MaruTally Logo
Support
MaruTally Logo
Support
Legal & Compliance

Privacy Policy

Last updated: May 2026

At MaruTally, we are committed to protecting your privacy and ensuring the highest standards of data security. This Privacy Policy details how we collect, use, process, and protect your information, with a specific focus on our integration with the Amazon Selling Partner API (SP-API) and TallyPrime.

1. Information We Collect

We collect information primarily to facilitate the automated synchronization of your marketplace data (such as Amazon, Flipkart, Shopify) into your TallyPrime accounting software.

  • Account Information: Name, email address, phone number, and billing details provided during registration.
  • Integration Tokens: OAuth tokens, authorization keys, and API credentials required to connect to Amazon SP-API and other marketplaces.
  • Marketplace Data (via SP-API): Financial transaction logs, settlement reports, tax documents, and inventory levels strictly necessary for accounting reconciliation.
  • Amazon PII (Personally Identifiable Information): If customer PII (such as buyer names or shipping addresses) is fetched for tax invoicing purposes, it is processed strictly according to Amazon's Developer Data Protection Policy (DPP).

2. How We Use Your Information

MaruTally operates as a conduit for your financial data. We do not use your marketplace data for any purpose other than providing the MaruTally service.

  • To automate the creation of accounting vouchers in TallyPrime.
  • To generate GST and reconciliation reports for your business.
  • To provide technical support and troubleshoot integration issues.

No Data Resale: MaruTally will never sell, rent, or lease your personal information, financial data, or Amazon SP-API data to third parties. We do not use your Amazon seller data to compete with you or for market research.

3. Amazon SP-API Token Security & Data Handling

Our infrastructure is designed to exceed Amazon's acceptable use and security expectations:

  • Token Security: All API tokens and credentials are encrypted at rest using AES-256 encryption. They are strictly used to authorize API calls on your behalf.
  • Data in Transit: All data transferred between Amazon, MaruTally, and your local TallyPrime instance is encrypted in transit using TLS 1.2 or higher.
  • Data Retention (PII): As per Amazon's policies, any Amazon customer PII necessary for fulfillment or tax generation is permanently purged from our cloud servers within 30 days of order fulfillment.
  • Least Privilege: Our API integrations only request the specific permissions necessary to perform accounting functions (e.g., Financials, Orders). We do not request unnecessary access to your catalog or pricing data.

4. Data Sharing & Third Parties

We only share data with trusted infrastructure providers (such as secure cloud hosting) required to operate the service. These providers are bound by strict confidentiality agreements and are audited for SOC 2 and ISO 27001 compliance. We do not share your marketplace financial data with external marketing agencies, data brokers, or other sellers.

5. Your Rights

Depending on your jurisdiction (including the Indian Digital Personal Data Protection Act and GDPR), you have the right to:

  • Access the personal data we hold about you.
  • Request corrections to inaccurate data.
  • Revoke your Amazon SP-API authorization at any time via Seller Central or the MaruTally dashboard.
  • Request the deletion of your data (see our Data Deletion Policy).

6. Contact Us

For privacy-related inquiries, data requests, or compliance audits, please contact our Data Protection Officer at:
Email: privacy@marutally.com