Last updated June 11, 2026
Privacy Policy
Sailwyn (the "Service") is operated by OneCommerce Inc., a New York corporation ("OneCommerce", "we", "us"). The Service provides advertising, reporting, and business intelligence software for Amazon sellers. This policy explains what information we collect, how we use and protect it, and how sellers can request changes or deletion.
Information we collect
Account information. Name, business name, email address, and login credentials that users provide when creating an Sailwyn account.
Amazon authorization data. When a seller connects an Amazon account, we receive OAuth authorization tokens, selling partner identifiers, advertising profile identifiers, and marketplace identifiers. We never receive or ask for Amazon passwords.
Amazon business data (Selling Partner API). As authorized by the seller, we access sales, settlement, listing, inventory, catalog, pricing, and order-related reports only where buyer personal information is excluded.
Amazon advertising data (Amazon Ads API). As authorized by the seller, we access advertising campaigns, ad groups, keywords, targeting, budgets, bids, and advertising performance reports.
Usage and log data. Application logs, sync status, and records of actions taken in the Service, kept for security, support, and auditability.
No buyer personal information. The current release of the Service is designed to operate without buyer personally identifiable information. We do not request API permissions for, and do not intentionally collect, buyer names, delivery addresses, phone numbers, shipping labels, or tax invoice documents.
How we use information
We use information to provide reporting, advertising analytics, inventory context, profitability analysis, account health monitoring, customer support, security, auditability, and service improvement.
Amazon data use limitation. Data obtained through Amazon APIs is used solely to provide the Service to the seller account that authorized access. We do not sell Amazon data, do not use it for advertising to third parties, do not use it for any business other than providing the Service to the authorizing seller, and do not combine one customer's data with another customer's data.
Write actions. Where the Service performs write actions on a seller's behalf — advertising budget or bid updates, or sending Amazon's standard "Request a Review" solicitation for eligible orders through Amazon's Solicitations API — those actions run only with the seller's explicit approval, are limited to the authorizing seller's own account, and are fully audit-logged. Review solicitations are delivered by Amazon using Amazon's own template; we never see or store buyer contact details. The Service does not create, update, or delete listings, orders, or any other seller account data.
Data sharing
We do not sell seller business data. We share information only with infrastructure service providers needed to operate the Service (such as hosting providers) under confidentiality obligations, when required to comply with law or a valid legal process, to protect the security and integrity of the Service, or to fulfill a request made by the seller.
Data security
We protect information with controls that include: encryption of data in transit (TLS) and encryption of Amazon authorization tokens at rest; least-privilege access controls so that personnel access is limited to what their role requires; separation of each customer's data within the Service; and logging and monitoring of access to systems that store Amazon data.
Security incidents. If we become aware of a security incident affecting Amazon data or seller data, we will investigate promptly and notify affected sellers and Amazon as required. To report a suspected security issue, email chris.c@sailwyn.com with the subject line "Security".
Data retention and deletion
We retain data while a seller account remains active and as needed to provide the Service. Sellers may request deletion of their account data at any time as described on our Data Deletion page. Verified deletion requests are completed within 30 days, and residual copies in backups expire within 90 days, subject to legal and security retention requirements. Revoking Amazon authorization stops all future data synchronization for that account.
Cookies
The Service uses only cookies that are necessary for authentication and session management. We do not use third-party advertising cookies.
Changes to this policy
If we make material changes to this policy, we will update this page and revise the date above. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.
Contact
For privacy questions or requests, contact OneCommerce Inc. at chris.c@sailwyn.com, or by mail at OneCommerce Inc., 540 W 28th St, Apt 3J, New York, NY 10001, United States.