Amazon Policy

OOFAY ERP Function Introduction:

1. Safe product editing function, product library entry once, can be uploaded to multiple sites.
2. Convenient for the boss to manage employees, with one-to-one secure and seamless management ports and you can see the workload of employees in real time.
3. Through ERP, you can publish directly to the Amazon backstage through the interface, which greatly reduces the cost of manpower training and time.
4. Automatic batch update and price adjustment of prices can easily cope with Amazon's off-peak season.
5. One-click calculation of freight. Through big data analysis, you only need to fill in the weight and volume and you can easily calculate the international freight of the product.
6. One-click translation function, the software is embedded with Google and Microsoft translators, which can increase the work efficiency and lower the work threshold while improving the accuracy.
7. Profit accounting, the sales profit rate can be calculated intuitively and quickly through the software's own data statistics function.
8. Freight monitoring, customers can recharge their freight to erp to see the deduction details of their freight in real time.
9. Logistics tracking, you can track the tracking number of the order that has been shipped in time.
10. Customer service system to assist customers in managing mail locally. Reduced personnel management costs.
11. If you have obtained permission, you can click to download ERP: click to download

System Authorization And Use:

1. If you need to use the ERP system, we will assign you an account and password and add your network IP to the whitelist before it can be used normally.
2. Customers use the developer ID provided by us to apply for an authorization token and then bind it to the ERP to manage inventory and orders.
3. ERP can only download the order data of the last 30 days. Our data will not be shared elsewhere and can only be viewed on the ERP provided by us.
4. You can easily make a product on ERP and you can upload the product to Amazon for sale.
5. Our system can be translated into multiple languages: English, French, German, Italian, Spanish, Japanese, Swedish, Arabic, etc.

Data Protection Policy

The Data Protection Policy ("DPP") governs the treatment (e.g., receipt, storage, usage, transfer and disposition) of the data vended and retrieved through the Selling Partner APIs (including the Marketplace Web Service APIs). This Policy supplements the Amazon Selling Partner Developer Agreement and the Acceptable Use Policy. Failure to comply may result in suspension or termination of Selling Partner API access.


"Application" means a software application or website that interfaces with the Selling Partner APIs.

"Amazon Information" means any information that is exposed by Amazon through the Selling Partner APIs, Seller Central or Amazon's public-facing websites. This data can be public or non-public, including Personally Identifiable Information about Amazon customers.

"Customer" means any person or entity who has purchased items or services from Amazon's public-facing websites.

"Developer" means any person or entity (including you, if applicable) that uses the Selling Partner APIs for the purpose of integrating or enhancing a third-party Selling Partner's systems with the features and functionality permitted by Amazon to be accessed through the Selling Partner APIs.

"Personally Identifiable Information" ("PII") means information that can be used on its own or with other information to identify, contact or locate an individual (e.g., Customer or Selling Partner or to identify an individual in context. This includes, but is not limited to, a Customer or Selling Partner's name, address, e-mail address, phone number, gift message content, survey responses, payment details, purchases, cookies, digital fingerprint (e.g., browser, user device), IP Address, geo-location or Internet-connected device product identifier.

"Security Incident" means any actual or suspected unauthorized access, collection, acquisition, use, transmission, disclosure, corruption or loss of Amazon Information or breach of any environment (i) containing Amazon Information or (ii) managed by a Developer with controls substantially similar to those protecting Amazon Information.

"Seller" means any person or entity (including you, if applicable) selling on Amazon's public-facing websites.

"Selling Partner" means any person or entity (including you, if applicable) that is participating in one or more of the Amazon Selling Partner Services.

"Selling Partner APIs" means any application programming interface (API) offered by Amazon for the purpose of helping Amazon sellers to programmatically exchange data including but not limited to, listings orders, payments and reports..

"Selling Partner Services" means services provided or operated by Amazon that allow, enable or assist a party to sell goods or services either to Amazon or in Amazon’s online or offline stores.

General Security Requirements

Consistent with industry-leading security standards and other requirements specified by Amazon based on the classification and sensitivity of Amazon Information, Developers will maintain physical, administrative and technical safeguards and other security measures (i) to maintain the security and confidentiality of Amazon Information accessed, collected, used, stored or transmitted by a Developer and (ii) to protect that information from known or reasonably anticipated threats or hazards to its security and integrity, accidental loss, alteration, disclosure and all other unlawful forms of processing. Without limitation, the Developer will comply with the following requirements:

  1. Network Protection. Developers must implement network protection controls (e.g., AWS VPC subnet/Security Groups, network firewalls) to deny access to unauthorized IP addresses and public access must be restricted only to approved users.
  2. Access Management. Developers must assign a unique ID to each person with computer access to Amazon Information. Developers must not create or use generic, shared or default login credentials or user accounts. Developers must implement baselining mechanisms to ensure that at all times only the required user accounts access Amazon Information. Developers must review the list of people and services with access to Amazon Information on a regular basis (at least quarterly and remove accounts that no longer require access. Developers must restrict developer employees from storing Amazon data on personal devices. Developers will maintain and enforce "account lockout" by detecting anomalous usage patterns and log-in attempts and disabling accounts with access to Amazon Information as needed.
  3. Encryption in Transit. Developers must encrypt all Amazon Information in transit (e.g., when the data traverses a network or is otherwise sent between hosts. This can be accomplished using HTTP over TLS (HTTPS). Developers must enforce this security control on all applicable external endpoints used by customers as well as internal communication channels (e.g., data propagation channels among storage layer nodes, connections to external dependencies and operational tooling. Developers must disable communication channels which do not provide encryption in transit even if unused (e.g., removing the related dead code, configuring dependencies only with encrypted channels and restricting access credentials to use of encrypted channels). Developers must use data message-level encryption (e.g., using AWS Encryption SDK) where channel encryption (e.g., using TLS) terminates in untrusted multi-tenant hardware (e.g., untrusted proxies).
  4. Incident Response Plan. Developers must create and maintain a plan and or runbook to detect and handle Security Incidents. Such plans must identify the incident response roles and responsibilities, define incident types that may impact Amazon, define incident response procedures for defined incident types and define an escalation path and procedures to escalate Security Incidents to Amazon. Developers must review and verify the plan every six (6) months and after any major infrastructure or system change. Developers must investigate each Security Incident and document the incident description, remediation actions and associated corrective process/system controls implemented to prevent future recurrence (if applicable). Developers must maintain the chain of custody for all evidences or records collected and such documentation must be made available to Amazon on request (if applicable).

    Developers must inform Amazon (via email to within 24 hours of detecting any Security Incidents. Developers cannot notify any regulatory authority, nor any customer, on behalf of Amazon unless Amazon specifically requests in writing that the Developer do so. Amazon reserves the right to review and approve the form and content of any notification before it is provided to any party, unless such notification is required by law, in which case Amazon reserves the right to review the form and content of any notification before it is provided to any party. Developers must inform Amazon within 24 hours when their data is being sought in response to legal process or by applicable law.

  5. Request for Deletion or Return. Developers must promptly (but within no more than 72 hours after Amazon's request), permanently and securely delete (in accordance with industry-standard sanitization processes, e.g., NIST or return Amazon Information upon and in accordance with Amazon's notice requiring deletion and or return. Developers must also permanently and securely delete all live (online or network accessible) instances of Amazon Information within 90 days after Amazon's notice. If requested by Amazon, the Developer will certify in writing that all Amazon Information has been securely destroyed.

Additional Security Requirements Specific to Personally Identifiable Information

Copyright®1999-2016 All rights reserved. | 粤ICP备18111330号