by Usama Ahmad | Apr 26, 2018 | Musings, News & Events
Unbeknownst to me, my friend Paul O’Mahony ran a GDPR webinar this past Sunday, and I just got my hands on the recording.
The recording link below is not an affiliate link. It points to a BASIC explanation of what GDPR entails, with two case studies of the impact of GDPR on companies like yours.
I am not suggesting that you buy Paul’s training. I have not seen the training content nor can I vouch for the quality or completeness of it – although I can vouch for Paul’s honesty and integrity.
What I AM suggesting, though, is that you watch the video up to its 01:05:00 mark (after that, the sales pitch for the training begins).
Again, I remind you that GDPR is applicable to ANY company, no matter how small, that trades anywhere within the EU to EU nationals Yes, that means you, even if you are based in the US, Canada, Israel, China … and of course, if you live in the EU.
So, even after spending the last 3-4 months deeply embroiled in the GDPR compliance implementation for SL, after watching this video, I STILL managed to learn a few more things that I did not know:
– There is a MANDATORY requirement to register with the UK Information Commission office (or the equivalent in any EU member state). If you register before May 25, you pay the standard registration fee which is a flat £35/year. After the 25th, the registration fee will be based on the size/type of business and the fee can run into the 1,000’s of GBP
– Wait for this one … You have an obligation to vet your affiliates and make sure they are GDPR compliant!! For us, that means we will simply be shutting down our affiliate program. It is simply too risky/onerous to have affiliate deals as there is no way we can ascertain their level of compliance.
– And the next one is a pain in the neck, but luckily, we at SL are close to having this one nailed: You have an obligation to vet that your VAs are equally GDPR compliant.
And there are a few I’ll throw in for good measure, which isn’t discussed in the video below, but it’s just worth alerting you to it:
– If you are trading in the EU and are not located in the EU, you have an obligation to hire a data privacy representative to handle your interactions with the regulators
– If you have a significant volume of EU buyers, you may need to appoint a Data Protection Officer to keep you compliant. Because that person needs to be independent, The DPO cannot be you as the owner of the company. In our case at SL, that means we need to hire someone to perform that task.
Here is the video link.
https://go.leftclickrightclick.com/gdpr-made-easy-replay-1
The recording will expire in a bit more than a couple of days. Up until the 01:05:00, it is a public information service free of sales pitches.
–
Michel Gimena
by Usama Ahmad | Apr 7, 2018 | News & Events
Sorry for the dramatic title. The following announcement is not only for SellerLegend’s GDPR compliance. it is as much for YOUR GDPR compliance.
Before you read what follows, please do not get irate with us and do not shoot the messenger. The regulations are what they are. We will not be drawn into defending or criticizing the regulations, there is simply not enough time left to lament. And the fines too gargantuan to ignore.
GDPR is a new legal requirement applicable to ALL businesses trading in the EU and handling personal data (we all do), no matter where you are located in the world. If you sell on Amazon in the EU, you are subjected to GDPR. There are no exceptions.
GDPR is a hefty piece of legislation, which requires you to produce at a minimum 13 different documents to explain and demonstrate how you manage your business in terms of data security. And data means every scrap of paper/handwritten lists/spreadsheets/pdfs/documents/system you use in your business to handle your buyers’ data.
An important part of GDPR is for you to have the adequate business processes to control the data you have entrusted to 3rd parties. That includes SellerLegend, as well as any other tool/system/company/assistance you use. For example, it applies to your VA’s as well.
During our own compliance review which has been ongoing for the past two months, we have identified we need to create 26 (out of about a potential 42) different documents to fully comply.
But documenting, while time-consuming and costly, is not the major task. Once documented, you need to implement and comply with what you have specified in the documents. And that is the true killer.
I cannot stress enough that *you* as an Amazon seller MUST comply with GDPR. It has nothing to do with SellerLegend. It has to do with your OWN business.
I am attaching a draft of our first public document, which is called the Data Processing Agreement. This is in addition and distinct to the TOS, Privacy policy, cookies policy etc. It is a binding, legal contract specifically between you and SellerLegend, which you will need to physically sign. It explains what our obligations are to:
1. Protect your data
2. Assist *you* in complying with GDPR
3. Allow *you* to communicate with the regulator when there is a security breach. (Yes, you are responsible for the regulatory communication if any of your processors is breached)
And oh, BTW, if you use multiple seller tools which handle personal data (most do), you need to sign one of those with EACH ONE of the tool providers. And if you use 3rd party processors (Mailchimp, Zendesk, Slack, Trello et al), you need one of those too.
Below is our first draft of the DPA, which we hope to implement on May 1st, about 25 days before the GDPR deadline. Please read it, it will reveal some of the obligations you must satisfy – although this will only reveal the top of the tip of the iceberg.
