Privacy Policy
1. Introduction
OnePatch (“we”, “us”, “our”) provides software that enables online merchants to manage inventory, orders, fulfilment and post-purchase operations across multiple sales channels.
We are committed to protecting personal data and handling information in accordance with applicable privacy and data protection laws, including the GDPR where applicable.
This policy explains how information is collected, processed, stored, shared and disposed of when using our services or visiting our websites.
2. Our Role
When providing our platform to merchants, OnePatch acts primarily as a data processor.
Merchants (including sellers using marketplaces such as Amazon) are the data controllers.
We process information strictly under their instruction and solely to provide the contracted services.
We do not own marketplace buyer data.
3. Information We Collect
a) From merchants (our customers)
Business contact details, account credentials, billing information, configuration preferences.
b) From marketplace integrations
Order and fulfilment information required to execute transactions, which may include buyer name, delivery address and contact details.
c) From website visitors
Standard analytics, cookies and enquiry details.
4. How We Use Information
We use information only to operate and improve the service provided to merchants, including:
-
synchronising inventory
-
retrieving and managing orders
-
enabling shipment creation
-
supporting returns and refunds
-
facilitating authorised buyer-seller communications
Marketplace data is never used for advertising, profiling, enrichment or resale.
5. Special Notice Regarding Amazon Data
Where OnePatch receives information through the Selling Partner API:
-
we act solely under the seller’s authorisation
-
we access only the minimum data required
-
the purpose is limited to fulfilment and post-order support
-
data is not used for analytics, marketing or independent commercial purposes
If a seller disconnects our application, access to further Amazon information immediately stops.
6. Data Minimisation
Our systems are designed to request and retain only the information necessary to perform seller-authorised operations.
7. Data Retention
Personally identifiable information obtained for order processing is retained only as long as necessary to:
-
complete shipments
-
manage returns
-
resolve disputes
-
provide post-purchase support
Data is typically removed or anonymised within 31–90 days after shipment, unless a longer period is required by law.
We do not retain data for secondary usage.
8. Security Measures
We employ multiple safeguards to protect information, including:
-
encryption in transit and at rest
-
network firewalls and traffic restrictions
-
private infrastructure for databases
-
role-based access controls
-
authentication requirements
-
logging and monitoring of system activity
Access is limited to authorised personnel with a legitimate operational need.
9. Employee Access Control
Each team member is assigned unique credentials.
Permissions are granted according to job responsibility and may be revoked immediately if duties change or misuse is suspected.
Shared accounts are not permitted.
10. Sub-Processors
We may rely on trusted service providers to operate our infrastructure (such as hosting, storage, monitoring or communication services).
These providers process information only under contractual obligations, with appropriate security protections, and may not use the data for their own purposes.
We do not sell personal data.
11. International Transfers
Where data is transferred across borders, we ensure appropriate legal safeguards are in place.
12. Your Rights
Depending on jurisdiction, individuals may have rights to access, correct or request deletion of personal information.
Because we act as a processor, such requests are typically handled by the merchant acting as controller.
13. Incident Response
We maintain procedures to detect, investigate and respond to security events.
Where required, merchants will be notified in accordance with legal and contractual obligations.
14. Cookies & Website Tracking
Our website may use cookies and analytics tools to improve functionality and understand usage.
This does not affect marketplace buyer data processed on behalf of merchants.
15. Changes to This Policy
We may update this policy from time to time.
Material changes will be posted on this page.
16. Contact
For privacy questions, contact:
support@onepatch.com
