Last updated: 7 October 2025
Contact: security@tech-magnet.com

Data Scope

Tech-Magnet applications request only the minimum Amazon SP-API permissions required for order and fulfillment operations. PII is masked on screens where not needed.

Transport & Storage

• TLS 1.2 + for all API and web traffic
  • AES-256 encryption at rest for databases and backups
  • Encryption keys managed via Azure Key Vault
  • Primary hosting region: Azure US East 2 (Virginia)

Access Controls

• Role-based least-privilege access
  • MFA required for administrators and developers
  • All privileged actions audited and logged

Monitoring & Logs

• Centralized logging via Azure Monitor and Log Analytics
  • Alerts for unusual PII access patterns
  • PII masked or hashed in logs

Retention & Deletion

• Automatic PII purge after 12 months (unless law requires longer)
  • Encrypted backups with Azure lifecycle policies
  • Quarterly restore tests for disaster recovery

Incident Response

We maintain documented procedures for detection, containment, remediation, and notification in accordance with U.S. data-breach laws and Amazon SP-API policies.

Third-Party Services

Only Microsoft Azure platform services are used for processing and storage of Amazon SP-API data.

Data Residency

All primary processing and storage occur within Microsoft Azure U.S. regions (US East 2 and Central US) with redundant geo-replication for availability.