We are making clarifications and updates to the Amazon Acceptable Use and Data
Protection policies governing the appropriate use of the Selling Partner API and
Amazon Marketplace Web Service (Amazon MWS). These updates will go into effect
on January 1, 2021. We have published the redlined versions of these policies at
the links below for your convenience.
The Acceptable Use Policy ("AUP") clarifies the appropriate use of Amazon
Marketplace APIs. In addition to the Amazon Marketplace Developer Agreement,
Marketplace Developers must comply with the following policies. Failure to comply
may result in suspension or termination of Marketplace API access.
Help Sellers manage their Amazon Business
Marketplace APIs are for Developers who wish to help Sellers build, manage, and
grow successful businesses in Amazon's store.
- Use Marketplace APIs only to perform acceptable Amazon Seller activities, and
only for Amazon Sellers who have authorized you to perform these activities on
- Do not facilitate or promote violation of the Amazon Services Business Solutions
Agreement, directly or indirectly.
- If you discover that a Seller is using your service to violate the Amazon
Services Business Solutions Agreement, notify Amazon and block the Seller's
access to your Application.
- Keep up to date on Amazon policies that pertain to specific APIs (such as the
Merchant Fulfillment API, Orders API, and Reports API) or specific functionality
that your Application provides (such as Buyer-Seller messaging).
Provide quality Applications and services
- Do not falsely advertise your Application or service.
- Be clear and honest with Sellers about what data you are accessing and for what
- Do not attempt to deceive Sellers by deliberate modification of Marketplace API
- Be explicit about any calculations and the use of models such as Artificial
Intelligence in the service you provide, their accuracy, and data
- Comply with all applicable laws including data privacy and data protection laws
(e.g., GDPR, Cybersecurity Law of the People's Republic of China).
- Do not offer Applications or services that infringe on the copyrights, patents,
or trademarks of others.
- Do not use, offer, or promote external (non-Amazon) data services that vend
Amazon data, including data retrieved from Amazon's public-facing websites.
Quality and performance
- Provide Application availability, performance, and support required to
successfully perform the business task.
- Identify and mitigate any negative Seller impact before launching new features,
especially for business-critical tasks.
- Design your Application to respect per-Seller throttling quotas.
- Implement data integrity and validation checks within your Application for any
analytical processing (e.g., AI models for insights, automated decision-making)
that has material impact on a Seller's business.
Keep data secure
- Never share keys or passwords.
- Never ask for or accept a Seller's Secret Keys for any purpose.
- Only act on behalf of Sellers that have granted you permission through
- Do not apply for keys that you will not use. Amazon will baseline access keys
every 90 days. Keys that do not make a successful call in 90 days will be
deleted and the Developer will need to re-apply for keys.
- Do not request or share Seller Central credentials. If necessary, ask the Seller
to grant Seller Central access through a secondary user permission, but do so
only if Seller Central is required to provide features or services that benefit
Data access and usage
- Do not request access to or retrieve information that is not necessary for your
- Only grant access to data on a "need-to-know" basis within your organization and
among your Application users.
- Do not attempt to circumvent throttling quotas through the creation of multiple
Developer accounts within the same region.
- Do not disclose information, individually labeled or aggregated, obtained
through Marketplace APIs on behalf of a Seller to other Application users or any
outside parties, unless required by law.
- Do not calculate or publish insights about the health of Amazon's
- Comply with the Data Protection Policy
("DPP"), which provides specific requirements on the receipt,
storage, usage, transfer, and disposition of the data accessed through