07.2_Supplier_Data_Processing_Agreement
by Usama Ahmad | Dec 18, 2017 | News & Events
Amazon has recently published a brand new ‘Developer’s Code Of Conduct’ which has significant implications both for us as developers but also for you as sellers.
You can read the full code of conduct here:
http://docs.developer.amazonservices.com/…/DG_CodeOfConduct…
It is quite short but telling. Let me extract the 3 clauses which I think are noteworthy:
- Customers and sellers trust that you will protect information about them. Don’t publicly disclose or share information obtained through MWS (for instance, a seller’s sales revenue or an item’s product description) with any third parties. Do not do this even if you omit or obfuscate the seller’s identity or if you share aggregated seller data without identifying individual sellers.
- Don’t help or allow sellers to violate Amazon’s terms. If you discover that a seller is using your service to violate Amazon terms that apply to the seller, you must immediately notify Amazon and cut off the seller’s MWS access through your service.
- Don’t use robots to programmatically read from (also known as ‘scraping’), or write information to (e.g. creating support contacts), Seller Central or Amazon’s marketplaces
The first clause is important because that puts an end to screenprints and demos using obfuscation. You will notice that ours are literally hand-crafted. No info is obfuscated, but each piece is meticulously replaced by fake data using the browser’s ‘Developers’s Tool’ invoked through the Inspect Element context menu in the browser.
It is further important as it now makes it illegal to provide services like keyword tools, PPC trend analysis, or even product category trends tools or lists (at least, that is how we read it)
The second clause is more significant. If you help a seller to break TOS, you are in Amazon’s cross-hairs. If the developer is in their cross-hairs, where do you think the seller will be?
The third clause is an old chestnut that is easily discounted by both sellers and many of our competitors.
Discuss.
by Usama Ahmad | Dec 15, 2017 | News & Events
We at SellerLegend have a big dilemma.
To video or to not video.
Sounds like a simple decision, right? Of course, the answer is to video, surely.
Well, we have several challenges with videoing, which we explain in our knowledgebase like so:
https://docs.sellerlegend.com/…/why-is-there-no-video-trai…/
This is all well and good, but life would be soo much better with videos, wouldn’t it?
Well, here’s a test of a potential mid-way solution which provides us with the agility we need to maintain visual training material, and we would welcome your input.
The tool we use essentially strings together screen prints and commentary and provides a step up from written documentation. But regrettably is not as good as motion video.
So, we’d like your input on the matter. Here’s our first non-video for you to judge.
The tool I mentioned is still in its infancy and does not yet support 16:9 aspect ratio, which is a pain. You’d really want to see the screen prints in … well … full screen. However, we’re assured that that is coming in 1Q18. So we’ll patiently wait.
We have produced a version narrated in English, German, French, and Spanish.
Please let us know whether it is worth us investing in what will essentially result in A LOT of time producing stuff like this.
http://vid.sellerlegend.com/l/e04ojlh7ur-vixue2dgm9
by Usama Ahmad | Dec 13, 2017 | News & Events
Due to our business growth, we are looking for two additional experienced Senior Developers and one Customer Support Analyst.
If you are a Senior Developer and
– Are well-versed in the Amazon MWS and Product Advertising APIs,
– Are an expert on the Amazon Cloud Computing infrastructure (EC2, RDS, AWS, S3, SQS),
– Have a solid foundation in PHP/Laravel,
– Understand machine learning and AI,
– Are a team player, used to work in an international environment where timezones usually work against you
– Can work remotely in a small group of 7 using the industry standard collaborative tools (Slack, Trello, Github and many others)
If you are a Customer Support person and
– Have experience working in a customer-facing role
– Are resourceful, having attention to detail and a readiness to dive headfirst into user issues
– Have genuine curiosity about why things happen and how to fix them, and love getting to the bottom of things
– Have a passion for making sure the customer gets what they need
– Can show demonstrable problem-solving skills, with the ability quickly understand the root of an issue and map out steps to be taken to resolve it
– Can show demonstrable writing skills, with a focus on modifying your tone based on the context (customer’s happiness level, the urgency of the situation, etc.)
– With preferably previous experience with support handing in a startup environment – doing tech support for a product like SellerLegend is very different from working for a run of the mill call centre
Then please get in touch with us at support@sellerlegend.com referencing this post
by Usama Ahmad | Dec 7, 2017 | News & Events
A few weeks ago, we committed we would be providing a feature to account for monthly storage fees per ASIN.
We have now started developing this and we have hit a bit of a snag.
The storage fee reports come with an ASIN and an FNSKU alongside the storage charges for one month. So, we can certainly provide a breakdown per ASIN, but when it comes to assigning the cost to a product for product profitability calculations, we need to assign it to an SKU rather than an ASIN.
See the issue?
We can certainly convert the FNSKU to an SKU, that is not a problem. However, in the cases where there is no FNSKU, we are stuck.
Cases with no FNSKU include comingled inventory and inventory where the UPC or EAN numbers are used instead.
How would you folks want to address this?