Be Sure You Are in Compliance with Amazon’s Latest PII Policy Changes

An illustration depicting how Amazon protects customers from oversharing PII with third-party merchants.

Amazon’s Marketplace Web Service (MWS) is a helpful API that allows its registered users to create their own applications for managing inventory, order data, fulfillment, and reporting on the Amazon marketplace.

This Amazon MWS API is, essentially, what makes managing your Amazon account from within Descartes Sellercloud possible. While Amazon MWS is freely available to eligible registered sellers, users must comply with specific data protection policy (DPP) terms to remain in good standing. A key component of this compliance focuses on how users handle and store personally identifiable information (PII).

What Amazon Considers Personally Identifiable Information (PII)

PII is defined by Amazon as information that is specific enough that it can be used to “identify, contact, or locate an individual (e.g., Customer or Seller), or to identify an individual in context.” 

This includes specifics such as:

  • Names.
  • Complete mailing addresses.
  • Phone numbers.
  • Payment details.
  • Purchase histories.

PII extends to digital identifiers as well:

  • Email addresses.
  • Cookies.
  • IP addresses.
  • Location data.
  • Internet-connected device data.
  • MAC addresses.
  • Digital fingerprints.
  • Browser data.

Amazon’s latest PII policy states that this information may only be stored as long as necessary to fulfill the relevant orders. There is also now a 30-day limit on PII storage.

It is worth noting that exceptions are granted for PII that must be stored for regulatory purposes (e.g., tax records or other legally required documentation). In these cases, PII is expected to be stored both securely and ‘cold’—in a way that is not immediately accessible by any software or program.

Rest assured, Descartes Sellercloud ensures that all of our software integrations comply with their respective services, including Amazon MWS. Our application is available for download on the official Amazon App Store. That said, you will need to make sure you are doing your part to handle any PII you collect or already maintain.

A Responsible Move for Amazon Customer Privacy

Plenty of MWS users bemoan Amazon’s PII policy shift, but there are good reasons for it. While PII data can be valuable to sellers for marketing and customer service efforts, there is little need to retain this type of information.

Data and privacy breaches have become legitimate concerns in today’s world. As a result, digital consumers have become increasingly leery of what happens with their personal information. Amazon will lose a lot if its user base loses confidence in how effectively its PII is being protected.

Perception matters. Even when customers buy from third-party sellers on Amazon, most still consider their transactions to be Amazon purchases.

Should a third-party purchase lead to annoyances like unwanted marketing advances or more serious issues like identity theft, the customer is more likely to demand action from Amazon than from the offending seller.

By cracking down on PII retention, Amazon is safeguarding its customers against both solicitation and data vulnerabilities caused by careless third-party sellers. At the same time, Amazon is sending a clear message to sellers that PII is to be used for order fulfillment only.

A Smart Move for Amazon

An illustration of a shield that says, 'DPP Terms.'

Amazon’s third-party seller model hinges on Amazon serving as the ultimate middleman. By making it against the rules to stockpile customer data, Amazon is mitigating the risk of third-party ecommerce businesses leveraging their amassed customer data to market and/or sell directly to consumers (which would potentially cut Amazon out of future transactions).

Each interaction on Amazon—including browsing, surveys, contests, reviews, and completed purchases—produces a wealth of PII data. Amazon uses this data to maximum effect to personalize and optimize its platforms.

However, this advantage is made even stronger when sellers aren’t allowed to keep or use it for themselves. As with most policy shifts, Amazon is banking on the fact that its dominance as a marketplace serving millions of active users will compel sellers to follow suit.

After all, Amazon wants it to be clear that all sales on its platform—even those by third-party sellers—are Amazon’s first and foremost. Regardless of the sellers, the customers will always belong to Amazon.

Failure to comply with this PII directive (or any other such policy for that matter) could result in account suspension or termination. Amazon knows that only a small percentage of its third-party ecommerce businesses are diversified or resilient enough to withstand even a temporary loss of access to Amazon customers. Compliance is the only option.

Descartes Sellercloud Is Optimized for Compliance

Amazon MWS is a key component of Descartes Sellercloud’s effectiveness as an ecommerce management platform for Amazon sellers. Similarly, our positive, long-term relationship with Amazon is something we will never take for granted.

As such, we take any change to the MWS DPP very seriously. We have implemented numerous security safeguards that have been verified through audits by Amazon and other partners, like Target Plus.

This means you can be confident that our platform’s integrations with Amazon meet the strict security and PII requirements set forth by Amazon’s terms of service. When you receive customer data through our API, you receive only the PII relevant to the transaction. That information is transmitted using encryption and specific PII is only stored as long as necessary to ensure the transaction was completed successfully.

Again, if you are retaining any existing PII from Amazon customers outside of the Descartes Sellercloud platform, you are still responsible for ensuring that it is handled in accordance with Amazon policies. Do you need to know more about PII or how Descartes Sellercloud helps ensure your compliance with any number of Amazon seller policies?

Reach out to us directly for any support or assurances you may need.

Avatar photo
Jeremy Greenberg is the Founder and Chief Executive Officer at Sellercloud. His strong background in software development and e-commerce have propelled Sellercloud to the forefront of the e-commerce solutions space. Dedication to client success and a persistent desire to innovate have set him apart as a unique authority on e-commerce and a provider of complex, meaningful solutions to online merchants.