About Security at Ecom10x
A narrative overview of our security philosophy and architecture.
Company: EcomSarthi Business Solutions LLP ("EcomSarthi", "we", "us", "our")
Product: Ecom10x — One Dashboard. Every Marketplace. (the "Platform" or "Service")
Effective Date: [EFFECTIVE_DATE — e.g., 1 August 2026] · Version: [VERSION — e.g., 1.0] · Next Review: [NEXT_REVIEW_DATE — e.g., 1 February 2027]
Security is the product
Ecom10x exists because sellers trusted us with the most sensitive view of their business: every order, every rupee of settlement, every marketplace credential-equivalent token. We treat that trust as the core feature.
Built on official rails only
We integrate exclusively through official Marketplace mechanisms — the Amazon Selling Partner API, the Flipkart Seller API, Meesho's officially supported seller data mechanisms, and official OAuth authorisation. We have deliberately chosen not to build password-collection or browser-automation "integrations", because they endanger seller accounts. If a marketplace doesn't offer an API for something, Ecom10x works from the official report files the marketplace itself gives you.
Defence in depth
- Transport: TLS everywhere.
- Storage: encryption at rest; tokens additionally protected and masked.
- Identity: salted adaptive password hashing, throttled logins, automatic session expiry.
- Authorisation: role-based access with per-client scoping and tenant isolation checked on every query.
- Accountability: audit logs on security-relevant events; access monitoring; fraud-detection heuristics.
- Resilience: encrypted backups, tested restoration, documented incident response with 72-hour customer notification.
Honest posture
We publish what we actually do and avoid badge-collecting claims: we do not assert certifications we do not hold. As independent assessments are completed, they will be listed on the Trust Center.
Talk to us
Security questionnaires, architecture questions, or concerns: [SECURITY_EMAIL — e.g., security@ecom10x.in].