What You Need to Know About Amazon Selling Partner API Updates
Amazon Marketplace Web Service (Amazon MWS) APIs are being sunsetted September 30. They are being replaced by Selling Partner APIs (SP-API)—and accompanied by stricter data use and protection policies—as announced by Amazon back in January 2020. Why should you care?
The Amazon MWS data hose is being turned off. These changes could affect the inventory, order, shipping, payment, and advertising data you use to manage your Amazon business.
Amazon API updates: What’s changing?
An API (application programming interface) is software that allows applications to talk to each other. In the case of your Amazon business, Amazon’s APIs are what enable the apps you use for everything from inventory management to customer reviews to analytics to get the data they need from Amazon.
With the updates, Amazon is bringing its 10-year-old APIs up to date, with JSON-based REST API design standards, improved security (OAuth2.0 selling partner authorization using Login with Amazon), and a sandbox for testing. The goal is to make it easier for Amazon Selling Partner developers (i.e., third-party app developers and/or Marketplace sellers with in-house apps) to integrate the APIs to allow their apps to directly access and extract Amazon store data.
It’s a pretty safe bet that the third-party apps you use will be ready for the changeover to SP-API by September 30. However, if you developed apps in-house for your Amazon business, such as for self-fulfillment or analytics and reporting, you’ll need to make sure you’re migrated over from Amazon MWS.
Policy changes to know about
In addition to the API updates, Amazon announced some changes to their Acceptable Use and Data Protection policies that restrict the access to and use of customer information, effective January 1, 2021. These are good to know about so that you don’t inadvertently fall into noncompliance—which is something you need to be aware of if you developed and use an in-house app for your Amazon business.
30-day PII access window
Amazon defines Personally Identifiable Information (PII) as “…information that can be used on its own or with other information to identify, contact, or locate an individual (e.g., Customer or Selling Partner), or to identify an individual in context” (Amazon).
PII may include data like customer or Selling Partner’s name, address, email address, and phone number, as well as survey responses, payment details, gift message content, purchases, cookies, digital fingerprint (e.g., browser, user device), IP address, and geo-location or IOT product identifiers (Amazon).
As of January 1, 2021, Selling Partner developers may only use and/or retain PII about Amazon customers for up to 30 days after shipment and only for the purposes of fulfilling and shipping orders and/or calculating and remitting taxes and for tax invoices. After 30 days, PII must be removed, making it no longer accessible for use. The only exception is if a developer is required by law to archive PII for tax or regulatory purposes; in this case, PII must be stored as a cold or offline encrypted backup.
Data use and protection audit
Amazon also reserves the right to ask developers to certify that their data protection, storage, and use policies and procedures are in compliance with Amazon’s Acceptable Use and Data Protection policies. They also can bring in a third party to audit developers’ records, operations and systems.
What it all means for Amazon sellers
Most Amazon sellers won’t be affected directly by these changes—unless the apps you use to manage your Amazon business haven’t migrated to SP-API by September 30. Also, you may notice that Amazon customer PII use has been restricted to order fulfillment and is only accessible for 30 days.
Therefore, it can be a good idea to check with your third-party apps and vendors to make sure they’ll be migrated to SP-API by September. Also, you will want to identify if you have any in-house apps that need to be migrated from Amazon MWS.
However, the migration to SP-API will take time, so you may need a Plan B, such as integrating an already compliant app like Daasity into your tech stack to ensure your Amazon store data stream isn’t interrupted. We’re happy to talk—contact us.