Drop Ship Flows Privacy & Data Handling Policy

1) Purpose and scope

This policy explains how Drop Ship Flows (“we,” “our,” or “the Service”) collects, processes, stores, uses, shares, and disposes of data received from connected commerce platforms when a customer authorizes our application. This includes data accessed through Selling Partner APIs (SP-API) and other authorized integrations.

At this time, our platform is intended for United States (US) operations only.

2) Definitions

  • Authorized User / Customer: The business user who connects a commerce account and authorizes our access.

  • Connected Platform Data: Data retrieved via authorized APIs/webhooks from connected marketplaces, stores, carriers, and suppliers.

  • PII: Personally Identifiable Information about an end customer (e.g., name, shipping address, phone/email where required for delivery).

  • Restricted PII: Sensitive PII used solely to fulfill and ship orders (e.g., ship-to address and delivery contact details).

3) How data is collected

We collect Connected Platform Data only when an Authorized User explicitly authorizes our application (e.g., OAuth authorization, API keys, or approved integration methods). We do not purchase end-customer data or obtain it from third-party brokers.

4) What data we collect

Depending on the Authorized User’s enabled features and connected services, we may collect and process:

  • Order data: order identifiers, line items, SKUs, quantities, status, timestamps.

  • Shipping details (Restricted PII): end-customer ship-to name/address and delivery contact fields (phone/email) when required for carrier delivery.

  • Shipment and tracking data: carrier, service level, tracking numbers, shipment events and dates.

  • Inventory and product mapping data: SKU identifiers, product relationships, inventory availability, routing attributes needed for fulfillment.

  • Operational and security logs: logs needed for security, auditing, reliability, and troubleshooting.

5) How data is used (processing purposes)

We use Connected Platform Data only to provide services to the Authorized User, including:

  • Order retrieval and processing for merchant-fulfilled orders.

  • Order routing to the Authorized User’s configured supplier/warehouse based on their rules (e.g., single-ship preference, proximity/region, supplier priority).

  • Shipment confirmation & tracking updates back to the connected platform.

  • Inventory synchronization (supplier availability → safety stock/floors → connected-channel inventory updates).

  • SKU/listing reconciliation to map channel SKUs to supplier SKUs.

  • Reporting and dashboards (fill rate, cancellations, inventory health, routing outcomes).

  • Customer support and troubleshooting requested by the Authorized User.

We do not use end-customer data for marketing, advertising, solicitation, or resale.

6) How data is stored (at rest)

Connected Platform Data is stored in our production systems hosted on Replit (application runtime and managed database services).

  • Data is protected with encryption at rest provided by the underlying hosting/database platform (AES-256 or better where available).

  • Sensitive credentials (OAuth secrets, refresh tokens, API keys, DB credentials) are stored in encrypted secrets management (environment secrets) and are not hard-coded into source code.

7) How data is protected (in transit + access controls)

  • Encryption in transit: We use TLS (HTTPS) for data transmitted between our services, connected platforms, and users.

  • Least privilege: Access to PII is restricted through role-based access control (RBAC) and least-privilege permissions.

  • Unique accounts + MFA: Staff access is limited to individually identified accounts with MFA, with no shared credentials.

  • Audit logging: We maintain audit logs for privileged actions and access to Restricted PII.

  • Monitoring: We monitor for suspicious activity (e.g., unusual access patterns, repeated failed logins, abnormal volume of records viewed).

8) How data is shared

We share Connected Platform Data only as necessary to provide the Service to the Authorized User:

A) Authorized User’s designated fulfillment providers (suppliers/warehouses)
If the Authorized User enables supplier-fulfilled routing, we share the minimum necessary data required to fulfill the order (items, quantities, ship-to information, and required delivery contact fields).

B) Sub-processors (infrastructure providers)
We use service providers to host and operate the application (e.g., hosting, managed databases, monitoring). These providers may process data only as needed to provide their services and are not permitted to use it for their own purposes.

We do not share end-customer data for marketing, analytics resale, or unrelated third-party use.

9) Data retention and disposal

We retain Connected Platform Data only as long as necessary to provide the Service and meet legal obligations.

Restricted PII (ship-to address and delivery contact fields):

  • We automatically delete Restricted PII within 21 days after shipment confirmation (unless a specific support case requires temporary retention to resolve an issue).

  • We retain only non-PII operational records needed for reconciliation and reporting.

Non-PII operational data:

  • We retain non-PII operational records only as needed for reliability, reconciliation, reporting, and audit support, and delete or de-identify within a commercially reasonable timeframe (generally no more than 18 months, unless longer retention is required by law).

Disposal:

  • Data is disposed of using secure deletion methods supported by our platforms and processes. Where backups exist, deletion occurs through standard retention expiration and secure storage controls.

10) Incident response

We maintain an incident response plan covering unauthorized access, database compromise, and data leakage, including detection and triage, containment, investigation, remediation, recovery, evidence preservation, and notification procedures. When data from a connected platform is involved, we notify the relevant platform and affected customers in accordance with contractual and legal requirements.

11) Requests and data rights

Authorized Users may request access, correction, export, or deletion of their account data consistent with applicable law and platform requirements. For end-customer data requests, we assist the Authorized User as required and route requests to the appropriate party when necessary.

12) Changes to this policy

We may update this policy to reflect changes in our services, security practices, or legal requirements. The “Last Updated” date will reflect the latest revision.

13) Contact

For privacy, data handling, or security questions, contact:
Incident Management Point of Contact (IMPOC): williams@dsflows.com

Effective Date: 1/1/2026
Last Updated: 2/6/2026