Security & Compliance
SellerBlaze is built to meet Amazon's SP-API security standards. This page documents our security practices, data handling policies, and incident response procedures in compliance with Amazon's Developer Security Standards.
Last updated: March 2026 • Contact: support@sellerblaze.com
Sections
1. Credential Management
SP-API Security Standard 1.4Amazon SP-API Token Storage
All Amazon SP-API OAuth tokens (access tokens and refresh tokens) are encrypted at rest using AES-256-CBC encryption before storage in the database. The encryption key is stored separately from the application database, following the principle of secret separation.
Password Security
User passwords are hashed using bcryptjs with a work factor of 12 rounds. Passwords are never stored in plain text, never logged, and never transmitted in clear form. Hashed passwords are non-reversible. SellerBlaze enforces a minimum password length of 12 characters with mixed-case letters, numbers, and special characters. Internal service credentials follow a 90-day rotation policy.
Authentication Tokens
User sessions are managed via JSON Web Tokens (JWT) with a 15-minute expiry for access tokens and a 7-day expiry for refresh tokens. Tokens are invalidated on logout and regenerated on each session refresh.
Transport Security
All data in transit is protected by TLS 1.2+ (HTTPS). Plain HTTP connections are automatically redirected to HTTPS. SSL/TLS certificates are managed by Let's Encrypt with automatic renewal.
Internal Service Credentials
Database credentials, internal service secrets, and environment variables are stored as server-side environment variables, not in source code. The codebase does not contain hardcoded credentials.
2. Asset Management
SP-API Security Standard 2.3Infrastructure
SellerBlaze runs on a dedicated VPS (Virtual Private Server) hosted by OVH, a European cloud provider. The server is not shared with unrelated applications. Access to the server is restricted to SSH key-based authentication — password-based SSH login is disabled.
Access Control
Server access is limited to a single authorized administrator. There are no shared SSH keys. The application runs under a non-root service account with minimal permissions. Personal devices are prohibited from accessing production systems without endpoint security controls in place. USB and removable media are not used in any production workflow.
Endpoint Monitoring
The production server is monitored via automated system health checks and log-based alerting. Anomalous access attempts trigger automated alerts to the administrator. Failed SSH login attempts are tracked and blocked after repeated failures using fail2ban.
Software & Dependencies
Application dependencies are regularly reviewed for known vulnerabilities using npm audit and dependency scanning tools. The production environment runs the latest stable versions of Node.js and related runtime dependencies.
Data Inventory
We maintain a clear inventory of all data types processed: Amazon SP-API tokens, seller order data, financial events, and user account information. Each data type has defined retention and handling policies (see Section 3).
3. Data Retention & Backup
SP-API Security Standards 2.1 & 2.7Seller Data Retention
Amazon order data and financial events are retained for as long as the seller maintains an active SellerBlaze account to provide historical analytics. Upon account deletion, all associated data is permanently deleted within 7 business days.
Buyer PII Handling
Buyer Personally Identifiable Information (PII) received incidentally via SP-API (e.g., shipping postal codes used for zone estimation) is not stored in identifiable form. Postal codes are used transiently during fee calculation and are not retained as buyer-linked records. Any incidental PII in raw API responses is purged within 30 days of receipt.
SP-API Token Retention
Amazon SP-API OAuth tokens are retained only for as long as the seller account is connected to SellerBlaze. Tokens are permanently deleted when the user disconnects their Amazon account or deletes their SellerBlaze account.
Database Backups
The PostgreSQL database is backed up daily. Backups are encrypted at rest using AES-256 and retained for 30 days. Backups are stored on geographically separated AWS S3 storage (separate region from the primary server), ensuring data durability in the event of infrastructure failure. Recovery Time Objective (RTO) is 4 hours; Recovery Point Objective (RPO) is 24 hours. Backup restoration procedures are tested quarterly.
Data Deletion Requests
Sellers may request permanent deletion of all their data by emailing support@sellerblaze.com. Deletion requests are processed within 7 business days. Upon completion, a deletion confirmation is sent to the user's registered email address.
4. Logging & Monitoring
SP-API Security Standard 2.6Application Logging
The application maintains structured logs of all SP-API sync operations, authentication events, errors, and critical system events. Logs include timestamps, operation type, success/failure status, and error messages. Logs do not contain sensitive data such as API tokens, passwords, or buyer PII.
