CartShield AI
Legal

Privacy Policy

Last updated: 2026-06-01. This document describes how CartShield Labs ("we", "us") collects and processes data through the CartShield AI Shopify app (the "Service").

1. Who we are

CartShield Labs operates the Service. For privacy enquiries contact help@cartshieldai.com.

2. Data we collect

  • Merchant data received during install: store domain, plan, OAuth access token, merchant configuration, optional shop-owner email.
  • Storefront visitor data submitted to the email-capture widget: email address, cart contents and products, cart value, page URL, referrer, UTM parameters, user agent, approximate IP and country.
  • Recovery email status: scheduled/sent/failed/cancelled per cart, optional provider message IDs.
  • Risk signals needed for spam/fake lead protection: derived from the data above plus your blocklist entries.
  • Shopify order and customer data only if and when Protected Customer Data access is approved by Shopify and required to match orders back to captured carts.

3. Why we process it

  • Capture cart abandoners on behalf of merchants.
  • Send cart-recovery emails.
  • Prevent fake and bot submissions from reaching merchant marketing tools.
  • Show analytics and recovery reporting in the embedded admin.
  • Support general app functionality (sessions, error handling, audit trail).

4. Legal basis

Processing is performed on the legal basis of the merchant's contract with us and our legitimate interest in providing fraud detection. The merchant is the data controller for storefront-visitor data; we act as a processor.

5. Sub-processors

  • Resend (or Postmark, configurable per deployment) — delivery of transactional recovery emails.
  • Our hosting and managed Postgres provider — application runtime and database.
  • Shopify APIs — install handshake, billing, discount creation, GDPR webhooks, and (if approved) order webhooks.

We do not sell or share personal data with any party outside this sub-processor list.

6. Data retention

We retain captured cart sessions for fourteen days; recovered-order summary records (email, order id, name, revenue) persist for the lifetime of the merchant's installation. On uninstall we honour Shopify's mandatory forty-eight-hour shop-data redaction window and process Shopify's customers/data_request, customers/redact, and shop/redact webhooks.

7. Customer / merchant rights

Storefront visitors may request access or deletion via the merchant. Merchants and end-customers can email help@cartshieldai.com for deletion or export requests, which we respond to within the timelines required by GDPR / CCPA where applicable.

8. Security

  • All traffic is encrypted in transit (HTTPS).
  • Production access is restricted to the platform operator.
  • Third-party API credentials (e.g. Klaviyo) are encrypted at rest with AES-256-GCM.
  • Provider-level encryption is applied to database and email-provider storage where available.

9. International transfers

Data may be processed in regions where our hosting provider operates. Where required we rely on Standard Contractual Clauses.

10. Changes

We will update this page when our practices change. Material changes will be announced in the embedded app.

11. Contact

Questions: help@cartshieldai.com.