Security you can hand to your compliance team

We take security seriously. Every byte of your Amazon data lives behind top-grade security layer, audited by Amazon itself under their hardest data protection process.

GET STARTED FOR FREETalk to our CTOBOOK A DEMO
Amazon PII approved

Restricted PII access granted & audited

Pre-approved by Amazon to pull customer addresses, customizations and gift messages on behalf of every connected seller.

AES-256 at rest

Top-secret-grade symmetric cipher

Every database row, every cached file, every backup encrypted with the standard used by the U.S. government for classified data.

TLS 1.2+ in transit

Modern transport security

Continuously monitored cipher suites. Weak protocols refused. Every API call, every dashboard session, every Amazon connection.

DPP audited

Amazon Data Protection Policy verified

Encryption, retention, key rotation, vulnerability management and incident response — all audited by Amazon under the Public PII Process.

Annual penetration tests

Third-party security firm, every year

Full external pen test on every component of the data flow, with reports on file. Findings remediated and re-verified.

180-day vulnerability scans

Continuous monitoring of all data flows

Every component scanned twice yearly minimum, plus continuous automated monitoring for unusual access patterns and emerging vulnerabilities.

Where your data lives

One datacenter. One organization per vault.

Your DataDoe data lives in a Tier-3+ cloud datacenter in Northern Virginia, USA — physically isolated, redundantly powered, and continuously monitored. Every customer organization gets its own logically separated data partition.

This isn't a permission setting we could accidentally turn off. It's how the database is architected: cross-organization access is impossible by design, not just disallowed. You see your data. Nothing else, ever.

Region: us-east-1 (N. Virginia) Tier: Tier-3+ datacenter Architecture: per-org isolation Backups: encrypted, redundant
AOrganization A · your teamyour data
BOrganization B · separate vaultisolated
COrganization C · separate vaultisolated
DOrganization D · separate vaultisolated
no path between them
+Every new customer · their own vaultautomatic
Cross-organization access is impossible by design.
Encryption

At rest. In transit. In your hands.

Three independent encryption layers protect your data across its entire lifecycle in DataDoe — applied automatically, enforced everywhere, monitored continuously.

/ 01

At rest

AES-256

Every database row, every cached file, every backup — encrypted with 256-bit Advanced Encryption Standard, the same cipher the U.S. government uses for top-secret data classification.

Always on
/ 02

In transit

TLS 1.2+

Every API call, every dashboard session, every Amazon connection. We continuously monitor cipher suites and refuse weak protocols. No exceptions, no downgrade attacks.

Enforced everywhere
/ 03

Credentials

Rotating keys

Your Amazon connection credentials live separately from your data, in a key management system, and rotate periodically. Continuous monitoring flags any unusual access pattern.

Auto-managed
Amazon Public PII
Amazon Public PII ✓ Approved

We passed Amazon's hardest data audit so you don't have to.

To pull customer addresses, customizations and personal data from Amazon SP-API, every organization must complete the Public PII Process — a months-long, multi-stage audit covering encryption, retention, access controls, vulnerability management and incident response. Here's exactly what was reviewed.

Restricted Data Token (RDT) infrastructureEvery PII request short-lived, scoped per resource
AES-256 encryption at restEvery byte of customer data, including all backups
TLS 1.2+ encryption in transitContinuous monitoring · weak ciphers refused
Encryption key rotationAutomated rotation · separated from data store
30-day PII retention enforcementLifecycle automation · audit trail required
Annual penetration testsThird-party security firm · full report on file
180-day vulnerability scanningEvery component scanned twice yearly minimum
Least privilege access policyEngineers see only systems they directly maintain
Incident response planDocumented procedure · regular tabletop exercises
Audit logging for every PII accessEvery read · every export · every API call logged
AI data isolation

AI sees the answer. Not your warehouse.

How DataDoe handles your data when you use AI features inside the platform — and when you connect your own AI tool through MCP, REST API, or SDK.

Platform AI

Only what's needed to answer.

When you use AI features inside the DataDoe app — daily briefs, ask-anything chat, suggested actions — we send only the minimum data the model needs to answer your specific question. Never your full warehouse.

  • Per-question scoped data extraction
  • No PII unless explicitly queried
  • No raw exports passed to the model
  • Every call written to your audit log
Claude · Cursor · Codex · ChatGPT · MCP

You decide what gets sent.

When you connect Claude, Cursor, Codex, ChatGPT or any AI tool through MCP or our REST API, the tool requests what it needs and we send only that. You set the scope. You see every call. You revoke access in one click.

  • Granular field-level access control
  • Per-integration scopes you define
  • Every request logged in your dashboard
  • Revoke any key any time, instantly
Your data is never used to train AI models.

Not by us. Not by the AI providers we connect to, when configured properly through their enterprise plans — which we recommend and document for every supported provider.

Account security

Strong defaults. No exceptions.

Every user account, every API key, every integration.

/ 01

Two-factor authentication

Every user can set up 2FA with any TOTP authenticator app — Google Authenticator, Authy, 1Password, hardware keys.

TOTP via authenticator app · supported on all plans · enabled in 30 seconds
/ 02

Keys you see once

Every API and MCP key is generated, shown to you a single time, then permanently hidden — even from us. Lose it, you regenerate.

Max 1-year TTL · auto-expire · regenerate any time · never readable after creation
/ 03

Least privilege by default

Every team member gets a scoped role. Every integration gets the narrowest permissions needed.

Org-level + table-level + integration-level scopes · full audit trail
Data lifecycle

Your data leaves the way you want it to.

Clear retention rules. No surprises. No "we keep it for analytics purposes" small print.

NOW
Active subscription
Your data lives in DataDoe

Encrypted at rest, accessible via dashboard, API, MCP, SDK and BigQuery.

T+0
You cancel
Subscription ends

Sync from Amazon stops. No new data added. Your existing data marked for deletion.

T+30d
Final cleanup
Permanent removal

All your data — including backups — permanently removed from our systems, verified by audit log.

Or delete on demand, any time

Request immediate full deletion via dashboard or email. Completed and confirmed within 24 hours, audit-logged. Plus: export your full historical dataset in CSV or JSON before you go — no lock-in, ever.

FAQ

Where exactly is my data stored?
Faq Plus
Who at DataDoe can actually see my data?
Faq Plus
Is DataDoe an Amazon-approved developer for restricted data?
Faq Plus
What happens to PII data after thirty days?
Faq Plus
Does DataDoe use my data to train AI models?
Faq Plus
What happens if there's a data breach?
Faq Plus
What about SOC 2, ISO 27001, GDPR, HIPAA?
Faq Plus
How fast does deletion actually happen if I cancel?
Faq Plus
Where can I get the security documentation pack?
Faq Plus

Need more details?

We'll walk you through our security setup, share compliance docs, or answer your security team's questions. Just reach out.

Book a demo

Set up in under
5 minutes.
Try free for 7 days. Then $97/month.

Every integration. Full onboarding support. If it’s not the best decision you made in 2026, you can cancel anytime.

GET STARTED FOR FREEBook a demo