1. Scope and controller
This Privacy Policy applies to d3seller.com, the D3 Seller portal at central.d3seller.com and related onboarding, support and marketplace connection services. D3 Seller acts as controller for account, website and commercial contact information and as a processor or service provider for marketplace information handled on behalf of a seller.
2. Information we collect
We may collect name, work email, company, user role, authentication records, support requests, workspace settings and technical request information. When a seller connects a marketplace, we process the connection identifiers, authorization tokens or credentials, seller account identifiers, country and store configuration needed to provide the service.
Amazon seller information
Depending on the permissions approved by the seller, D3 Seller may process Amazon catalog and listing data, orders, fulfilment status, inventory, settlement, fee, refund and related operational records. Seller authorization may occur through Amazon's authorization flow when available or through securely submitted SP-API credentials.
Noon seller information
Depending on the Noon connection configured by the seller, D3 Seller may process catalog, listing, order, inventory, fulfilment, settlement, fee and related operational records. Noon setup uses seller-provided integration details, service-account credentials and, where used, an FBPI webhook secret.
3. Why we process information
We use information to create and secure accounts, connect seller-authorized marketplaces, synchronize permitted marketplace records, provide product, order, inventory, purchasing, fulfilment, costing, settlement and accounting views, send requested notifications, respond to support, prevent abuse, maintain audit history and meet legal obligations.
4. Buyer personally identifiable information
D3 Seller restricts buyer PII to the minimum operational purpose for which the marketplace provides it. Buyer PII is not sold, rented, shared for unrelated marketing, used for interest-based advertising or combined into advertising profiles. Access is limited by role and operational need.
5. No sale or advertising use
We do not sell marketplace information. We do not use Amazon, Noon or buyer marketplace information for advertising, data brokerage or building unrelated commercial profiles.
6. Service providers and subprocessors
We use infrastructure and service providers to host the website and application, store data, deliver email, operate databases, monitor reliability and protect the service. Current technical architecture may include Cloudflare for public website delivery and protection, a managed server and PostgreSQL database for the portal, Resend for transactional email, and the relevant Amazon and Noon endpoints for authorized marketplace connections. Providers process information under their service terms and only for the functions we use.
7. Security
We use HTTPS in transit, signed HTTP-only sessions, role-based access, tenant-scoped application context, encrypted connector credentials, runtime-managed secrets and audit records for sensitive actions. No internet service can guarantee absolute security.
8. Retention and secure deletion
We retain account and marketplace information while the workspace is active and for the period reasonably needed to provide the service, resolve disputes, preserve financial or audit evidence, prevent fraud and meet legal obligations. When information is no longer required, it is deleted, anonymized or made inaccessible through a controlled process, including backups according to their lifecycle.
9. Revoking a marketplace connection
A seller may disconnect a marketplace in the D3 Seller workflow, revoke Amazon authorization in Seller Central, revoke or rotate Noon credentials in Noon's partner tools, or contact support for assistance. Revocation stops new authorized collection after the connection is disabled; previously collected records are retained or deleted according to account instructions and applicable obligations.
10. International processing
Service providers and marketplace endpoints may process information in countries other than the seller's location. We use appropriate contractual and technical safeguards where required.
11. Your choices and rights
Subject to applicable law, you may request access, correction, deletion, restriction or a copy of personal information, object to certain processing, or withdraw consent where consent is the legal basis. Workspace administrators may also manage user access and marketplace connections.
12. Contact
For privacy questions or requests, email privacy@d3seller.com. For security reports, email security@d3seller.com.
13. Changes
We may update this policy as the service, marketplace requirements or applicable laws change. The date at the top identifies the current version.
