Privacy Policy
Effective date: 2026-06-02
Last reviewed: 2026-06-09
Controller: Muttefik LLC (Wyoming, USA)
Contact: legal@muttefik.ai
This policy describes how Müttefik processes personal data, including data obtained through the Amazon Selling Partner API (SP-API). It is written to satisfy Amazon's Data Protection Policy (DPP), the EU GDPR, and the CCPA. Where this document states a control that is "in progress", that control is being implemented and this policy will be updated when it is live.
1. Who we are and what Müttefik does
Müttefik is software that helps Amazon sellers operate their stores — automating customer messaging, order context, sourcing, and fulfillment workflows. We process data on behalf of the sellers who use Müttefik (our customers). For that data we act as a data processor; the seller is the data controller. For our own operator/account data we act as a data controller.
2. Categories of data we process
| Category | Examples | Source | Role |
|---|---|---|---|
| Operator account data | name, email, hashed password, session cookies, role assignments | provided by operators | controller |
| Amazon order data (non-PII) | order ID, status, items/ASIN, totals, dates, marketplace | Amazon SP-API | processor |
| Buyer messages | message content exchanged via Amazon's buyer-seller messaging | seller's connected mailbox | processor |
| Buyer PII (restricted) | buyer name, shipping address, phone, buyer email — only where a fulfillment feature requires it | Amazon SP-API restricted endpoints (RDT) and/or an Amazon-PII-approved data provider | processor |
| Operational secrets | API credentials and remote-access credentials (encrypted at rest) | operators / integrations | controller |
Data minimization is our default. The customer-messaging agent operates without buyer PII — it uses message content + non-PII order context only. Buyer name/address/phone are processed only by fulfillment features that genuinely require them (e.g. generating an outbound shipping label), and only for those orders.
3. Purposes and legal bases (GDPR Art. 6)
- Provide the service (customer messaging, order context, fulfillment) — performance of a contract / legitimate interest of the seller.
- Security, fraud prevention, logging — legitimate interest and legal obligation.
- Account authentication — performance of a contract.
We do not sell personal data and do not use Amazon Information for any purpose other than providing the seller's service, consistent with the Amazon DPP and Acceptable Use Policy.
4. Amazon Information — specific commitments
- We use Amazon order and buyer information solely to provide services to the seller whose account the data belongs to.
- We retain Personally Identifiable Information (PII) only as long as needed to provide the service and in any case delete PII within 30 days of order delivery, unless required by law to retain it.
- We honor Amazon and seller deletion requests within 30 days.
- Buyer PII is never used for marketing, advertising, profiling, or resale.
5. Sub-processors
We share data only with the following categories of sub-processors, each under a data-protection agreement:
| Category | Purpose | Data handled |
|---|---|---|
| Cloud infrastructure provider (EU/US) | Hosting the platform | All hosted data (encrypted in transit; access-controlled) |
| Amazon Selling Partner API | Source of order and buyer data | Data flows from Amazon to us |
| Amazon-PII-approved data provider | Order data and limited buyer details for fulfillment | Order data and buyer details, under the provider's Amazon PII approval |
| Email & productivity provider | Accessing the seller's buyer-message mailbox; transactional email | Buyer message content; operator email |
| AI / language-model provider | AI-assisted response drafting | Message text and non-PII order context (no name or address) |
| Notification service | Operator notifications | Operator contact ID and notification content (no buyer PII) |
| Internal documentation tool | Knowledge-base authoring | No buyer data |
We do not send buyer PII (name, address, phone) to our AI provider; only message text and non-PII order context are used for drafting. A current list of named sub-processors is available on request to legal@muttefik.ai.
6. Security measures
- In transit: TLS 1.2+ on all public endpoints, HSTS enabled.
- At rest: operational secrets encrypted at rest; the database is not publicly exposed. Buyer PII is processed transiently for the relevant fulfillment action and is not persisted by default ("store-nothing"); where any PII is persisted it is encrypted.
- Network: host firewall (default-deny), intrusion prevention, anti-malware, and automatic security updates.
- Access: role-based access control (global admin / per-store membership), modern password hashing, and least-privilege service credentials. Multi-factor authentication and a strong password policy (length/complexity, no reuse of recent passwords, lockout) are enforced on operator accounts.
- Monitoring: application audit and activity logging across the platform.
7. Data subject rights
Individuals may exercise rights of access, rectification, erasure, restriction, portability, and objection. Because we are usually a processor of buyer data, such requests are routed to the relevant seller (controller); we assist the seller in fulfilling them. Requests to us directly: legal@muttefik.ai.
EU/UK data subjects also have the right to lodge a complaint with their local data-protection supervisory authority.
8. International transfers
Data may be processed in the US and EU. Transfers rely on appropriate safeguards (SCCs where applicable).
9. Changes
We will update this policy as controls evolve and post the revised "Last reviewed" date above.
10. Contact
Muttefik LLC — legal@muttefik.ai