eBooth Software, LLC

Privacy Policy

Effective Date: January 1, 2026

Last Updated: January 1, 2026

1. Introduction

eBooth Software, LLC ("we," "our," or "us") provides software integration services to authorized e-commerce businesses that operate Amazon Seller Central accounts. This Privacy Policy describes how we collect, use, store, and protect data accessed through the Amazon Selling Partner API (SP-API) when authorized by selling partners.

We access Amazon seller data only with the selling partner's explicit authorization and only for the purposes described in this policy.

2. Data We Access

When an Amazon selling partner authorizes our application through Amazon's official OAuth process, we may access the following categories of data via the Amazon SP-API:

  • Order Data: Order details, buyer shipping information (name, address), order status, and fulfillment information necessary for order processing and shipment
  • Shipment Data: Tracking numbers, carrier information, shipment status, and delivery confirmation
  • Inventory and Listing Data: Product listings, SKUs, inventory quantities, pricing information, and product attributes
  • Messaging Data: Customer messages and seller responses related to orders (if applicable and authorized)
  • Reports and Analytics: Sales reports, performance metrics, and operational data necessary for business reporting

We access only the data categories explicitly authorized by the selling partner and necessary to provide the services described on our website.

3. How We Use Data

We use the data accessed through SP-API exclusively to provide the following services to authorized selling partners:

  • Process and manage orders, including fulfillment and shipment tracking
  • Maintain accurate inventory records and product listing information
  • Generate operational reports and analytics to support business decision-making
  • Provide customer support and resolve order-related inquiries
  • Ensure compliance with Amazon's policies and our contractual obligations

We do not use seller data for any purpose other than providing the authorized services. We do not sell, rent, or share seller data with unaffiliated third parties for their marketing or commercial purposes.

4. Data Sharing and Disclosure

We do not sell Amazon seller data. We may share data only in the following limited circumstances:

  • Service Providers: We may share data with trusted service providers (e.g., cloud hosting, database services) who assist in operating our application, subject to strict confidentiality obligations and data protection requirements
  • Legal Requirements: We may disclose data if required by law, court order, or governmental regulation, or to protect our legal rights
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, data may be transferred to the acquiring entity, subject to the same privacy protections

Any service provider with access to seller data is contractually required to maintain confidentiality and use data only for the purposes we specify.

5. Data Retention and Deletion

We retain seller data only as long as necessary to provide the authorized services and comply with legal obligations:

  • Active Authorization: While a selling partner maintains an active authorization, we retain data necessary to provide ongoing services
  • After Revocation: When a selling partner revokes authorization, we cease accessing new data and delete or anonymize stored data within 90 days, except where retention is required by law or for legitimate business purposes (e.g., financial records, dispute resolution)
  • Legal Retention: Certain data may be retained longer to comply with tax, accounting, or legal requirements

6. Data Security

We implement industry-standard security measures to protect seller data from unauthorized access, disclosure, alteration, or destruction:

  • Encryption: All data transmitted between our systems and Amazon's API is encrypted using TLS/HTTPS. Data at rest is encrypted using industry-standard encryption protocols
  • Access Controls: Access to seller data is restricted to authorized personnel on a need-to-know basis using role-based access control (RBAC) and least privilege principles
  • Credential Management: API credentials and secrets are stored securely using secrets management systems and are never stored in plain text
  • Audit Logging: We maintain audit logs of data access and system activities to detect and respond to security incidents
  • Data Minimization: We access and store only the minimum data necessary to provide the authorized services
  • Incident Response: We maintain an incident response plan to address security breaches promptly and notify affected parties as required by law

For more details, see our Security page.

7. Personally Identifiable Information (PII)

In the course of providing order management services, we may access PII such as buyer names and shipping addresses. This information is:

  • Used only as necessary for order fulfillment and customer support
  • Stored with appropriate security controls and access restrictions
  • Not shared with third parties except as necessary to fulfill orders (e.g., shipping carriers) or as required by law
  • Retained only as long as necessary for the purposes described

8. User Rights

Authorized selling partners have the following rights regarding their data:

  • Access: Request information about what data we have accessed and how it is used
  • Correction: Request correction of inaccurate data (note: most data is sourced directly from Amazon and must be corrected in Seller Central)
  • Deletion: Request deletion of data by revoking authorization through Amazon Seller Central or contacting us directly
  • Revocation: Revoke authorization at any time through Amazon Seller Central settings, which will immediately terminate our access to new data
  • Export: Request a copy of data we have stored (subject to technical feasibility and legal limitations)

To exercise these rights, contact us at privacy@eboothsoftware.com.

9. Third-Party Services

Our application integrates with Amazon's SP-API. Amazon's collection and use of data is governed by Amazon's own privacy policies. We encourage selling partners to review Amazon's privacy policies and terms of service.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on this page with a new effective date. Continued use of our services after changes constitutes acceptance of the updated policy.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

12. International Data Transfers

Our services are operated in the United States. By authorizing our application, selling partners consent to the transfer and processing of data in the United States, which may have different data protection laws than the seller's jurisdiction.

13. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

eBooth Software, LLC
1502 N Clover Rd
Kennewick, WA 99338

Email: privacy@eboothsoftware.com
Support: support@eboothsoftware.com

14. Consent and Authorization

By authorizing our application through Amazon's OAuth process, selling partners consent to the collection, use, and processing of data as described in this Privacy Policy. Authorization may be revoked at any time through Amazon Seller Central.