Privacy Policy

Last updated: 2026-05-31. This document describes how CartShield Labs ("we", "us") collects and processes personal data through the CartShield AI Shopify app (the "Service").

This is a draft template. Replace with finalized counsel-reviewed copy before Shopify App Store submission.

1. Who we are

CartShield Labs operates the Service. For privacy enquiries contact iddouch.m@gmail.com.

2. Data we process

• Storefront visitor data submitted to the email-capture widget: email address, cart contents, cart total, page URL, referrer, UTM parameters, user agent, and approximate IP/country.
• Merchant data received from Shopify during install: shop domain, plan, and the OAuth access token used to call Shopify APIs on the merchant's behalf.
• Order data received via the orders/create webhook to attribute recovered revenue.

3. Why we process it

• To send cart-recovery emails on behalf of the merchant.
• To detect and block fraudulent / bot cart submissions.
• To produce analytics and revenue attribution for the merchant.

4. Legal bases

Processing is performed on the legal basis of (a) the merchant's contract with us and (b) our legitimate interest in providing fraud detection. The merchant is the data controller for storefront-visitor data; we act as a processor.

5. Sharing

We share data only with: (i) our hosting provider; (ii) our email-sending sub-processor (Resend or Postmark, configurable by the merchant); (iii) Klaviyo if the merchant opts in. We do not sell personal data.

6. Retention

Captured cart and recovery records are retained for the lifetime of the merchant's installation. On app uninstall we honour Shopify's mandatory 48-hour shop-data redaction window.

7. GDPR / CCPA data subject rights

Storefront visitors may request access or deletion via the merchant. We support Shopify's mandatory compliance webhooks customers/data_request, customers/redact and shop/redact, which automatically purge matching records.

8. Security

Third-party API credentials (Klaviyo) are encrypted at rest with AES-256-GCM. All traffic is TLS-encrypted. We follow the principle of least privilege when requesting Shopify scopes.

9. International transfers

Data may be processed in regions where our hosting provider operates. Where required we rely on Standard Contractual Clauses.

10. Changes

We will update this page when our practices change. Material changes will be announced in the embedded app.

11. Contact

Questions: iddouch.m@gmail.com.