Security
Security & Data Protection
SellerGuard AI is built with layered security controls to protect seller data and comply with Amazon SP-API Data Protection requirements.
Amazon SP-API Compliance
SellerGuard AI maintains the following controls required by the Amazon Selling Partner API Data Protection Policy:
- Formal Incident Response Plan with 6-month review cycle
- Security incidents reported to Amazon within 24 hours of detection
- Active firewall (UFW) with default-deny inbound policy
- Intrusion detection and brute-force prevention (fail2ban)
- Weekly anti-malware scanning (ClamAV)
- Network segmentation — application services not publicly exposed
- 12-character minimum passwords with special characters required
- MFA required on all administrator accounts
- Annual credential rotation policy enforced
Infrastructure Security
- All traffic encrypted via TLS 1.2+ (HTTPS enforced, HTTP redirects)
- Application server not directly accessible — Nginx reverse proxy only
- SSH key-based authentication; root password login disabled
- Automated security log monitoring and alerting
Data Handling
- No Amazon credentials or passwords are ever collected or stored
- Sellers manually provide metrics or upload CSV exports — no account access
- SellerGuard AI is a read-only reporting tool — no account actions taken
- Data minimization: only information needed to generate risk reports is used
Contact
Security questions, vulnerability reports, or data inquiries:
support@sellerguardai.com
Operated by Mados Ventures Holding Co. LLC d/b/a SellerGuard AI