Trust & Security

Security at SellerRoot

Last Updated: 8 June 2026

SellerRoot processes Amazon advertising data on behalf of brands and agencies. We take the trust placed in us seriously and have built the platform with security as a first-class concern. This page describes the technical and operational controls we use to protect your data — and what we expect from you to keep your own account safe.

Data We Process

  • Amazon advertising data: campaigns, ad groups, targets, search terms, placements, spend, sales, orders, and related performance metrics.
  • Account metadata: business name, contact email, billing details, and Amazon Marketplace identifiers.
  • Operational logs: timestamps of analyses, jobs run, and administrative actions, retained for audit and debugging.

We do not request or store Amazon customer-level personal data, shopper PII, or payment card numbers. We do not collect advertising data outside the accounts you explicitly connect to SellerRoot.

How We Access Your Amazon Account

Connection to Amazon Advertising is performed through Amazon’s official Login with Amazon (LWA) OAuth flow. We never receive or store your Amazon password. Access tokens are scoped to the Advertising API permissions you grant, are encrypted at rest, and can be revoked from your Amazon account or by disconnecting the integration from SellerRoot at any time.

Encryption

  • In transit:all traffic between your browser, our APIs, and Amazon’s services is encrypted via TLS 1.2 or higher.
  • At rest: production databases and object storage use AES-256 disk-level encryption provided by our infrastructure providers.
  • Secrets: API tokens, OAuth refresh tokens, and database credentials are stored as encrypted values, never in source code.

Authentication

  • Password-based sign-in uses bcrypt with a per-user salt; failed attempts trigger temporary lockout.
  • Short-lived JWT access tokens combined with rotating refresh tokens stored as SHA-256 hashes in the database. Sessions can be revoked from the “Active Sessions” view.
  • Multi-factor authentication (TOTP) is mandatory for owner and admin-level accounts that sign in via password.
  • Accounts using Login with Amazon inherit Amazon’s own multi-factor authentication.

Access Control

SellerRoot uses a workspace-scoped role-based access control (RBAC) model. Every data API call is filtered by the calling user’s membership and role within the requested workspace.

  • Owner — full control of the workspace. Exactly one owner per workspace, enforced at the database level.
  • Admin — manage users, settings, and integrations.
  • Editor — modify data and configurations.
  • Viewer — read-only access.

Administrative actions — user creation, role changes, integration changes — are recorded to an immutable audit log with actor, action, resource, IP address, and timestamp.

Infrastructure

  • Backend application and database hosted on Render, with the database running on AWS-backed managed PostgreSQL.
  • Frontend hosted on Vercel, served from a global CDN with automatic TLS provisioning.
  • Background jobs run on a separate Celery worker with isolated credentials.
  • Daily automated backups of the production database, retained for 30 days.

Sub-processors

We use a small number of vetted third-party providers to operate the service. Each one is contractually bound to data-protection terms consistent with our own.

  • Render, Inc. — backend application hosting and managed PostgreSQL.
  • Vercel, Inc. — frontend hosting and edge delivery.
  • OpenAI — large language model analysis for a small fraction of edge-case advertising decisions. Only advertising metrics relevant to the specific decision are sent; account credentials and personal identifiers are never sent.
  • Amazon Advertising API — the source of all advertising data SellerRoot processes.
  • SMTP provider — transactional emails (booking confirmations, password resets, security alerts).

Vulnerability Reporting

If you believe you’ve found a security vulnerability in SellerRoot, please email security@sellerroot.com with a description of the issue and steps to reproduce it. We aim to acknowledge reports within one business day. Please give us reasonable time to remediate before any public disclosure.

Compliance Posture

SellerRoot is an early-stage platform. We have not yet completed a third-party audit such as SOC 2 or ISO 27001, but the platform is built around the technical controls those frameworks require — least privilege access, encrypted secrets, audit logging, and routine backups. As we grow, we will pursue formal attestations and update this page when they are achieved.

Contact

For security or compliance questions, including data processing agreements and sub-processor lists for enterprise procurement, please email security@sellerroot.com.