Privacy Policy

Last updated: 2025-10-09

1. Introduction

Welcome to ORCA (Order Ready Commerce Automation). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our services.

2. Information We Collect

We may collect the following types of information:

  • Personal Information: Name, email address, phone number, and other contact details when you provide them through forms or communications.
  • Usage Information: Data about how you interact with our website and services, including IP address, browser type, and pages visited.
  • Cookies: We may use cookies to improve user experience and analyze website performance.

2.1 Amazon Selling Partner API (SP‑API) Data

When you connect ORCA to Amazon's Selling Partner API (SP‑API), we access and process certain seller, order, and fulfillment data as needed to provide our services. Depending on the features you enable, the data may include:

  • Order and fulfillment information: order IDs, order items, SKUs, quantities, shipment and delivery statuses, return and refund data.
  • Customer shipping contact data (PII): recipient name, shipping address, phone number, and email address when required to fulfill the order or permitted by Amazon policies.
  • Messaging and communication metadata: timestamps and message IDs where applicable (we do not store message content unless necessary for the service you request).
  • Integration metadata: API tokens, authorization scopes, and technical logs related to API requests and responses.

We do not store full payment card data or bank account numbers obtained from Amazon. We only request the minimum scopes necessary and use Amazon data solely to operate the features you authorize.

2.2 QuickBooks Online Data

When you connect ORCA to QuickBooks Online, we access and process certain financial and business data to provide order automation, inventory management, and related services. The data we collect from QuickBooks may include:

  • Customer and vendor names
  • Invoices, payments, and transaction details
  • Inventory items and quantities
  • Order and fulfillment statuses

We do not store or process sensitive financial information such as credit card details or bank account numbers.

3. How We Use Your Information

Your information may be used for the following purposes:

  • To provide, operate, and improve our services, including automation, synchronization, and integrations with QuickBooks Online and Amazon SP‑API.
  • To authenticate you, manage tokens/authorizations, and maintain integration settings.
  • To communicate with you regarding updates, support, security notices, or inquiries.
  • To analyze and enhance the performance, reliability, and security of our website and services.
  • To detect, investigate, prevent, and respond to fraud, abuse, or security incidents.
  • To comply with contractual and legal obligations, including Amazon’s policies and applicable data protection laws.
  • To create aggregated or de‑identified insights that do not identify you or your customers.

4. Sharing Your Information

We do not sell or rent your personal information. However, we may share your information in the following cases:

No selling or sharing: We do not sell or share personal information—ever. We also do not permit our service providers to sell or share your data.

  • With service providers who help us operate and improve our services.
  • To comply with legal obligations or respond to lawful requests from authorities.
  • To protect our rights, property, or the safety of others.

4.1 Sharing with QuickBooks Online

We share data with QuickBooks Online only to facilitate synchronization between your ORCA account and QuickBooks. We do not sell or distribute your QuickBooks data to any third parties except as required for legal compliance.

4.2 Sharing with Amazon Selling Partner API (SP‑API)

We share data with Amazon only as necessary to operate features you enable (for example, syncing orders, inventory, and fulfillment updates). We do not sell Amazon data or use it for advertising. Any sharing with service providers is governed by written contracts requiring confidentiality, security, and processing only under our instructions.

5. Cookies and Tracking Technologies

We use only strictly necessary, first‑party session cookies to operate the site (for example, to keep you signed in and protect against CSRF). We do not use analytics, advertising, or cross‑site tracking cookies, and we do not embed third‑party trackers (e.g., Google Analytics, pixels).

6. Data Security

We implement industry‑standard administrative, technical, and physical safeguards to protect your information. These controls include:

  • Encryption in transit and at rest: We use TLS for data in transit and strong encryption (e.g., AES‑256) for stored data, including backups.
  • Access controls & least privilege: Role‑based access, multi‑factor authentication, key management, and periodic access reviews. Production access is restricted to authorized personnel with a need to know.
  • Network security: Firewalls, network segmentation, and monitoring (e.g., intrusion detection/prevention) for suspicious activity.
  • Secure development & vulnerability management: Secure coding practices, code reviews, dependency management, regular patching, and periodic vulnerability scanning and/or penetration testing.
  • Logging & monitoring: Security and access logs are retained for at least 90 days and monitored for anomalies.
  • Incident response: Documented procedures to detect, investigate, and remediate security events. If we determine that your data has been impacted, we will notify you and any required authorities as required by applicable law and relevant platform policies.

While we strive to maintain the highest security standards, no system can be completely immune to risks. If you suspect any unauthorized access or data security issue, please contact us immediately at support@killerwarehouse.com.

6.1 QuickBooks Online Data Retention & Deletion

Your QuickBooks-related data is stored only as long as necessary to provide our services. You may disconnect ORCA from QuickBooks Online at any time, and we will cease further data access. You can request data deletion by contacting us at support@killerwarehouse.com.

6.2 Amazon SP‑API Data Retention & Deletion

We retain Amazon customer personally identifiable information (PII)—such as recipient name, shipping address, email, and phone—only for as long as necessary to perform the services you have enabled and in accordance with Amazon policies. Unless a longer retention period is required by law, we delete Amazon customer PII no later than 30 days after order delivery or such other period required by Amazon policies.

Upon revocation of our authorization or disconnection from Amazon, we cease further data access. Subject to legal obligations and backup cycles, we delete or anonymize stored Amazon PII. Operational logs may contain minimal technical metadata but are designed not to include customer PII.

7. Your Privacy Rights

You have the right to:

  • Access, update, or delete your personal information.
  • Opt out of receiving communications from us.
  • Request information about how your data is being used.

Depending on your location, you may have additional rights (e.g., access, correction, portability, objection, limitation, or deletion) under laws such as GDPR or CCPA. You can also disconnect third‑party integrations at any time; when you do, we cease further collection from that service and handle previously obtained data per our retention policy.

7.1 U.S. State Privacy Disclosures (e.g., California)

We do not sell or share personal information as those terms are defined by applicable U.S. state privacy laws (e.g., CPRA). We use sensitive personal information only to provide our services and for security or integrity purposes. You may exercise your rights under these laws by contacting us at the addresses below.

To exercise your rights, please contact us using the information below.

8. Children’s Privacy

Our services are not directed to children and we do not knowingly collect personal information from children under 13 (or under 16 where required by law). If you believe a child has provided us personal information, please contact us so we can delete it.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated date. Your continued use of our services signifies your acceptance of these changes.

10. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us:
Email: support@killerwarehouse.com
Phone: (435) 612-0363
Mailing Address: ATTN: ORCA - Killer Warehouse, 940 W 1400 N, Logan, UT 84321




Customer Service | (435) 612-0363


We use only essential session cookies required for login and security. No analytics, tracking, or advertising cookies are used.

Terms | Privacy