Secure data management for online sales channels | Transalis Blog


When it comes to overseeing the e-commerce order cycle, secure data management across the entire supply chain must be the first consideration.

E-commerce has become almost central to any business, irrespective of whether they are B2B or B2C orientated. Overall, online sales are forecast to grow to a quarter of total global sales by 2025.*

Get the full report

Our whitepaper, the rise of e-commerce marketplaces, identifies three key areas that any business should address to ensure greater long-term success with online sales channels.

E-commerce marketplaces provide ample opportunities to tap into expanding customer demand. Market dominators, such as Amazon, grant Business-to-Consumer (B2C) brands significant visibility across online audiences. The same online visibility would be difficult to reach via an independent online presence.

Digital marketplaces now account for 67% of global e-commerce sales, leaving just 33% of transactions taking place on D2C brand websites.

Regarding Business-to-Business (B2B), suppliers are expanding their e-commerce ability with industry-relevant online sales channels, such as Procure-to-Pay marketplaces.

However, whether these businesses ensure secure data management across their e-commerce channels is another matter. This blog describes the essential steps for data compliance and database security, applicable to the entire supply chain network.

The imperative need for business audits for secure data management

The accelerated increase in digital interactions and online sales in recent years has only highlighted the imperative need for robust data security and strict regulation.

The UK Government Department for Science, Innovation & Technology (DSIT) estimated that there were 2.39 million instances of cybercrime in the previous 12 months alone.***

Retail business is a target for cybercrime and data breaches due to the nature of the information that they hold and process as part of the order fulfilment cycle, which is typically financial and personal (e.g. Personal Identifiable Information – PII).

Data security has been the subject of government legislation in recent years. Most notably General Data Protection Regulation (GDPR) under the Data Protection Act. This was ratified in the UK in 2018 and is guided by 7 principles:

  • Lawfulness, fairness and transparency

  • Purpose limitation

  • Data minimisation

  • Accuracy

  • Storage limitations

  • Integrity and confidentiality

  • Accountability

D2C businesses need to prioritise conducting a secure data management audit. This can be approached in two stages:

  1. Identifying all the parties that are permitted to access consumer data. These parties can be internal teams and/or external service providers and sub-processors.

  2. Understanding the exact policies and procedures that ensure the data is protected. This could be internal security policies, certifications, or accreditations held by third-party service providers.

To reassure our clients as their sub-processor that we are following cybersecurity best practices, we comply with Information Security Management ISO20071 and hold Cyber Essentials certification. We can also comply with requirements to host data within the jurisdiction(s) applicable to our clients, avoiding the complexities of legislation regarding the ‘safe-harbour’ of data.

The issue of managing PII data for D2C sellers and their 3rd party service providers

For many, a central challenge of managing Direct-to-Consumer (D2C) online sales is maintaining an efficient order cycle alongside other sales channels.

Keeping control of costs, supporting scalability, and expanding market reach must be priorities as online purchases grow. Utilising online marketplaces to facilitate this growth is a strategy many brands adopt across various business verticals.

But how to ensure efficiency when managing these new sales channels? Market insight providers such as McKinsey and Gartner have stressed the need for businesses to invest in the supply chain and the automation of processing to stay ahead of the game:

The revenue generated from the top 100 digital marketplaces globally grew by 18% in 2021. With two-thirds of dollars being spent on digital marketplaces and projections of double-digit growth, branded goods manufacturers will be fighting a losing battle if they don’t take immediate action and attempt to retain consumers.

Businesses are already facing significant challenges associated with managing the order cycle from online marketplaces. Without automation of communication between marketplaces and business systems, there can be complicated manual processes to route necessary data across the supply chain so orders received can be fulfilled. It can also cause significant bottlenecks for businesses that have high order volumes. Therefore, many businesses are leaning on third-party service providers to automate processing and provide an efficient order cycle.

Eight hundred billion gigabytes of customer data were generated in 2021 across the world. Using this data for advanced analytics and artificial intelligence, and the high potential for automation will help companies maximize value creation, and technological advances will make adoption easier. All of this will require the modernization of legacy IT architecture and systems, a shift towards agile IT operating models, and more advanced cybersecurity systems.

However, marketplaces are scrutinising sellers and their third-party service providers regarding secure data management and data loss prevention. So, on top of the legal requirements mentioned in the previous section, online marketplaces are introducing terms and conditions with strict limitations on PII data. Top marketplaces are clamping down on the sharing of PII data with third parties unless they are properly vetted. Therefore, businesses face a greater dilemma if they rely on data sub-processors (e.g. 3PL, EDI providers or integrators) to deliver efficiency and automation.

This is particularly true for those using Amazon Seller Central as a D2C channel. For Seller Central account holders, particularly those with Direct Fulfillment accounts, Amazon will only share PII data with endpoints that they have approved and can trust. Whilst Amazon’s policy is considerate of data security, it can be restricting and generally results in PII data only being sent directly to the seller rather than the parties involved in the order fulfilment process (e.g. 3PL). To avoid this bureaucratic headache, businesses utilising the marketplace need to ensure they and all their sub-processors are compliant with the necessary security and data protection protocols. As it stands, Amazon will not permit PII data to be routed to third-party providers unless they have achieved trusted Amazon Selling Partner status.

The Transalis solution

Luckily, businesses running a D2C channel via Amazon Seller Central do have a way to automate the order cycle with PII data. Transalis is one of a select few providers that have gained verified Amazon Selling Partner status. The Selling Partner status enables us to manage PII data on behalf of our clients. We can integrate your Amazon Seller account directly with your business systems and fulfilment processes.

For example, businesses can consolidate all order information from their various sales channels, including Amazon, automatically into their Enterprise Resource Planning (ERP) system. We can also offer this secure data integration service for many other online marketplaces, such as the ones included in this blog. B2B suppliers and manufacturers can also capitalise on the advantages of utilising marketplaces. Many Procure-to-Pay platforms actually offer this functionality to enable the full automation of the procurement process. We have a number of resources on this topic, including a whitepaper that provides a detailed client success story.

eDI Software

Want to know more about secure data management of orders from your online marketplace channels? Talk to one of our team who are happy to discuss possible solutions suitable for your business needs! You can easily schedule a meeting, call 0845 123 3746 (UK) or +44 1978 369 343 (international), or even email us via If you found this blog insightful we have loads more topical resources in our Knowledge Hub.


*McKinsey. 2023. What is e-commerce?

**Gartner. 2022. Navigating the D2C minefield.

***GOV.UK DSIT. 2023. Cyber security breaches.

****McKinsey. 2022. Transforming the EU retail and wholesale sector.

Sign up to our newsletter

Stay up to date with the latest reports, blogs, news and client stories from Transalis


Transalis Ltd,
Portsmouth Technopole,
Kingston Crescent,

Registered Address

C/O Blakelaw Secretaries Limited,
New Kings Court, Tollgate,
Chandler’s Ford,
SO53 3LG

UK Sales
International Sales
UK Helpdesk
International Helpdesk

Privacy Preference Center