SellerSync.pro
SellerSync.pro helps Amazon sellers manage FBA and FBM fulfilment, inventory, order visibility, shipment workflows, and Shopify/Amazon fulfilment sync from one dashboard.
Features
- Amazon FBA inventory sync and low-stock alerts (SP-API: Inventory and Order Tracking).
- Amazon FBM order dashboard and shipment confirmation (SP-API: Orders).
- Amazon ↔ Shopify SKU mapping and stock sync (SP-API: Product Listing).
- Seller-fulfilled / merchant-fulfilled Amazon shipping — SellerSync uses restricted order delivery fields only to create authorised fulfilment tasks for Amazon seller-fulfilled orders and return carrier/tracking confirmation to Amazon. Buyer PII is not used for marketing, CRM, retargeting, or non-Amazon communications.
- Marketplace reports and reconciliation (SP-API: Reports).
- Sales analytics and replenishment forecasting (SP-API: Sales).
- Fee and payout visibility (SP-API: Finance).
Pricing (AUD, monthly)
- Starter — A$39/month: FBA sync, FBM dashboard, basic Amazon ↔ Shopify sync. ~500 orders/mo, ~5,000 SKUs (fair use).
- Growth — A$79/month: FBM → Shopify routing, reports, analytics. ~1,000 orders/mo, ~10,000 SKUs (fair use).
- Pro Unlimited — A$199/month: Forecasting, finance reconciliation, priority support. Unlimited orders, GMV and SKUs.
No commission on sales. No hidden Amazon connection fee. Cancel anytime.
Amazon data use
- SellerSync does not sell Amazon Information.
- SellerSync does not use Amazon customer PII for marketing, retargeting, profiling, review requests, or CRM enrichment.
- SellerSync does not aggregate Amazon data across sellers for resale, benchmarking, or competitive intelligence.
- SellerSync does not request Seller Central usernames, passwords, or access keys — OAuth (Login with Amazon) only.
- Buyer PII deleted within 30 days after order delivery. Non-PII Amazon data ≤ 18 months. Security logs ≥ 12 months.
Operated by Miles Kay Australia LTD, ABN 90 372 903 515, Australia.
SellerSync.pro is an independent software application and is not endorsed by, sponsored by, or affiliated with Amazon.
Support: support@sellersync.pro ·
Privacy / DPO (Jared Sherwood): privacy@sellersync.pro ·
Security incidents: security@sellersync.pro.
Home ·
Features ·
Pricing ·
About ·
Amazon data use ·
Data protection ·
Security ·
Privacy ·
Terms ·
Delete my data ·
Contact
Section: /features
Features & Amazon SP-API role mapping
Each user-facing SellerSync feature, the Amazon SP-API role it requires, and why the access is needed.
| Feature | SP-API role / data | Why |
|---|
| FBA inventory dashboard, low-stock alerts | Inventory and Order Tracking | Show available, inbound, reserved and unfulfillable stock so sellers can replenish before stockouts. |
| Listings and SKU mapping (Amazon ↔ Shopify) | Product Listing — listings, catalog items | Read SKUs, ASINs, titles and images to build accurate cross-channel mappings. |
| FBM order dashboard and exception view | Amazon Fulfillment / Orders — order status, items, fulfilment status | Identify unshipped seller-fulfilled orders so sellers can act inside SLA. |
| FBM → Shopify fulfilment routing | Merchant-Fulfilled Shipping (Restricted PII) — buyer name, shipping address, buyer-anonymised email | SellerSync uses restricted order delivery fields only to create authorised fulfilment tasks for Amazon seller-fulfilled orders and return carrier/tracking confirmation to Amazon. Buyer PII is not used for marketing, CRM, retargeting, profiling, audience building, review solicitation, or non-Amazon communications. Buyer PII is purged within 30 days of order delivery. |
| Shipment confirmation back to Amazon | Amazon Fulfillment — order ID, carrier, tracking | Update the Amazon order with carrier and tracking after dispatch. |
| Marketplace reports and reconciliation | Reports — order, settlement and inventory reports | Operational reporting and reconciliation between Amazon and Shopify sales. |
| Sales analytics and velocity forecasting | Sales — aggregated order metrics | Compute sales velocity, demand forecasting and replenishment guidance for the signed-in merchant only. |
| Fee and payout visibility | Finance — financial events, settlements | Show fulfilment fees, Amazon fees and payout breakdowns alongside Shopify revenue. |
What we never do with Amazon data
- We do not sell, rent, share, or syndicate Amazon seller or buyer data.
