Privacy Policy

1. Overview

Anata Inc. (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, store, share, and dispose of information—especially Amazon Information including Personally Identifiable Information (“PII”)—in compliance with Amazon’s Acceptable Use Policy, Data Protection Policy, and all applicable laws including GDPR and CCPA.

2. Information We Collect

• PII: Names, phone numbers, addresses, and emails of customers for order fulfillment.
• Account Data: Seller ID, Marketplace ID, and credentials necessary to access Amazon APIs.
• Operational Data: Inventory levels, order information, pricing, ad performance, listing data.
• Usage Data: IP addresses, browser agents, timestamps, and interaction logs for security.

3. Use of Information

• To provide and improve our services including Amazon listing, marketing, fulfillment, A+ content, ad optimization, and reporting tools.
• To facilitate and monitor integrations with Amazon SP-API and other third-party APIs.
• To comply with Amazon’s service requirements, data policies, and legal obligations.
• To respond to client inquiries, support tickets, and service operations securely.

4. Retention and Deletion of Amazon Information

All PII retrieved from Amazon is stored for **no more than 30 days after order delivery**, strictly for operational purposes like shipment tracking and support. After this period, it is deleted using industry-standard NIST 800-88 compliant secure wipe procedures unless otherwise required by law.

5. Information Sharing

We do **not** sell or publicly disclose Amazon Information. We may share limited operational data with authorized third parties such as shipping carriers, subcontractors, and analytics providers—**only under strict NDAs and data protection agreements**, and solely for service delivery purposes.

6. Data Security

• All Amazon Information is encrypted at rest using AES-256 and in transit via TLS 1.2 or higher.
• Access is restricted using fine-grained Role-Based Access Control (RBAC) based on job function.
• Production systems are isolated from test environments.
• We conduct vulnerability scans and penetration testing at least every 180 days.
• Employee activity is logged and monitored for unauthorized data access or anomalies.

7. Device and Endpoint Control

Access to Amazon Information is restricted to managed corporate devices with endpoint detection software. USB ports and external device access are disabled for sensitive systems. We monitor and alert on any suspicious downloads or unauthorized device connections.

8. Testing and Change Management

• PII is never used in test environments.
• All code changes undergo security review, are tested in isolated environments, and follow a formal change management process with designated approvers.

9. Your Rights

You may request to review, correct, or delete your data by emailing us at the contact below. We will verify your request before action and comply within legally required timelines.

10. Cookies

Our site uses cookies for performance and analytics. You may disable cookies in your browser settings.

11. Updates to This Policy

We may update this policy to reflect service or regulatory changes. All updates will be posted here with an updated date. Continued use of our services indicates acceptance of any revised terms.

12. Contact Information

Email: privacy@anatainc.com
Mail: Anata Inc., 1657 N State Street, Lehi, UT 84043

Thank you for trusting Anata Inc. with your data and your business.