Understanding Amazon PII in the Selling Partner API

Openbridge's Amazon application is approved for operations that return restricted data (such as Personally Identifiable information, or PII). Amazon considered requests for PII data as restricted operations, and require special authorization in the form of a Restricted Data Token (RDT). An RDT allows an authorized applications permissions to to access restricted data such as shipping, tax invoicing, or tax remittance services.

What is Amazon PII?

Amazon's definition of PII:

"any information that can be used on its own or with other information to identify contact, locate an individual (e.g., Customer), or identify an individual in context. This includes, but is not limited to, a Customer name, address, e-mail address, phone number, gift message content, purchases, and latitude/longitude of buyer addresses".

For example, this means Amazon will not return data in fields such as:

Buyer's First and Last name
Buyer's e-mail address
Buyer's phone number
Buyer's Address Line 1, Address Line 2
Gift Messages

Amazon Does Not Supply PII For Fulfillment By Amazon (FBA)

Traditionally, Amazon's data protection policies limit buyers' access to personally identifiable information (PII). Amazon introduced the policy of not sharing the FBA PII data in 2019. As a result, Amazon does not share this information via API or your Amazon Seller Central account.

Restrictions to PII data apply to the Selling Partner API as to the legacy MWS API application. In many ways, the process for accessing PII in the new SP-API is significantly more complex as the review and approval process is extensive.

Openbridge SP-API PII Support

Openbridge has undertaken and completed the compliance and certification review with Amazon for our application to support PII data requests.

Openbridge has invested significant time and energy in working with Amazon to ensure compliance with Amazon AUP and DPP. This includes rigorous audits, reviews, and compliance monitoring to be approved as a PII-approved app in their systems.

This is why we have a "No Bots Promise". Openbridge will never employ bots, screens, web, or data scrapers to circumvent Amazon terms.

Amazon PII Restricted Data Services

The Selling Partner API requires special tokens to access a customer's PII (Personally Identifiable Information). The approved Openbridge SP-API application will request a Restricted Data Token (RDT) for applicable resources. The following API operations have restrictions because customers' Personally Identifiable Information (PII) may be present.

Direct Fulfillment Orders API:

getOrders
getOrder

Direct Fulfillment Shipping API:

getShippingLabels
getPackingSlips
getCustomerInvoices

Merchant Fulfillment API:

getShipment
cancelShipment
cancelShipmentOld
createShipment

Orders API:

getOrders
getOrder
getOrderItems

Shipment Invoicing:

getShipmentDetails

Shipping API:

getShipment

Restricted report types

Here is a list of restricted report types:

GET_AMAZON_FULFILLED_SHIPMENTS_DATA_INVOICING
GET_AMAZON_FULFILLED_SHIPMENTS_DATA_TAX
GET_FLAT_FILE_ACTIONABLE_ORDER_DATA_SHIPPING
GET_FLAT_FILE_ORDER_REPORT_DATA_SHIPPING
GET_FLAT_FILE_ORDER_REPORT_DATA_INVOICING
GET_FLAT_FILE_ORDER_REPORT_DATA_TAX
GET_FLAT_FILE_ORDERS_RECONCILIATION_DATA_TAX
GET_FLAT_FILE_ORDERS_RECONCILIATION_DATA_INVOICING
GET_FLAT_FILE_ORDERS_RECONCILIATION_DATA_SHIPPING
GET_ORDER_REPORT_DATA_INVOICING
GET_ORDER_REPORT_DATA_TAX
GET_ORDER_REPORT_DATA_SHIPPING
GET_EASYSHIP_DOCUMENTS
GET_GST_MTR_B2B_CUSTOM
GET_VAT_TRANSACTION_DATA
SC_VAT_TAX_REPORT

Items in bold will be available in our initial release. Others will follow based on customer demand.

Customers Responsibility

The Amazon PII data we collect on your behalf is stored in a private, trusted customer-owned data lake or cloud warehouse. As a result, any customer receiving Amazon PII data must comply with the Amazon Data Protection Policy (DPP) and Acceptable Use Policies (AUP).

References: