For WooCommerce, Shopify, and Big Cartel, you grant TokoSales read-only access through your platform's standard OAuth authorisation screen. We only request permission to read your product data, shop information, and shipping settings.
We cannot write to your shop, edit your listings, change your prices, modify your settings, or delete anything. This is a technical limitation built into the connection itself, not just a policy.
Etsy does not give third-party tools the API access we need. To support Etsy sellers, you export a CSV file of your listings from your Etsy shop and upload it to TokoSales.
We parse the CSV, extract the structured product data, build your feeds, and discard the raw file. We do not store the original file. We do not have any login credentials for your Etsy shop. You can stop uploading at any time and we have no way to access your shop without you.
For OAuth connections, your platform gives us a secure credential that allows us to read your data. This credential is stored in AWS Secrets Manager, encrypted with a KMS key unique to your account.
If you want to stop the connection, you can revoke access directly from your selling platform's settings at any time. The moment you revoke, we lose access immediately.
Connecting to TokoSales does not change anything about your shop. Your listings stay exactly the same. Your search ranking is not affected. Your shop settings are not modified. If you disconnect, everything goes back to exactly how it was before.
TokoSales runs entirely on Amazon Web Services in us-east-1. Your data is stored in secure data centres with 24/7 monitoring and automatic backups. Every connection between your shop and our servers uses TLS 1.2 or higher.
International data transfers are covered by the EU-US Data Privacy Framework and the UK Addendum to the Standard Contractual Clauses.
For any security question, email [email protected] or read about exactly what data we store.