- We do not use Amazon Information for advertising, profiling, or competitive analysis.
- We do not use Amazon buyer PII to train AI or large language models.
- We do not retain buyer PII longer than 30 days after order delivery.
Section: /pricing
Pricing
Transparent monthly pricing in Australian dollars. No commission on sales. No hidden Amazon connection fee. Cancel anytime. GST applies for AU merchants where required.
Starter — A$39/month
- Amazon FBA inventory sync and low-stock alerts
- Listings and SKU mapping
- FBM order dashboard
- Shipment confirmation back to Amazon
- Basic Amazon ↔ Shopify SKU and stock sync
- Up to ~500 orders/mo and ~5,000 SKUs (fair use)
- Email support
Growth — A$79/month
- Everything in Starter
- FBM → Shopify fulfilment routing
- Marketplace reports and reconciliation
- Sales analytics dashboard
- Up to ~1,000 orders/mo and ~10,000 SKUs (fair use)
Pro Unlimited — A$199/month
- Everything in Growth
- Forecasting and replenishment guidance
- Finance / payout reconciliation
- Multi-marketplace within one Amazon seller account
- Unlimited orders, GMV and SKUs (fair use: one Amazon seller account + one Shopify store)
- Priority email support
Custom / Enterprise
Multiple Amazon seller accounts, multiple Shopify stores, B2B order flows, or tailored onboarding — request a quote at support@sellersync.pro or via the contact form. Written quote within 2 business days.
Section: /about
About SellerSync.pro
SellerSync.pro is an independent SaaS application for Australian Amazon sellers. It is operated by Miles Kay Australia LTD (ABN 90 372 903 515), registered in Australia.
SellerSync helps merchants manage Amazon FBA and FBM fulfilment, inventory, order visibility, shipment workflows, and Shopify/Amazon fulfilment sync from a single dashboard. It is not endorsed by, sponsored by, or affiliated with Amazon.
Key personnel
Operating entity
Miles Kay Australia LTD · ABN 90 372 903 515 · Registered in Australia.
Section: /data-deletion
Delete my data / revoke Amazon access
Four ways to stop SellerSync from accessing your Amazon or Shopify data and request deletion of any data we hold.
1. Disconnect inside SellerSync
Sign in → Settings → Connections → Disconnect Amazon and/or Disconnect Shopify. Tokens are revoked immediately and buyer PII is purged automatically.
2. Revoke in Seller Central
Seller Central → Apps & Services → Manage Your Apps → SellerSync.pro → Revoke Access.
3. Email request
Email privacy@sellersync.pro or support@sellersync.pro, or use the contact form. We acknowledge within 5 business days and complete deletion within 30 days.
4. What gets deleted
- Amazon LWA refresh and access tokens.
- Shopify access tokens.
- Buyer PII (name, shipping address, buyer-anonymised email).
- Merchant account record and login.
Retention limits in normal operation
- Amazon buyer PII: deleted within 30 days after order delivery.
- Non-PII Amazon data: ≤ 18 months unless law requires otherwise.
- Security and audit logs: ≥ 12 months.
Section: /compliance/amazon-data
Amazon SP-API Data Use
This page describes what Amazon Selling Partner API data SellerSync accesses on behalf of an authorising merchant, why each data type is needed, how buyer PII is protected, and what we never do with Amazon data.
SP-API roles requested
Inventory and Order Tracking · Product Listing · Amazon Fulfillment / Orders · Merchant-Fulfilled Shipping (Restricted PII) · Reports · Sales · Finance.
