This policy defines how Amazon data received by our company is collected, processed, stored, used, shared, and disposed of. The purpose of this policy is to protect Amazon customers’ data and ensure compliance with Amazon’s Data Protection Policy (DPP) and Acceptable Use Policy (AUP). This policy applies to all departments and employees within the company.
Amazon data is collected only for the following purposes:
The collected data may include customer order details, shipping addresses, and Personally Identifiable Information (PII). Data access is restricted to authorized personnel only.
Amazon data is processed within our secure system for the following purposes:
Each processing step is restricted to authorized employees based on role requirements, with strict data security measures in place.
Amazon data is stored on MongoDB Atlas with AES-256 encryption. Access to this data is restricted to specific IP addresses within our company. Data storage is managed under the following security protocols:
Data is stored only for business and legal requirements and is deleted after the specified retention period.
Amazon data is used solely for the following purposes:
Data usage follows the principle of least privilege, where only employees whose roles require it can access the data.
Data received from Amazon is not shared with third parties or external systems. Our company does not integrate Amazon data with any other service, and strict data-sharing restrictions are enforced.
Amazon data is not retained beyond the legally required period. Personally Identifiable Information (PII) is permanently deleted after 30 days, following NIST 800-88 standards. Data disposal is managed through the following processes:
This policy is reviewed every six months or when there is a significant change in Amazon’s requirements. Additionally, all employees receive annual training on data security and compliance with these policies. Compliance documentation is reviewed and updated regularly.