Privacy Policy

Effective Date: March 23rd, 2026

1. Introduction

This Privacy Policy describes how PMX Dynamics (“we,” “our,” or “us”) collects, processes, stores, uses, shares, and disposes of data through our PMX E-commerce application. PMX E-commerce is a certified integration for Microsoft Dynamics 365 Business Central that connects our customers’ ERP systems with their Amazon Seller accounts.

Our policy is built on the principles of data minimization and security. We are committed to protecting the confidentiality and integrity of our customers’ data.

2. What Data We Collect and How We Collect It

We do not collect data directly from consumers. All data is collected by our customers (the “Amazon Sellers”) and accessed by our application on their behalf, with their explicit authorization, through the Amazon Selling Partner API (SP-API).

The types of data we access on behalf of our customers include:

  • Order Data: Order details, order items, and order status.
  • Personally Identifiable Information (PII): Buyer name and shipping address, which are essential for order fulfillment.
  • Product & Inventory Data: Product listings, pricing information, and inventory levels.
  • Financial Data: Transaction data, fees, and payout information necessary for financial reconciliation.

3. How We Process and Use Data

Data is processed exclusively within our customers’ own instances of Microsoft Dynamics 365 Business Central. We use this data solely to provide the core functions of the PMX E-commerce application, which include:

  • Automating the download of new orders into Business Central.
  • Synchronizing inventory levels and pricing between Business Central and Amazon.
  • Facilitating the fulfillment process by providing order data to shipping providers.
  • Enabling financial reconciliation by matching Amazon transactions with records in Business Central.

We do not use this data for marketing, advertising, or any purpose other than providing the services our customers have subscribed to.

4. How We Store Data

Our Commitment to Data Minimization: PMX E-commerce is designed to function as a “data conduit,” not a data repository.

  • Customer Data (PII, Orders, etc.): We do not store Amazon customer PII, order data, or other sensitive seller information on PMX Dynamics’ own servers. This data resides at rest within our customer’s own Microsoft Dynamics 365 Business Central tenant, which is hosted and secured by Microsoft on its secure Azure cloud infrastructure.
  • Application Data: The only data we may store on our infrastructure is non-sensitive application data, such as application logs and performance metrics, for troubleshooting and support purposes. These logs do not contain PII.

5. How We Share Data

We share data only when it is essential for the application’s functionality. The only outside parties with whom we share Amazon Information are:

  • Shipping Providers: We share only the minimum PII (specifically, the buyer’s name and shipping address) with the user’s designated shipping provider, such as ShipStation, via a secure, authenticated API connection. This is done solely for the purpose of generating shipping labels and fulfilling the order.
  • Microsoft: As our application runs on Business Central, Microsoft is the infrastructure provider that hosts and secures our customers’ data at rest.

We do not share Amazon Information with any other third parties.

6. Data Security

We implement a multi-layered security approach to protect Amazon Information:

  • Data in Transit: All data transmitted between our application, Amazon SP-API, and shipping providers is encrypted using TLS 1.2 or higher.
  • Data at Rest: As stated above, sensitive data is stored in our customers’ Business Central tenants, protected by Microsoft’s robust security measures, including encryption at rest.
  • Access Control: Access to Amazon Information is strictly controlled by a need-to-know basis, enforced by role-based access control within both our organization and our application. Our developers have least-privilege access for maintenance only.
  • Secure Credential Management: All API keys and secrets are stored securely using Business Central’s encrypted key management system and are never hardcoded or logged.

7. Data Retention and Disposal

  • Amazon Seller Data: All Amazon data (orders, PII, etc.) is retained according to the data retention policies set by our customers within their own Business Central environment. We do not control or have access to these settings.
  • PMX Application Data: Application logs and other non-sensitive data stored on our systems are retained for a maximum of 30 days and are then automatically and securely purged.

8. Data Breach Procedures

In the unlikely event of a security breach involving our infrastructure, we have a formal Incident Response Plan. Our procedure includes:

  1. Immediate Containment: We will immediately take steps to secure the affected systems and prevent further unauthorized access.
  2. Investigation: Our security team will launch an investigation to determine the scope and impact of the breach.
  3. Notification: We will promptly notify the affected customer(s) so they can take appropriate action and comply with their own legal obligations. We will also cooperate with Amazon and any relevant regulatory authorities as required by law.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify our customers of any material changes by posting the new policy on our website or via other direct communication.

10. Contact Information

If you have any questions about this Privacy Policy or our data handling practices, please contact us at:
Email: privacy@pmxdynamics.ca
Company: PMX Dynamics
Website: www.pmxdynamics.ca