Restricted PII justification (AUP 4.1)
SellerSync uses restricted order delivery fields (buyer name, shipping address, buyer-anonymised email) only to create authorised fulfilment tasks for Amazon seller-fulfilled orders and return carrier/tracking confirmation to Amazon. Buyer PII is not used for marketing, CRM, retargeting, profiling, review solicitation, or non-Amazon communications. Buyer PII is purged within 30 days of order delivery.
Data minimisation
SellerSync only requests the SP-API roles strictly required to deliver the features listed above. Buyer PII is only retrieved for orders the merchant has chosen to route through SellerSync.
What we never do (AUP)
- We do not sell, rent, or disclose Amazon seller or buyer data to any third party.
- We do not use Amazon customer PII for marketing, retargeting, audience building, profiling, or review growth.
- We do not contact Amazon buyers outside permitted Amazon workflows.
- We do not aggregate one seller's Amazon data with another seller's data for benchmarking, resale, advertising, or competitive intelligence.
- We do not use Amazon Information to build, train or improve a product that competes with Amazon.
- We do not scrape Amazon properties or collect Amazon data outside the authorised SP-API.
- We do not use Amazon data to train AI or large language models.
- We do not request Seller Central usernames, passwords, or access keys — OAuth (Login with Amazon) only.
Subprocessors (AUP 4.6)
- Lovable Cloud (AWS ap-southeast-2 / Sydney) — application hosting, PostgreSQL database, edge functions, authentication.
- Amazon Web Services / SP-API — source of Amazon data.
- Shopify — destination of fulfilment data for the merchant's own store, only for orders the merchant has chosen to route.
Retention
- Buyer PII: deleted within 30 days after order delivery.
- Non-PII Amazon data: ≤ 18 months unless law requires otherwise.
- Security and audit logs: ≥ 12 months.
Seller authorisation and revocation
SellerSync only operates on Amazon data after the merchant has explicitly authorised it through Amazon's OAuth flow from Seller Central. Authorisation can be revoked at any time from Seller Central or from Settings inside SellerSync. See /data-deletion.
Section: /compliance/data-protection
Data Protection Policy
SellerSync handles Amazon Selling Partner data, including buyer PII, in compliance with Amazon's Data Protection Policy (DPP) and Acceptable Use Policy (AUP).
Data we collect
- Amazon order data, listings/inventory, settlement reports, financial events.
- Restricted buyer PII (name, shipping address, buyer-anonymised email) only for orders the merchant chooses to route via SellerSync.
- Merchant data: business name, Amazon seller ID, marketplace ID, Shopify domain, OAuth tokens (encrypted).
Storage & encryption
- AES-256 at rest in PostgreSQL (Lovable Cloud / AWS ap-southeast-2 Sydney).
- TLS 1.2+ in transit.
- SP-API LWA, Shopify, and database/service credentials rotated at least quarterly and immediately on suspected compromise.
Retention
- Buyer PII: deleted within 30 days after order delivery, unless law requires longer.
- Non-PII Amazon data: ≤ 18 months unless law requires otherwise.
- Security and audit logs: ≥ 12 months.
Cross-seller isolation
Per-merchant isolation enforced at the database level via PostgreSQL Row-Level Security. We do not combine one seller's Amazon data with another seller's data.
Authorisation
OAuth (Login with Amazon) only. We never request Seller Central usernames, passwords, or access keys.
Subprocessors
- Lovable Cloud (AWS ap-southeast-2 / Sydney).
- Amazon Web Services / SP-API.
- Shopify (only for merchant-routed fulfilment).
Breach notification
Confirmed security incidents affecting Amazon Information are reported to the merchant and to security@amazon.com within 24 hours of detection.
Personnel & security practices
- Least privilege; MFA required for engineering access.
- Continuous dependency scanning and timely patching.
- Annual independent security review (owner: Jared Sherwood, DPO).
- Documented Incident Response Plan, reviewed annually (owner: Jared Sherwood).
- Audit logging: access to Amazon Information is logged and retained for at least 12 months.
