Privacy Policy

01 Information We Collect

We collect information necessary to provide Amazon advertising management services to our clients. This includes:

Account Information

• Amazon seller account identifiers and profile IDs
• Business name, contact information, and address
• Email addresses used for account registration and communication
• Authentication credentials (OAuth tokens) for API access — not passwords

Advertising Data

• Campaign names, settings, and performance metrics
• Ad group configurations and keyword lists
• Bid amounts, budgets, and targeting parameters
• Impressions, clicks, spend, and conversion data
• Search term reports and placement data

Technical Data

• API request and response logs
• System access timestamps and IP addresses
• Error logs and diagnostic information

02 How We Use Your Information

We use the collected information exclusively for the following purposes:

• Service Delivery: To manage and optimize your Amazon advertising campaigns on your behalf
• Performance Analysis: To analyze campaign performance and provide actionable insights
• Automated Optimization: To execute bid adjustments, budget changes, and targeting modifications per your instructions
• Reporting: To generate weekly and monthly performance reports for your review
• Communication: To contact you regarding your account, service updates, or required actions
• Technical Operations: To maintain, secure, and improve our systems and services
• Compliance: To comply with Amazon's API terms of service and applicable laws

We do not use your advertising data for any purpose other than managing your Amazon advertising campaigns.

Prohibited Uses of Amazon Data

In addition to the permitted uses above, the following uses of Amazon advertising data are strictly prohibited in accordance with the Amazon Advertising Partner Network Policy:

• No unlawful or discriminatory use (§4.1): Amazon data will not be processed, transmitted, or used for any unlawful or discriminatory purpose, including models or algorithms that perpetuate harmful bias, or unethical surveillance or tracking of individuals or groups.
• No combination with third-party data (§4.9): Amazon advertising data will not be combined, merged, or cross-referenced with any third-party data source without Amazon's prior explicit written approval.
• No interest-based advertising (§4.6): Audience data or any other Amazon advertising data will not be used for interest-based advertising, behavioral retargeting, or any other form of unauthorized interest-based messaging without the end user's explicit consent.
• No re-identification (§4.4): We will not attempt to re-identify, reverse-engineer, or reconstruct any anonymized or aggregated Amazon data to identify individuals.
• No unauthorized aggregation or publication (§4.3): Amazon data will not be placed on public websites, search engines, or aggregated commercially in any form beyond the agreed service scope.
• No distribution or syndication (§4.12): We will not distribute, syndicate, or republish Amazon advertising data, products, services, or data feeds to any third party.
• No manipulation of data integrity (§4.16): We will not take any action designed to alter, manipulate, misrepresent, or undermine the integrity, security, or intended operation of Amazon advertising or any Amazon data, including through technical manipulation to conceal, mislead, or deceive.
• No false or misleading statements (§4.15): We will not make any false, misleading, or disparaging statements about Amazon Advertising or Amazon.com, Inc. in any public communication, client material, marketing collateral, or other context. All descriptions of our integration with Amazon Advertising are accurate and truthful.

Internal Access Controls

Access to Amazon advertising data within our organization is restricted on a strict need-to-know basis (Amazon Partner Network Policy, §4.8). Amazon data is disclosed only to employees, contractors, or personnel who require access solely for the purpose of performing the approved Amazon Advertising API integration and related services. All such personnel are subject to confidentiality obligations.

Developer Credentials

Our Amazon Advertising API developer credentials (including Client ID, Client Secret, and related access tokens) are treated as strictly confidential (Amazon Partner Network Policy, §5.2). We do not share or disclose our developer credentials to any third party, except to approved service providers operating under written confidentiality agreements solely for the purpose of maintaining our Amazon Advertising integration.

Compliance Cooperation

We will cooperate reasonably with Amazon's requests to demonstrate compliance and will provide relevant compliance records for security audits as required under the Amazon Partner Network Policy (§4 Usage Guidelines, §6.2). In the event Amazon investigates unauthorized access or policy violations, we will provide requested records and information promptly.

03 Amazon Advertising API Data

Our services integrate with the Amazon Advertising API. When you authorize our application, we access the following data on your behalf:

• Advertising account profiles associated with your Amazon account
• Campaign, ad group, keyword, and product targeting data
• Performance reports including spend, impressions, clicks, and sales
• Search term and placement performance data

Your authorization can be revoked at any time through your Amazon account settings. Upon revocation, we will cease accessing your advertising data and will delete stored credentials within 30 days.

