We do not retain customer physical shipping data indefinitely.
- Account Cancellation: If you cancel your RetailCoder subscription, any remaining PII is immediately sanitized and purged. Only anonymized aggregate data may be kept for internal system metrics.
4. Data Security & Access Controls
We employ enterprise-grade security architecture to prevent unauthorized access, disclosure, or destruction of your retail data.
- Data in transit is encrypted using HTTPS/TLS 1.2+ protocols.
- Data at rest is encrypted using AES-256 industry-standard encryption.
- Internal access to customer PII is strictly limited to authorized personnel on a "need-to-know" basis to perform specific job duties (such as critical system maintenance).
5. Third-Party Sub-Processors
We only share information with certified third parties required to execute your operational workflows. We do not share data with marketing or advertising networks.
- Marketplace APIs: Bi-directional sync with platforms like Amazon to acknowledge fulfilled orders.
- Logistics Partners: Passing destination addresses to couriers to generate tracking AWBs.
- Infrastructure: Secure cloud hosting providers (e.g., AWS, Vercel).
6. Cookies & Tracking
We use essential cookies to keep you logged into the dashboard securely and to save your interface preferences. We do not use intrusive third-party advertising trackers inside the core OMS application.
Data Privacy & Security Inquiries
If you need to request a data export, initiate an account deletion, or have questions regarding our compliance and data protection practices, contact our Security and Privacy team.
Email Security Team