No PII for AI/model training
Buyer PII is never sent to third-party AI providers, used to train models, or processed by large language models.
Section: /compliance/security
Security & Amazon DPP / AUP Control Statements
This page provides labelled answers to each Amazon Data Protection Policy (DPP) and Acceptable Use Policy (AUP) control SellerSync is required to address. Each section states whether the control is already implemented, implemented before production SP-API launch, or not applicable.
AUP 4.6 — Data Sharing
Status: already implemented. SellerSync shares Amazon Information only with: (a) the authorising merchant via the SellerSync UI; (b) Lovable Cloud (AWS ap-southeast-2 Sydney) as hosting/database/edge-function sub-processor; (c) Shopify, only the buyer name, shipping address and line items required to create a fulfilment for an Amazon FBM order the merchant chose to route through their own Shopify store; and (d) Amazon SP-API for shipment confirmation and tracking. No Amazon Information is shared with advertising networks, analytics providers, AI/LLM vendors, data brokers or any other third party.
AUP 4.1 — Restricted Role / PII Justification
Status: already implemented. SellerSync requests the Merchant-Fulfilled Shipping (Restricted PII) role solely so the merchant's own warehouse or 3PL can pick, pack, label, ship, and confirm tracking for Amazon seller-fulfilled orders. SellerSync uses restricted order delivery fields only to create authorised fulfilment tasks for Amazon seller-fulfilled orders and return carrier/tracking confirmation to Amazon. Buyer PII is not used for marketing, CRM, retargeting, profiling, audience building, review solicitation, or any non-Amazon communications, and is purged within 30 days of order delivery.
DPP 1.1 — Network Protection
Status: already implemented. The application is hosted in AWS ap-southeast-2 (Sydney) via Lovable Cloud. The PostgreSQL database sits behind the managed Lovable Cloud / Supabase boundary; there are no publicly exposed database ports. No developer or desktop endpoint stores Amazon Information. All inbound traffic is HTTPS only.
DPP 1.4 — Credential Management
Status: implemented before production SP-API launch. Engineering accounts will require minimum 12-character passwords, MFA, and SSO. SP-API LWA refresh tokens, Shopify access tokens, and database/service credentials are rotated at least quarterly, and immediately on personnel change or suspected compromise. Service credentials are stored in a managed secret store and never committed to source control.
DPP 2.1 — Data Retention, Backups, RTO/RPO
Status: implemented before production SP-API launch. Buyer PII is deleted within 30 days after order delivery. Non-PII Amazon data is retained ≤ 18 months. Security and audit logs are retained for at least 12 months. Before production SP-API launch, SellerSync will maintain encrypted backups in a geographically separated backup location with documented RTO/RPO and quarterly recovery testing. Target recovery objectives: RTO 4 hours, RPO 15 minutes.
DPP 2.2 — Data Governance
Status: already implemented. Public, versioned policies are published at /compliance/data-protection, /compliance/amazon-data, /compliance/privacy, and this page. Policies are reviewed at least annually by the Data Protection Officer (Jared Sherwood).
DPP 2.3 — Asset Management / Personal Devices
Status: implemented before production SP-API launch. Amazon Information is never stored on personal devices. Before production SP-API launch, production access will be restricted to managed engineering workstations only, USB mass storage will be disabled, SSO + MFA will be enforced, and unusual access patterns will generate alerts to Jared Sherwood.
DPP 2.4 — Encryption at Rest / Key Management
Status: already implemented. AES-256 at the managed-storage layer for PostgreSQL data and backups, provided by Lovable Cloud's managed infrastructure. Underlying key management and rotation are handled by the managed cloud provider. TLS 1.2+ in transit (RSA-2048 / ECDSA P-256). Application-layer credentials (LWA, Shopify, DB) are rotated at least quarterly.
DPP 2.5 — Secure Coding / PII in Testing
Status: already implemented. Real Amazon buyer PII is never used in development, QA, or staging environments. Test workflows use synthetic or sanitised datasets only. Code review is required for all changes touching Amazon Information.
