Privacy Policy

1. Introduction

Welcome to OrderlyPOD ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and protect information when you use our Shopify application (the "App"). We are committed to protecting your privacy and handling your data in an open and transparent manner.

By installing or using OrderlyPOD, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Merchant Information

When you install our App, we collect:

• Store name and Shopify store URL
• Email address associated with your Shopify account
• Store owner name
• Authentication credentials (OAuth tokens)

2.2 Customer Order Information

To fulfill orders, we process:

• Customer name and shipping address
• Order details (product specifications, quantities, custom design files)
• Order status and tracking information

2.3 Payment Information

We collect payment information through Stripe, our payment processor. We do not store full credit card numbers. Payment data is encrypted and handled according to PCI-DSS standards.

2.4 Usage Data

We automatically collect:

• IP addresses and browser information
• App usage statistics and analytics
• Error logs and performance data

3. How We Use Your Information

We use the collected information for the following purposes:

• Order Fulfillment: To process and fulfill custom print-on-demand orders
• Service Provision: To provide, maintain, and improve our App
• Communication: To send order updates, notifications, and customer support
• Payment Processing: To process credit purchases and transactions
• Analytics: To understand how merchants use our App and improve our services
• Security: To detect, prevent, and address technical issues and fraud

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We share data with trusted third parties who help us operate our App:

• Supabase: Database and authentication services
• Vercel: Hosting and infrastructure
• Stripe: Payment processing
• Resend: Email delivery services

4.2 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or to protect our rights, property, or safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4.4 No Data Selling

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Security

We implement industry-standard security measures to protect your data:

• Encryption: All data is encrypted in transit (HTTPS/TLS) and at rest
• Access Control: Role-based access controls limit who can access data
• Secure Authentication: OAuth 2.0 for Shopify integration
• Regular Backups: Automated encrypted backups of all data
• Monitoring: Continuous security monitoring and logging

6. Data Retention

We retain your data only as long as necessary to provide our services and comply with legal obligations:

• Active Accounts: Data is retained while your account is active
• Order History: Order data is retained for 2 years for record-keeping and support
• Deleted Accounts: When you uninstall the App, we delete or anonymize your data within 30 days, except where we must retain it for legal or regulatory purposes

7. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data
• Portability: Request your data in a machine-readable format
• Objection: Object to our processing of your data
• Restriction: Request restriction of processing your data

To exercise these rights, please contact us at privacy@orderlypod.com

8. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), we process your data based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill our service agreement with you
• Consent: You have given explicit consent for specific processing activities
• Legitimate Interests: Processing necessary for our legitimate business interests
• Legal Obligations: Processing required to comply with legal requirements

9. CCPA Compliance (California Users)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect and how it's used
• Right to request deletion of personal information
• Right to opt-out of the sale of personal information (we do not sell your data)
• Right to non-discrimination for exercising your privacy rights

10. Cookies and Tracking

We use cookies and similar tracking technologies to:

• Maintain your session and authentication
• Remember your preferences
• Analyze App usage and performance

You can control cookies through your browser settings, but disabling cookies may affect App functionality.

11. Children's Privacy

Our App is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending you an email notification for material changes

Your continued use of the App after changes indicates acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

14. Shopify Integration

Our App integrates with Shopify and is subject to Shopify's terms and privacy policies. By using our App, you acknowledge that Shopify may also collect and process your data according to their policies. Please review Shopify's Privacy Policy at https://www.shopify.com/legal/privacy