SellerwerkDocs
Log in
Back to all docs
Privacy

Privacy & security

Sellerwerk is a Germany-based GDPR-first product. Your data stays in the EU, we self-host the critical infrastructure, and we run the security checklist below so you don't have to audit it for us.

Where your data lives

  • Database and background processing — on dedicated infrastructure in a German data center (DE). No US cloud provider, no cross-border replication.
  • Error telemetry — self-hosted in Germany. No US-based telemetry vendors.
  • Email delivery — self-hosted on the same EU infrastructure. No US email-service provider.
  • Payment processing — Stripe (Dublin, Ireland) is the only US-affiliated sub-processor. Full list disclosed in our privacy policy.
  • Amazon advertising data— authorised directly by you with Amazon Advertising. Sellerwerk fetches it through Amazon's official interface and stores it in the same EU database.

Amazon tokens

Your Amazon refresh token is stored encrypted at rest (industry-standard AES-256). Keys live separately from the tokens in a dedicated secret store. Access tokens are short-lived (60 minutes), never logged, and revoked immediately when you disconnect the Amazon account.

Tenant isolation at the database layer

Every table is protected by tenant isolation at the database layer — not just by application logic. A request authenticated as organization A technically cannot read or write any row belonging to organization B. Even a bug in application code cannot break this boundary.

Encryption in transit and at rest

Every connection between your browser and Sellerwerk, and between Sellerwerk and Amazon, runs over TLS 1.3. Disks on our servers are fully encrypted; backups are stored encrypted and verified with a daily restore drill.

Automated decisions (Art. 22 GDPR)

When an automation rule pauses a keyword or adjusts a bid, that counts as an automated decision under Art. 22 GDPR. You have the right to request human review, to object, and to receive an explanation of the rule logic. Every automated action is logged with the triggering rule, values, and timestamp.

Access on our side

We minimise production access to customer data. Support handles requests with your explicit permission and only for the duration of the session. No team member can see or use your Amazon tokens — those are technically only decryptable for your account.

Exporting and deleting your data

From Settings → Account → Export you can pull a JSON dump of everything we hold about you. Delete organisation permanently erases all campaign data, automation history, and audit logs within 30 days.

Reporting a security issue

If you discover a vulnerability, please email security@sellerwerk.de in confidence. We acknowledge within 24 hours and keep you posted on the fix. No public disclosure before our patch — we honour that and credit you in the security hall of fame.

Can't find what you're looking for?

Write to support@sellerwerk.de — we read every message.