Skip to content
Legal & Regulatory Compliance

Privacy & Data Protection Policy

Last Updated: July 13, 2026 · Effective across all Stupers International Inc. digital properties, corporate platforms, and SaaS applications including eSellerOps.

Quick Compliance Summary

  • Zero sale or brokerage of client or Amazon seller data
  • Strict Amazon SP-API Data Protection Policy (DPP) compliance
  • Isolated Supabase PostgreSQL instances with Row-Level Security
  • Mandatory 30-day token & data deletion upon account disconnect
Corporate Headquarters:
Stupers International Inc.
8 The Green, STE R, Dover, DE 19901
EIN / Entity Registry: State of Delaware, USA
1. Scope & Commitment

Overview of Data Governance

This Privacy and Data Protection Policy governs the handling of information across all web properties operated by Stupers International Inc. ("Company", "we", "our", or "us"), including our corporate portal (stupersinternational.com) and our specialized SaaS operating platforms such as eSellerOps (esellerops.com and app.esellerops.com).

We build automation and operational infrastructure. Protecting the integrity, confidentiality, and availability of our clients' business data, supplier catalogs, and Amazon merchant metrics is our fundamental operational baseline.

2. Information Collection

Categories of Data Collected

Depending on your interaction with our corporate services or SaaS platforms, we collect the following limited categories of information:

  • Corporate Inquiries & Contact Details: Name, business email address, company name, phone number, and message content submitted through our online contact forms or consultation booking calendars.
  • SaaS Account Identity & Authentication: Email addresses, hashed authentication credentials, and session tokens verified securely via Supabase Authentication and multi-factor authentication (MFA) protocols.
  • Amazon Selling Partner API (SP-API) Data (For eSellerOps Users): When a user connects their Amazon Seller Central account to eSellerOps via Login with Amazon (LWA) OAuth 2.0, we securely obtain restricted access/refresh tokens along with specific merchant data: active/inactive inventory listings (getListingsItems), exact product fee schedules and estimated charges (getMyFeesEstimate), and ASIN-specific account gating/restrictions verifications (getListingsRestrictions).
  • Operational Logs & System Telemetry: Standard web server access logs, browser agent strings, and transaction timestamps required for security auditing and diagnostic monitoring.
3. Amazon SP-API Compliance

Strict Amazon Data Protection Policy (DPP) Mandate

Stupers International Inc. and eSellerOps strictly adhere to the Amazon Selling Partner API Data Protection Policy (DPP) and Acceptable Use Policy (AUP). We enforce explicit, non-negotiable restrictions on all Amazon-derived data:

Exclusive Processing Purpose: Amazon SP-API data is accessed and processed solely to deliver core functionality within the eSellerOps application—specifically calculating true landed FBA profit margins, auditing ASIN gating status, and exporting verified reverse sourcing buy lists for that individual seller.

Absolute Prohibition on Data Selling & Sharing: We do not sell, rent, lease, trade, or share any Amazon seller data, LWA tokens, or Keepa market analysis with third parties, advertisers, data brokers, or competitor stores under any circumstances.

Tenant Isolation: Every connected Amazon merchant account is isolated within our PostgreSQL database via tenant-scoped Row-Level Security (RLS). One seller cannot view or access another seller's API metrics or buy lists.

4. Security Infrastructure & Encryption

Enterprise Technical Safeguards

We protect your business and regulatory data with state-of-the-art cryptographic controls and cloud architecture:

  • Encryption in Transit: All data transmitted between user browsers, corporate endpoints, Amazon SP-API endpoints, and our backend clusters is encrypted using modern Transport Layer Security (TLS 1.3).
  • Encryption at Rest: Database volumes, OAuth tokens, and sensitive client records are encrypted at rest using industry-standard AES-256 encryption inside isolated AWS / Supabase data centers.
  • Principle of Least Privilege: Internal access to production database systems is restricted exclusively to authorized senior engineering personnel via encrypted SSH tunnels and multi-factor authentication.
5. Retention & Deletion Rights

Data Lifecycle & Revocation

We retain personal and business information only for the duration necessary to fulfill the services requested, comply with legal obligations, or resolve disputes.

Amazon SP-API Revocation & Purge: If an eSellerOps user disconnects their Amazon Seller Central account from our application or requests account closure, all associated LWA OAuth tokens, cached product listings, and merchant-specific metrics are permanently purged from our active databases within thirty (30) days (or immediately upon verified request).

Right to Erasure (GDPR / CCPA): Users have the right to request access to, modification of, or permanent deletion of their personal information at any time. To initiate a data deletion request, email our compliance officer directly at senna@stupersinternational.com or support@esellerops.com.

6. Contact & Regulatory Inquiries

Legal & Privacy Contact Information

If you have questions regarding this Privacy Policy, our Amazon SP-API compliance posture, or data protection practices, please contact our registered corporate office:

Stupers International Inc.
Registered Headquarters: 8 The Green, STE R, Dover, DE 19901, USA
General Corporate Inquiries: senna@stupersinternational.com
Regulatory & Partnership Inquiries: contact@stupersinternational.com
eSellerOps Developer Support: support@esellerops.com
Let's build it

Find out what your company could automate next.

Tell us about a process that's slowing you down. We'll show you what automating it could look like — no obligation, no jargon.