DPP 2.6 — Logging and Monitoring
Status: implemented before production SP-API launch. Access to Amazon Information is logged and retained for at least 12 months. Logs are reviewed using automated alerting and bi-weekly manual review. Anomalous access patterns alert the Incident Management Point of Contact (Jared Sherwood, security@sellersync.pro). A documented incident investigation workflow is followed for any suspected event.
DPP 2.7 — Vulnerability Management / Remediation Tracking
Status: implemented before production SP-API launch. Dependency scanning (npm audit and the Lovable security scanner) is run regularly, and continuous scanning will be in place before production SP-API launch. Remediation SLAs by severity: Critical within 7 days, High within 30 days, Medium within three months. An independent security review will be performed annually and tracked to closure.
DPP 2.7 — Runtime and Development Lifecycle Remediation
Status: implemented before production SP-API launch. Runtime alerts feed into the same remediation tracker as build-time scanner findings. Before production SP-API launch, production deploys will go through CI with dependency and lint checks; failed checks will block the deploy. Hotfix path documented and owned by Jared Sherwood.
Architecture review evidence
SellerSync maintains evidence for Amazon architecture review, including SP-API data-flow diagrams, subprocessor list, retention/deletion workflow, incident response procedure, vulnerability remediation tracker, access review records, and backup restore test records.
Incident contacts
Section: /compliance/privacy
Privacy Policy
SellerSync is software for Australian Amazon sellers operated by Miles Kay Australia LTD (ABN 90 372 903 515). This policy covers Amazon-data and merchant-data collection, use, sharing, retention, deletion, subprocessors, and seller revocation.
Information we collect
- Account info: email, business name, password hash.
- Connected platform credentials: Amazon LWA tokens, Shopify access tokens (encrypted).
- Order, inventory and listing data fetched from Amazon and Shopify on the merchant's behalf.
- Operational logs.
How we use it
Solely to operate the service: sync inventory, route orders, surface errors, provide analytics to the signed-in merchant. We do not sell data, share it with advertisers, or use it for marketing.
Sharing
We share data only with the platforms the merchant has connected (Amazon, Shopify) and our hosting subprocessor (Lovable Cloud / AWS ap-southeast-2).
Retention
- Amazon buyer PII: deleted within 30 days after order delivery.
- Non-PII Amazon data: ≤ 18 months unless law requires otherwise.
- Security and audit logs: ≥ 12 months.
Your rights / revocation
You can disconnect Amazon and Shopify inside the app, revoke authorisation in Seller Central, or email privacy@sellersync.pro. See /data-deletion for the full workflow.
Section: /compliance/terms
Terms of Service
By using SellerSync.pro you agree to these terms. SellerSync.pro is operated by Miles Kay Australia LTD (ABN 90 372 903 515), Australia.
Use of the service
- You must hold an active, in-good-standing Amazon Seller Central account to connect Amazon data.
- You must use SellerSync only for your own authorised business operations.
- You must not attempt to access another merchant's data, reverse engineer the service, or scrape Amazon properties through SellerSync.
Amazon and Shopify data
Amazon Information is processed under our Data Protection Policy and Amazon SP-API Data Use. You authorise SellerSync via OAuth and may revoke at any time.
Pricing and cancellation
Prices on /pricing are in AUD and may change with 30 days' notice. You can cancel any time inside the app.
Disclaimer
SellerSync.pro is independent software and is not endorsed by, sponsored by, or affiliated with Amazon.
Operated by Miles Kay Australia LTD, ABN 90 372 903 515, Australia.
SellerSync.pro is an independent software application and is not endorsed by, sponsored by, or affiliated with Amazon.
Support: support@sellersync.pro ·
Privacy / DPO (Jared Sherwood): privacy@sellersync.pro ·
Security incidents: security@sellersync.pro.
Home ·
Features ·
Pricing ·
About ·
Amazon data use ·
Data protection ·
Security ·
Privacy ·
Terms ·
Delete my data ·
Contact