Data Protection

Marketplace buyer PII is used only for fulfillment.

elsOps protects restricted marketplace data and removes buyer PII after shipment workflows are complete.

Last updated: July 7, 2026

Purpose

This Data Protection Policy explains how elsOps handles restricted marketplace data, including Amazon buyer PII and other customer order information received through connected sales channels.

Permitted use of buyer PII

elsOps uses buyer PII only to support the specific commerce operation for which it was provided: importing orders, preparing pick lists, packing shipments, purchasing or creating shipping labels, uploading tracking, confirming delivery workflow status, handling related customer support, preventing fraud, maintaining security, and complying with legal or marketplace requirements.

elsOps does not sell buyer PII, rent buyer PII, disclose buyer PII for advertising, use buyer PII for unrelated marketing, or use buyer PII to train artificial intelligence or machine learning models.

Data elements

Buyer PII may include buyer name, recipient name, shipping address, billing or delivery contact details, phone number, email address, gift message, delivery instructions, and other data that can identify or contact a buyer. Non-PII operational data may include order IDs, marketplace references, SKUs, quantities, prices, tax or fee totals, fulfillment status, timestamps, and tracking numbers.

Access control

Buyer PII is available only to authorized company users and service processes that need access to complete fulfillment or support the related order. elsOps applies company-level data separation, authenticated access, role-aware permissions, and operational logging. Administrative access is limited to personnel who need it for support, security, compliance, or incident response.

Storage and transmission

elsOps protects marketplace data using encrypted transport, protected credentials, controlled application access, and database-backed application controls. Channel tokens and credentials are handled only for authorized connection and sync workflows.

GDPR roles and processing

For marketplace buyer PII and order data, elsOps generally acts as a processor acting on behalf of the customer or marketplace seller that controls the data. For account administration, billing, security monitoring, support, and website interactions, elsOps may act as a controller under the General Data Protection Regulation and similar privacy laws.

elsOps processes personal data only under documented customer instructions, applicable marketplace requirements, legal obligations, or other valid lawful bases. Customers are responsible for ensuring they have the required authority to connect marketplace accounts and process order data through the service.

Initial supported regions

elsOps' initial policy coverage is designed for North America: the United States, Canada, and Mexico. We apply a common baseline of data minimization, purpose limitation, security safeguards, access control, retention limits, and deletion or masking of buyer PII after shipment, then apply regional rights and notices where required. The United Kingdom, Germany, and other countries may be added later.

GDPR data subject requests

elsOps supports reasonable requests to access, correct, delete, restrict, export, or object to processing of personal data where required by GDPR or similar laws. Requests involving buyer PII may need to be routed through the customer or marketplace seller that controls the order relationship.

Deletion requests are handled consistently with the shipment-based PII deletion policy. elsOps may retain limited data where needed for legal obligations, tax, audit, marketplace compliance, fraud prevention, chargebacks, security, or an active support case.

Deletion after shipping

Buyer PII is deleted or irreversibly masked after the shipment is completed and tracking has been uploaded or confirmed. If a legal obligation, marketplace requirement, fraud review, chargeback, tax requirement, audit need, or active support case requires temporary retention, elsOps limits retention to the minimum data and time needed for that purpose.

After PII removal, elsOps may retain non-PII operational records needed for inventory history, order reconciliation, operational usage tracking, accounting, analytics, troubleshooting, and compliance.

Backups and logs

Backups and logs are protected from unauthorized access. Where buyer PII appears in backups or operational logs, access is restricted and the data is removed through normal backup rotation or targeted remediation where practical. Application logs should avoid storing buyer PII unless required for a temporary support or security investigation.

Incident response

If elsOps identifies unauthorized access, disclosure, loss, or misuse of buyer PII, we investigate, contain the issue, preserve relevant evidence, notify affected customers and marketplaces as required, and take corrective action to reduce recurrence.

Subprocessors and service providers

elsOps may use trusted service providers for hosting, infrastructure, email, monitoring, shipping, payment, or support operations. Service providers may access buyer PII only when necessary to provide the service and must protect it under appropriate confidentiality and security obligations.

International data transfers

Where GDPR or similar laws require transfer safeguards, elsOps uses appropriate contractual, technical, and organizational protections for cross-border processing, including customer instructions and service provider commitments.

Contact

Questions about data protection, GDPR requests, or buyer PII deletion can be sent to support@elsops.com.