Privacy Policy — GDPR + CCPA Privacy Automator
Last updated: July 8, 2026
What this app does
GDPR + CCPA Privacy Automator ("the app") helps merchants handle customer data-deletion and data-access requests: it tracks requests with deadlines, anonymizes customer records on request, compiles data access reports, and keeps an audit log. It is operated by SurfSafe.
Data we collect and store
- Your store's domain (myshopify.com address) and the API access token Shopify issues to the app, so the app can read and update customer records on your behalf.
- For each privacy request: the requester's email address, stored encrypted at rest (AES-256-GCM), the request type, status, and deadline. The email address is permanently deleted 90 days after the request completes; only a one-way hash remains for de-duplication.
- Your app settings (deadline length, notification email, toggles).
- An audit log of every action (request received, report generated, customer anonymized). The log records field names only — never customer data values.
Data access reports (PDF/JSON) are generated on demand from your Shopify data and downloaded directly by you — the app does not store report contents and never emails your customers.
How data is used
Data is used solely to provide the app's features: tracking privacy requests, anonymizing customer records, generating data access reports, and notifying you of new requests. We do not sell, rent, or share your data with third parties. Data is hosted on Fly.io (application) and Neon (database), and notification emails to you are delivered via Resend — all in the United States.
Data deletion
When you uninstall the app, Shopify notifies us and all data for your store — settings, privacy requests, audit logs, and access tokens — is permanently deleted. The app also honors Shopify's own privacy webhooks (customers/data_request, customers/redact, shop/redact) for its stored data.
Contact
Questions or requests: support@surfsafe.io