Data and Privacy
Data and Privacy
This page summarizes how SellerOps handles data for Watcher operations.
What SellerOps Uses for Watcher
- Order IDs, status, and timing fields required for deadline monitoring
- Dispatch and tracking timestamps used in alert and LDR calculations
- Store/account metadata needed for routing and reporting
OAuth authentication happens on TikTok. SellerOps does not collect your TikTok password directly.
Storage and Protection
| Data Type | Storage | Protection |
|---|---|---|
| Operational order data | AWS Aurora PostgreSQL | Encrypted at rest + TLS in transit |
| TikTok OAuth tokens and secrets | AWS Secrets Manager | KMS-backed secret encryption |
| Compliance/audit artifacts | S3 compliance bucket | Object Lock (GOVERNANCE), versioning, lifecycle policies |
Compliance Bucket Controls
- Object Lock default retention configured at 90 days (GOVERNANCE mode)
- SSE-KMS encryption enforcement
- Public access blocked
- Lifecycle transitions (Standard ? IA ? Glacier ? Deep Archive)
Access and Authentication
- User authentication is handled by Clerk.
- OAuth start flow uses expiring state tokens (10-minute TTL) for CSRF resistance.
- API access is tied to authenticated account context.
Export Options
- Orders export (Watcher): JSON export from All Orders page.
- Activity export (Defender): JSON export from Activity Log when Defender access is enabled.
Retention and Deletion
Infrastructure retention behavior is defined by environment and storage policy. If you need account-level deletion timelines for legal/compliance review, contact SellerOps support.
Security controls can be tightened over time without changing your product workflow. Always rely on current policy and legal documents for contractual commitments.