home Privacy Policy

Privacy Policy

Mezzex is committed to respecting your privacy and protecting your data.

Mezzex (“we”, “our”, “us”) is committed to respecting your privacy, protecting your data, and being transparent about how your information is collected, used, stored, and shared. This Privacy Policy explains our practices in compliance with the UK Data Protection Act 2018, the UK GDPR, and Amazon’s Data Protection and Acceptable Use Policies.


If you do not agree with the terms of this policy, please discontinue use of our website and services immediately. By using our website and services, you confirm that you are at least 18 years old and that you consent to the practices described in this Privacy Policy. For questions, contact us at info@mezzex.com.

1. Information We Collect

  • Identity Information: Name, company name, role, and account identifiers.
  • Contact Information: Email address, phone number, and mailing address.
  • Amazon Seller Information: Order data, catalogue data, inventory details, and performance metrics, when authorised.
  • Transaction Information: Payment details, invoices, and billing records.
  • Technical Information: IP address, device details, browser type, cookies, and usage logs.
  • Support Information: Communications with our customer service or technical support.

2. How We Use Your Information

We process personal and Amazon Information only for legitimate business purposes, including:

  • Responding to enquiries and providing customer support.
  • Managing contracts, subscriptions, and payments.
  • Enabling integrations with the Amazon Selling Partner API.
  • Operating, maintaining, and improving our website and services.
  • Complying with legal obligations and audit requirements.
  • Preventing fraud, misuse, and unauthorised access.
  • Sending marketing communications, where you have opted in.

We never use Amazon Information for advertising, profiling, or resale.

3. Data Sharing

We do not sell or rent your personal data. We may share information only with:

  • Service Providers: Hosting, infrastructure, payment processors, support (e.g., AWS, secure payment gateways).
  • Legal Authorities: When required by law or to enforce our rights.
  • Business Transfers: In the event of a merger, acquisition, or restructuring, subject to safeguards.

All third parties are contractually bound to comply with Amazon’s Data Protection Policies and GDPR.

4. Data Retention and Backup

  • Seller data retained for 90 days after termination, then securely deleted.
  • Backup copies stored in encrypted form and purged on a rolling basis.
  • Encryption Standards: AES-256 for data at rest, TLS 1.2+ for data in transit.

5. Security and Access Controls

  • SSL/TLS certificates on all services.
  • Firewalls, intrusion detection, and monitoring.
  • Role-based access to Amazon Information.
  • Passwords stored using salted hashing (bcrypt).
  • Strong password policy: min 12 characters, symbols, rotated every 90 days.

6. Risk Management and Incident Response

  • Detection: Monitor and log abnormal activity.
  • Containment: Restrict access to compromised systems.
  • Notification: Notify affected users and Amazon within required timeframe.
  • Remediation: Patch vulnerabilities, restore backups, validate systems.
  • Review: Audit incident and improve preventive measures.

7. Vulnerability and Change Management

  • Code undergoes regular reviews and vulnerability scans.
  • Critical vulnerabilities patched within 24–48 hours.
  • System changes approved by authorised managers, tracked in logs.
  • Development and production environments segregated.

8. Cookies and Tracking

We use cookies to improve site usability and tailor user experience. Cookies may collect statistical, non-identifiable information. You may disable cookies in your browser, but some functionality may be limited. See our Cookies Policy for details.

  • Essential cookies – required for website functionality.
  • Analytics cookies – help us understand usage patterns.
  • Preference cookies – remember your settings.
  • Security cookies – used to prevent fraud and misuse.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access a copy of your personal data.
  • Request corrections or deletions.
  • Restrict or object to processing.
  • Withdraw consent for marketing.
  • Request data portability.

To exercise these rights, email info@mezzex.com.
If unsatisfied, you may complain to the Information Commissioner’s Office (ICO).

10. Links to Other Websites

Our website may link to external websites. We are not responsible for their content or privacy practices. Please review their policies before providing personal information.

11. Changes to this Policy

We may update this Privacy Policy periodically. Updates will be posted on this page with a revised effective date. Continued use of our services after updates constitutes acceptance of the new terms.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact Mezzex Ltd Spacebox Business Park Unit E 38, Plume Street, Birmingham, B6 7RT Email: info@mezzex.com Phone: +44 121 661 6357

Last Updated: 30 August 2025