Privacy Policy

Last updated: fill in

This is a starter privacy policy. Replace before submitting to the App Store. See docs/shopify-baseline.md §10 for the required-content checklist.

1. Data controller

TBD. Provide the controlling entity's legal name, address, and contact email (marketplace@westpoint.io).

2. Data collected

• Shopify session data: shop identifiers, OAuth access tokens, app configuration.
• Merchant settings: whatever this app stores per merchant.
• Order data: line items, totals, tax, buyer name + address.
• Technical logs: audit events, correlation IDs.

3. Purposes & legal bases

TBD per the actual processing.

4. Retention

TBD — list per data category, citing the relevant local regulation.

5. Sub-processors

• Amazon Web Services — hosting and storage (region: eu-central-1).
• Shopify Inc. — platform integration.

6. Data subject rights

Buyers should contact the Shopify merchant they purchased from. Subloop assists merchants in fulfilling such requests as a processor. Merchants may contact us at marketplace@westpoint.io.

7. Security

Encryption in transit (TLS 1.2+) and at rest (AES-256). Least-privilege IAM. No payment data is processed; Shopify retains all payment handling.

8. Contact

marketplace@westpoint.io