NumbersClear
Why it mattersHow it worksPricingAboutContact
Live demo Start free

Data Handling and Security

Last updated: 28 June 2026

How NumbersClear collects, processes, stores, and protects your connected platform data, with specific attention to Amazon Selling Partner API data.

1. Overview

NumbersClear connects to your sales channels and accounting platforms to provide automated financial reconciliation, audit, and reporting. This page explains precisely how we handle the data from each connected platform, our security practices, and your controls over that data.

2. Amazon Selling Partner API data

NumbersClear is an authorised application that connects to Amazon Seller Central via the Selling Partner API (SP-API). We comply fully with Amazon's Data Protection Policy (DPP) and Acceptable Use Policy (AUP).

2.1 What data we access

Through the SP-API, we access:

  • Orders: Order details, line items, quantities, and fulfilment status
  • Finances: Settlement reports, fee breakdowns, refunds, and disbursements
  • FBA inventory: Stock levels, inbound shipments, and storage fees
  • Advertising: Campaign spend, impressions, clicks, and attributed sales (Amazon Ads API)
  • Catalogue: Product identifiers (ASIN, SKU) for reconciliation purposes

2.2 How we use Amazon data

Amazon SP-API data is used exclusively for:

  • Reconciling orders and fees against your accounting records
  • Calculating true P&L per brand and per SKU
  • Detecting unbooked fees, settlement discrepancies, and margin leaks
  • Projecting cash flow based on settlement schedules (DD+7)
  • Identifying inventory risks (stockouts, overselling, aged stock)
  • Providing PPC performance metrics tied to product-level profitability

2.3 How we do NOT use Amazon data

  • We do not sell, rent, or share Amazon data with any third party
  • We do not use Amazon data for advertising or marketing to third parties
  • We do not aggregate Amazon data across sellers for benchmarking or competitive intelligence
  • We do not use Amazon data to train machine learning models sold to third parties
  • We do not retain Amazon data after you disconnect or close your account (deleted within 30 days)

2.4 Amazon data retention and deletion

  • Active connection: data is retained for the duration of your subscription and active connection
  • Disconnection: data is permanently deleted within 30 days of disconnecting your Amazon account
  • Account closure: all Amazon data is permanently deleted within 30 days of account closure
  • On-demand deletion: you may request deletion of Amazon data at any time via privacy@numbersclear.ai

3. Shopify data

We connect to Shopify via their Admin API (OAuth 2.0). Data accessed includes orders, products, inventory, and financial summaries. The same security, retention, and deletion policies apply as for Amazon data.

4. Accounting platform data

We connect to QuickBooks (Intuit), Xero, and Sage via their respective OAuth 2.0 APIs. Data accessed includes chart of accounts, journal entries, invoices, and bank transactions. We use this data solely to reconcile against your sales channel data and surface discrepancies.

5. Security measures

5.1 Encryption

  • In transit: All data is encrypted using TLS 1.2 or higher. HTTPS is enforced on all endpoints.
  • At rest: All stored data is encrypted using AES-256 encryption.
  • Credentials: OAuth tokens are stored in encrypted secret stores, never in application code or logs.

5.2 Authentication and access control

  • All platform connections use OAuth 2.0; we never store your marketplace passwords
  • Internal access to customer data requires multi-factor authentication
  • Least-privilege access controls ensure staff see only what they need
  • All data access is audit-logged

5.3 Infrastructure

  • Hosted on Cloudflare's global edge network with enterprise-grade DDoS protection
  • Multi-tenant data isolation ensures your data is logically separated from other customers
  • Automatic backups with point-in-time recovery
  • Regular vulnerability scanning and penetration testing

5.4 Incident response

  • Formal incident response plan maintained and tested
  • Data breach notifications sent to affected users within 72 hours of discovery
  • Amazon and other platform partners notified per their respective DPP requirements
  • Post-incident review and remediation documented

6. Your controls

You have full control over your connected data:

  • Connect / disconnect: Add or remove platform connections at any time from your dashboard settings
  • Export: Download your reconciled data, reports, and audit findings in CSV or PDF format
  • Delete: Request full deletion of all your data at any time
  • Audit log: View a log of all data access and sync activity for your account
  • Revoke access: Revoke NumbersClear's access directly from Amazon Seller Central, Shopify, or your accounting tool at any time

7. Compliance

  • UK GDPR / Data Protection Act 2018: Full compliance as data controller
  • Amazon Data Protection Policy (DPP): Compliant with all SP-API developer requirements
  • Amazon Acceptable Use Policy (AUP): Compliant with all usage restrictions
  • PCI DSS: Payment processing handled by Stripe (PCI DSS Level 1 certified)
  • SOC 2 Type II alignment: Controls mapped to SOC 2 trust service criteria

8. Contact

For questions about our data handling practices, security measures, or to exercise your data rights:

Data Protection Contact
Email: privacy@numbersclear.ai

AIORAS TECHNOLOGY LTD
4th Floor Office, 205 Regent Street, London, England, W1B 4HB
Company No. 16037096
NumbersClear

Financial control room for multi-channel sellers. An Aioras company.

Product
Why it matters How it works Pricing Dashboard
Company
About Contact Aioras
Legal
Privacy Policy Terms of Service Data Handling
2026 NumbersClear : an Aioras company Privacy : Terms : Data Handling