Last updated: 17 October 2025

This page explains how we handle customer information received from Amazon through the Selling Partner API (SP-API). It covers how this information is collected, stored, used, shared, and deleted. We follow Amazon’s data protection requirements and make sure we stay in line with applicable data protection laws, including GDPR.

What data we collect

We only collect the information we need to fulfil orders. This includes:

  • Customer name
  • Shipping address
  • Phone number (if provided)
  • Order details (items purchased)

This data is pulled securely using the Amazon SP-API. We don’t collect anything extra, and we don’t use the data for marketing or analytics.

How we use the data

The information is only used for order processing. That means:

  • Creating shipping labels
  • Preparing customs paperwork (if needed)
  • Sending tracking details to customers

Only authorised team members have access to this information.

Where and how it’s stored

The data is stored temporarily on our secure internal systems. These systems use encryption, require logins with strong passwords and multi-factor authentication, and can only be accessed by staff who need the data to do their jobs.

We do not store Amazon data on USB drives, personal devices, or in public cloud storage like Dropbox or Google Drive.

Who we share it with

We only share this information with delivery companies like Royal Mail, Evri, UPS, and others we work with to send out orders. The information shared is limited to what’s needed to get the parcel delivered — they don’t have access to our systems.

When we delete the data

We delete Amazon customer data from our systems within 30 days of the order being fulfilled. Files like spreadsheets used for uploading tracking details are deleted after they’ve been used. We regularly check that no data is kept longer than necessary.

Staff responsibilities

Everyone who handles Amazon data is trained on how to manage it safely. We also have a Data Protection Policy that staff are required to read and agree to. We check access permissions regularly and limit access to only those who need it.

Policy review

We review this policy from time to time to make sure it still meets Amazon’s requirements and any legal obligations we may have.

If you have any questions about this policy or our data practices, feel free to get in touch through the contact form on our website.