BY USA TECHNOLOGY LLC protects marketplace data through technical, administrative, and operational safeguards.
SP-API credentials are scoped to the minimum permissions required for declared internal use cases. No excess permissions are requested.
The platform requests and stores only the data needed for approved internal business purposes.
API credentials, access tokens, and secrets are never stored in public repositories or exposed in frontend code.
All communications with Amazon APIs and internal systems use encrypted channels.
Access to internal systems and marketplace data is limited to authorized personnel with a legitimate business need.
Operational logs are maintained for security, troubleshooting, and compliance review. Sensitive credentials are not written into logs.
Data is retained only as long as needed for business, security, legal, operational, or compliance purposes.
Internal procedures are maintained to review and respond to suspected security incidents.
The public website uses HTTPS with a valid SSL certificate. Internal systems that handle API credentials or marketplace data are designed to use encrypted communication channels and authenticated access.
API credentials, access tokens, refresh tokens, client secrets, and other sensitive credentials are not stored in public code repositories or exposed in frontend code. Credentials are managed through secure environment variables, secret storage, or restricted backend configuration.
BY USA TECHNOLOGY LLC retains data only as long as needed for business, security, legal, operational, or compliance purposes. Data that is no longer required is deleted, de-identified, or archived according to internal procedures.
BY USA TECHNOLOGY LLC uses approved API access for legitimate internal business purposes only. The platform is not designed to bypass Amazon security controls, scrape behind login pages, avoid rate limits, defeat CAPTCHA systems, or use Amazon data for unauthorized purposes.