Privacy and Data Handling Policy

Effective Date: January 1, 2025

Company: EasyCentral LLC (NiceInventory)

1. Introduction

EasyCentral LLC (“we”, “our”, or “us”) is committed to protecting the privacy and security of all customer and partner data accessed, processed, and stored through our systems, including any data obtained via the Amazon Services API. This Privacy and Data Handling Policy outlines how we collect, use, retain, secure, and dispose of information, including Personally Identifiable Information (PII), in compliance with Amazon's Data Protection Policy and applicable data protection laws.

2. Scope

This policy applies to all systems, personnel, and services that handle data provided by Amazon, our clients, or any data subject whose information is accessed or processed through our platform.

3. Data Collection and Use

We only collect and process data that is necessary for the following purposes:

Order fulfillment and logistics support
Tax calculation and invoicing
Customer service and account management
Compliance with legal and regulatory obligations

PII is retained only as long as necessary to fulfill the above purposes and in no case longer than 30 days after order delivery, unless otherwise required by law.

4. Data Security

We implement industry-standard security controls to protect all data, including:

Encryption in Transit and at Rest using TLS 1.2+ and AES-128 or RSA 2048+
Access Controls based on the principle of least privilege
Multi-Factor Authentication (MFA) for all internal user accounts
Network Protection through firewalls, IDS/IPS, antivirus, and secure coding practices
Regular Staff Training on data protection and IT security

All data access is logged and monitored continuously for unusual or unauthorized activity.

5. Data Handling

All Amazon-originated data is tagged or stored separately.
We do not store PII on removable media or personal devices.
Printed documents containing PII are securely shredded after use.
Secure deletion follows the NIST 800-88 standard.

6. User Rights

Where applicable, users have the right to access, correct, delete, or restrict the use of their data. All such requests can be directed to:
[email protected]

7. Incident Response

In case of a Security Incident involving any Amazon data or customer PII:

Amazon will be notified within 24 hours.
We will investigate, document, and retain all details and evidence.
Affected users and authorities will be informed if legally required.

8. Compliance and Review

This policy is reviewed bi-annually and updated as necessary. Our compliance team ensures that data handling practices remain aligned with Amazon requirements and applicable regulations.