Qorlo Data Protection Policy

Last updated: 17 May 2026

This policy describes how Qorlo protects seller and Amazon Information used for authorized ecommerce operations workflows.

Purpose Limitation

Amazon Information is used only for seller-authorized operational purposes such as order visibility, fulfillment workflows, shipment tracking, support context, account health, and troubleshooting.

Data Minimization

Qorlo requests and stores only the information needed for approved workflows. Additional Amazon roles or restricted data access should be requested only when the product feature requires it.

Restricted Data And PII

Where buyer personal information or restricted data is available, Qorlo limits access to approved workflows, authorized users, and service operations. Qorlo does not delegate access to buyer PII to another developer's application unless a separate approved process and authorization allow it.

Buyer Communication

Where buyer messages or support case context is available through approved roles, Qorlo may organize context and help sellers prepare replies. Sellers remain responsible for reviewing and sending customer-facing communication.

Processors And Infrastructure

Qorlo may use infrastructure providers for hosting, databases, backups, logging, and monitoring. These providers process information only as needed to operate and protect the service.

Overseas Processing And Accountability

Where personal information is disclosed to an overseas recipient, Qorlo aims to take reasonable steps appropriate to the circumstances so that the recipient handles the information consistently with applicable privacy and confidentiality obligations.

Deletion And Revocation

Sellers may disconnect marketplace accounts. When a connection is removed, Qorlo should stop future synchronization for that account and remove or rotate stored authorization credentials where operationally feasible.

Backups And Logs

Backups and logs are used for resilience, troubleshooting, security, and auditability. Access should be restricted, and retained records should be deleted or de-identified when no longer needed and when deletion is operationally feasible.

De-Identification

Where detailed personal information is not needed for operational, legal, security, or audit purposes, Qorlo should prefer deletion, de-identification, aggregation, or minimization.

No Sale Of Data

Qorlo does not sell Amazon Information, does not use Amazon Information for third-party advertising, and does not disclose Amazon Information for unrelated commercial purposes.

Contact

Questions or security notices can be sent to silvergoldteq@gmail.com.