04 Data Sharing and Disclosure

We do not sell, license, sublicense, rent, lend, or trade your personal information or Amazon advertising data to any third party. We may share information only in the following limited circumstances:

• Service Providers: Amazon-approved third-party service providers who assist in delivering our services (e.g., cloud hosting infrastructure), strictly bound by written confidentiality agreements and authorized solely to support the operation of our Amazon Advertising integration (Amazon Partner Network Policy, §4.7)
• Legal Requirements: When required by law, court order, or governmental authority
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with prior notice to affected clients
• With Your Consent: In any other circumstances where you have provided explicit consent

05 Data Security

We implement industry-standard security measures to protect your information:

• AES-256 encryption for stored credentials and sensitive data
• TLS/SSL encryption for all data transmission
• Access controls and authentication requirements for all staff
• Regular security audits and vulnerability assessments
• Secure key management practices for API credentials
• Isolated data storage with no cross-client data access
• Need-to-know access controls: Amazon data is accessible only to personnel who require it for the approved service integration
• Confidentiality obligations for all staff and contractors handling Amazon data

While we take extensive precautions, no security system is impenetrable. We maintain a documented, publicly accessible incident response process as required by Amazon's Partner Network Policy (Section 3.2):

• Detection & Containment (within 24 hours): Upon identifying an actual or suspected security incident involving Amazon data, we will immediately isolate affected systems and revoke any potentially compromised access credentials.
• Assessment (within 48 hours): We will assess the scope, nature, and impact of the incident and determine whether Amazon data or client advertising data has been accessed or exposed.
• Notification (within 72 hours): We will notify affected clients and, where required, Amazon, within 72 hours of confirming an incident. Notification will include: the nature of the incident, data categories affected, estimated scope, and steps taken.
• Remediation & Review: We will remediate the root cause, implement additional controls, and provide a written post-incident summary upon request.

To report a security vulnerability or suspected incident, contact us at ads@meigouwenhua.com with "Security" in the subject line. We will acknowledge all security reports within 48 hours.

06 Data Retention

We retain your data for the following periods:

• Active accounts: Amazon advertising data is stored only to the extent necessary to deliver the agreed services efficiently. We do not retain Amazon data beyond what is required for active service delivery (Amazon Partner Network Policy, §4.5).
• After service termination: Account data is deleted within 90 days
• API credentials: OAuth tokens are deleted within 30 days of authorization revocation
• Performance reports: Raw advertising data retrieved from the Amazon Advertising API is deleted upon service termination within the timeframes above. Aggregated, de-identified summary statistics derived from such data (e.g., monthly spend totals with no Amazon-sourced identifiers) may be retained for internal service improvement purposes only, consistent with Amazon's Data Protection Policy.
• Amazon-directed deletion: Upon receipt of a request from Amazon to delete Amazon data, we will immediately cease all use of and permanently delete the specified Amazon data, regardless of our standard retention schedules. This obligation applies even during an active service engagement (Amazon Partner Network Policy, §4 Usage Guidelines).
• Legal obligations: Certain data may be retained longer if required by applicable law; in such cases we will use the data only as legally required and delete it permanently once the legal obligation expires, maintaining it securely in the interim per industry standards.

07 Your Rights

You have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data, subject to legal retention requirements
• Portability: Request your data in a machine-readable format
• Objection: Object to certain processing of your personal data
• Revocation: Revoke consent for API access at any time through Amazon account settings

To exercise any of these rights, please contact us at ads@meigouwenhua.com. We will respond to requests within 30 days.

08 Cookies

Our website uses minimal cookies necessary for basic functionality:

• Session cookies: Temporary cookies that expire when you close your browser, used for navigation
• Preference cookies: To remember your language and display preferences

We do not use tracking cookies, advertising cookies, or third-party analytics cookies. You can disable cookies in your browser settings, though this may affect website functionality.

09 Third-Party Services

Our services interact with the following third-party platforms:

• Amazon Advertising API: Governed by Amazon's Privacy Notice and Advertising API Terms of Service
• Amazon Web Services (AWS): Cloud infrastructure for data storage and processing
• Cloudflare: Content delivery and security services

Each third-party service has its own privacy policy. We encourage you to review these policies to understand how your data is handled by these services.

10 Regulatory Compliance

We are committed to complying with all applicable data protection laws and regulations, including:

• Amazon Data Protection Policy (DPP): All use of data accessed via the Amazon Advertising API strictly follows Amazon's Data Protection Policy. We do not use, transfer, or disclose Amazon-sourced data beyond what is permitted under these policies.
• China Personal Information Protection Law (PIPL / 个人信息保护法): As a China-based company, we comply with PIPL requirements for the collection, processing, storage, and cross-border transfer of personal information.
• Amazon Acceptable Use Policy: Our application and services adhere to Amazon's Acceptable Use Policy and Solution Provider Agreement at all times.

If you have questions about our compliance posture or wish to submit a data-related request under any applicable regulation, please contact us using the details in Section 11 below.

11 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: