Amazon SP API expert

Hi, We need help with the Amazon SP API questionnaire tone able to access Personally Identifiable Information (PII) I am looking for someone who has experience at this and has been successful in this task. All the answers need to be in compliance with the following; Amazon Services Europe API Developer Agreement Acceptable Use Policy Data Protection Policy The questions are; Describe the network protection controls used by your organisation to restrict public access to databases, file servers and desktop/developer endpoints. Describe how your organisation individually identifies employees who have access to Amazon Information and restricts employee access to Amazon Information on a need-to-know basis. Describe the mechanism your organisation has in place to monitor and prevent Amazon Information from being accessed from employee personal devices (such as USB flash drives, mobile phones) and how you are alerted in the event that such incidents occur. Provide your organisation's privacy and data-handling policies to describe how Amazon data is collected, processed, stored, used, shared and disposed. You may provide this in the form of a public website URL. Describe where your organisation stores Amazon Information at rest and provide details on any encryption algorithm used. Describe how your organisation backs up or archives Amazon Information and provide details on any encryption algorithm used. Describe how your organisation monitors, detects and logs malicious activity in your application(s). Summarise the steps taken within your organisation's incident response plan to handle database hacks, unauthorised access, and data leaks. How do you enforce password management practices throughout the organisation as it relates to required length, complexity (upper/lower case, numbers, special characters) and expiry period? How is Personally Identifiable Information (PII) protected during testing? What measures are taken to prevent exposure of credentials? How do you track remediation progress of findings identified from vulnerability scans and penetration tests? How do you address code vulnerabilities identified in the development lifecycle and during runtime? Who is responsible for change management and how is their access granted? Please specify job title.