Access Logging
Web server access logs record incoming requests (IP address, endpoint, HTTP status, response time). These logs are used exclusively for security monitoring, debugging, and abuse detection. Access logs are retained for a minimum of 365 days in compliance with Amazon SP-API logging requirements.
PII Protection in Logs
Logs are designed to exclude personally identifiable information. API tokens, passwords, buyer names, and shipping addresses are never written to log files. Postal codes used for fee-zone estimation are logged only in aggregated, non-buyer-linked form. Log pipelines are reviewed periodically to ensure PII masking remains enforced.
Error Monitoring
Application errors and SP-API failures are logged with sufficient detail to diagnose and remediate issues. The development team reviews error logs regularly to identify and fix reliability or security issues.
Audit Trail
SP-API data sync events are logged with timestamps, account IDs, and data type synced. This creates an audit trail of when Amazon data was accessed and what was retrieved, supporting compliance with Amazon's data access logging requirements.
5. Vulnerability Management
SP-API Security Standard 2.7Dependency Scanning
All npm dependencies are regularly audited using npm audit. Remediation timelines by severity: Critical vulnerabilities — patched within 24 hours of disclosure. High-severity — patched within 7 days. Medium-severity — patched within 30 days. Low-severity — reviewed and scheduled in maintenance cycles.
Security Testing
The application is periodically reviewed for common web application vulnerabilities including SQL injection, cross-site scripting (XSS), authentication bypass, and OWASP Top 10 risks. Input validation and parameterized queries are used throughout the application.
Security Updates
The server operating system and all system packages receive security updates on a regular basis. Critical OS-level security patches are applied promptly. Node.js runtime is kept on the current LTS release.
Reporting Vulnerabilities
If you discover a security vulnerability in SellerBlaze, please disclose it responsibly by emailing support@sellerblaze.com with the subject line "Security Vulnerability". We will acknowledge receipt within 48 hours and work to address the issue promptly.
6. Incident Response Plan
SP-API Security Standard 1.6Incident Classification
Security incidents are classified by severity: Critical (active breach, data exposure, credential compromise), High (potential data exposure, service disruption), Medium (policy violation, suspicious activity), Low (minor anomalies). Critical and High incidents trigger immediate response.
Response Plan
Our incident response follows a 5-step process: 1. Detect — identify the incident via monitoring or report. 2. Contain — isolate affected systems, revoke compromised credentials, block attack vectors. 3. Eradicate — remove malicious access, patch the vulnerability. 4. Recover — restore systems from verified clean backups; re-issue credentials. 5. Review — root cause analysis and controls update to prevent recurrence.
Detection & Containment
Upon detection of a security incident, the first priority is containment — isolating affected systems, revoking compromised credentials, and stopping the spread of any breach. For SP-API related incidents, affected Amazon OAuth tokens are immediately revoked and users are notified.
User Notification
In the event of a data breach affecting user data, affected users will be notified by email within 72 hours of the breach being confirmed. Notification will include the nature of the incident, data affected, steps taken, and recommended actions for the user.
Amazon Notification
In accordance with Amazon SP-API requirements, Amazon will be notified of any security incident involving SP-API data within the timeframes required by the SP-API Data Protection Policy. Reports are submitted to security@amazon.com and via the designated Amazon developer support channel within 24 hours of incident confirmation.
Post-Incident Review
Following any significant incident, a root cause analysis is conducted to identify the cause, assess impact, and implement preventive controls to avoid recurrence. Findings are used to update security procedures and controls.
IMPOC — Incident Management Point of Contact
The designated Incident Management Point of Contact (IMPOC) for SellerBlaze is reachable at: support@sellerblaze.com. This contact is available for security incident reporting, Amazon SP-API compliance inquiries, and data breach notifications.
Amazon SP-API Compliance Statement
SellerBlaze accesses Amazon seller data exclusively through the Amazon Selling Partner API (SP-API) under permissions explicitly granted by the authorizing seller via OAuth. All data access is read-only. We comply fully with Amazon's Acceptable Use Policy (AUP) and Data Protection Policy (DPP) for SP-API applications. Data retrieved via SP-API is used solely to provide analytics to the authorizing seller and is never shared with third parties, other sellers, or used for any secondary purpose.
For compliance inquiries or to report a security concern, contact us at: support@sellerblaze.com
Questions about our security practices? Contact us or email support@sellerblaze.com