← Rivergate

Data Protection & Security

Rivergate is operated by LE PION PASSE, France.

Last updated: March 10, 2026

This Data Protection & Security Policy describes the technical and organisational measures Rivergate implements to protect all data processed through the platform, with particular attention to data retrieved via Amazon's Selling Partner API (SP-API).

1. Scope

This policy applies to all personal data and Amazon seller data processed by Rivergate, including data retrieved from Amazon SP-API on behalf of authorized sellers, account data provided by users, and technical data generated by use of the platform.

2. Amazon SP-API Data Access Principles

Rivergate accesses Amazon data strictly under the following conditions:

  • Access only through official Amazon Selling Partner API (SP-API)
  • Explicit seller authorization via Amazon's OAuth 2.0 flow required before any data is retrieved
  • No web scraping, browser automation, or unauthorized access methods
  • No access to data belonging to sellers who have not authorized the platform
  • Sellers may revoke access at any time from Amazon Seller Central
  • Amazon data is never aggregated for competitive intelligence or resale
  • Amazon data is not shared with any party not involved in delivering the service to the authorized seller

3. Data Classification

  • Category A - PII: Buyer shipping destination country and postal region. Retention: maximum 90 days after order shipment date. Access: restricted to the application service account only.
  • Category B - Seller Account Data: Financial events, inventory, catalog listings, marketplace configuration. Retention: duration of active subscription + 30 days.
  • Category C - Platform Account Data: User name, email address, subscription status, preferences. Retention: duration of active subscription + 30 days after termination.
  • Category D - Technical Logs: Server access logs, authentication events, API call logs. Retention: maximum 12 months.

4. Encryption

In Transit

  • All communications between users and the platform are encrypted using TLS 1.2 or higher (HTTPS enforced)
  • All API calls to Amazon SP-API use TLS 1.2 or higher

At Rest

  • Server volumes encrypted with AES-256 disk-level encryption
  • Database fields containing sensitive data encrypted at the application level using AES-256-CBC
  • Encryption keys stored in environment variables outside the codebase, never in version control

Backups

  • All backups encrypted with AES-256 before storage
  • Backup encryption keys managed separately from production keys

5. Access Controls

Network Level

  • Production database accessible only via localhost / private network
  • No direct public access to database ports
  • Server SSH access restricted to key-based authentication
  • IP allowlisting enforced for administrative access
  • Firewall configured to deny all inbound connections except ports 80, 443, and restricted management port

Application Level

  • Multi-factor authentication (MFA) enforced for all administrative accounts
  • Amazon SP-API credentials accessible only to the application service account
  • SP-API credentials stored encrypted; never exposed in logs or UI
  • Role-based access: each user can access only their own data

Credential Management

  • All credentials stored in environment variables; never hardcoded
  • .env files excluded from version control
  • Credentials rotated annually or immediately upon suspected compromise

6. Data Isolation and Least Privilege

  • Each seller's data is logically isolated by user_id and marketplace_id at the database query level
  • No cross-account data access is possible within the platform
  • Database queries filter by authenticated user on every request
  • SP-API tokens stored per-seller; no token reuse across accounts

7. Infrastructure and Hosting

  • All production servers located within the European Union
  • Hosting provided by EU-based infrastructure provider
  • No data transferred to or stored in systems outside the EU without explicit disclosure
  • Critical security patches applied within 7 days of release

8. Backups and Recovery

  • Automated daily encrypted backups of all production data
  • Backup storage in a geographically separate EU data centre
  • Recovery Time Objective (RTO): 4 hours
  • Recovery Point Objective (RPO): 24 hours
  • Restore procedure tested quarterly in isolated staging environment

9. Monitoring and Audit Logging

  • All authentication events (login, logout, failed attempts) logged
  • All Amazon SP-API calls logged with timestamp, endpoint, and user ID
  • Logs retained for a minimum of 12 months
  • Logs reviewed at minimum bi-weekly for anomalous patterns
  • Failed login attempts and unusual API usage trigger immediate alerts
  • Log access restricted to administrators; logs not modifiable by application users

10. Vulnerability Management

  • Dependency vulnerabilities monitored continuously via automated tools (Composer audit, Dependabot)
  • Critical vulnerabilities remediated within 7 days of discovery
  • High severity vulnerabilities remediated within 30 days
  • Application code reviewed for OWASP Top 10 vulnerabilities before each release
  • Penetration testing conducted annually

11. Change Management

  • All changes to production systems tested in a dedicated staging environment before deployment
  • Changes reviewed and approved before release
  • Rollback procedures defined for all production deployments
  • Database migrations versioned and reversible

12. Testing Environment and PII Protection

  • Production PII is never used in testing or staging environments
  • Test data uses synthetic or anonymized order data only
  • Staging environment is isolated from production with separate credentials and database
  • No real Amazon buyer data is imported into non-production systems

13. Personal Device and Removable Media Controls

  • Production data is accessible only through the authenticated web application with MFA
  • Direct database access requires SSH key authentication to the production server
  • No removable media (USB drives, external storage) is used in production data handling
  • Server login events are logged; unauthorized access attempts trigger alerts

14. Security Incident Response

In the event of a confirmed or suspected security incident involving Amazon data or personal data:

  1. Containment (immediate): Revoke compromised credentials, isolate affected systems, block suspicious access.
  2. Notification to Amazon (within 24 hours): Amazon notified at security@amazon.com with incident details and containment actions taken.
  3. GDPR Notification (within 72 hours): Affected users notified per GDPR Art. 33/34. CNIL notified if required.
  4. Investigation: Scope of data exposure assessed. Access logs reviewed. Root cause identified.
  5. Remediation: Vulnerability patched. Procedures updated. Incident documented.

Incident Management Point of Contact: support@rivergate.app

15. Third-Party Data Processors

Rivergate uses a minimal number of third-party service providers, each operating under a data processing agreement (DPA):

  • EU-based cloud hosting provider (server infrastructure)
  • Transactional email provider (account notifications only)
  • Payment processor (billing only; card data never stored by Rivergate)

Amazon Information is never shared with advertising networks, analytics platforms, or data brokers.

16. Amazon SP-API Compliance Statement

Rivergate is committed to full compliance with Amazon's Selling Partner API Data Protection Policy. Our data handling practices include:

  • PII retention limited to 90 days after order shipment
  • No use of Amazon data beyond authorized seller service delivery
  • No sharing or resale of Amazon data
  • Security incident notification to Amazon within 24 hours
  • Encryption of Amazon data in transit and at rest
  • Access controls limiting Amazon data to authorized personnel and service accounts only

17. Contact

LE PION PASSE — France
Email: support@rivergate.app
Website: rivergate.app

Rivergate is not affiliated with, endorsed by, or sponsored by Amazon.com, Inc. Amazon and Selling Partner API are trademarks of Amazon.com, Inc.