Privacy Policy
Last updated: 9 July 2026
This Privacy Policy explains how Faizatech Ltd ("Complyo", "we", "us") collects, uses, and protects information in connection with the Complyo app for Shopify (the "App"). By installing or using the App, you agree to this Policy.
1. Who this applies to
This Policy is for Shopify merchants who install the App. Complyo is a business-to-business tool: we help merchants audit and document the accessibility and product-safety compliance of their own online store. Complyo does not collect, store, or process the personal data of your customers (shoppers).
2. What we collect
| Category | Examples | Source |
|---|---|---|
| Store & account data | Your .myshopify.com domain, store ID, access token/scopes, and app subscription status. |
Provided by Shopify when you install the App. |
| Audit data | The store URLs you scan and the resulting accessibility findings (rule, page, severity, element selectors) — i.e. information about your storefront's code, not about individuals. | Generated when you run or schedule a scan. |
| Settings you provide | Alert email address, business name, target standard, and EU GPSR "Responsible Person" details (name, address, email) you enter. | Entered by you in the App. |
| Usage & logs | Basic technical logs (timestamps, errors) needed to operate and secure the App. | Generated automatically. |
We do not collect your customers' names, emails, addresses, order data, or payment information. The GPSR "Responsible Person" details you enter are business contact details, not shopper data.
3. How we use it
- Run accessibility audits (WCAG 2.2 AA) against your store and show prioritized results.
- Monitor your store on a schedule and alert you if compliance regresses.
- Generate an accessibility statement and a dated audit history.
- Write GPSR product-safety details to your product metafields (only when you click "sync").
- Provide support, secure the service, and process your app subscription.
We do not sell your data or use it for advertising.
4. Service providers (subprocessors)
- Shopify — platform, authentication, and billing.
- Our hosting provider — runs the App and stores its database. Fly.io
- Email provider — sends monitoring alert emails, only if you enable them. Resend
We share only what each provider needs to perform its function, under appropriate agreements.
5. Data retention & deletion
We keep your audit data and settings while the App is installed so features like history and monitoring work. When you uninstall the App, Shopify sends us a redaction request and we delete the data we hold for your store (scans, audit events, settings, GPSR profile, and session). You can also request deletion at any time by contacting us.
6. Security
We use industry-standard measures (encryption in transit, access controls, least-privilege API scopes) to protect your data. No method of transmission or storage is 100% secure, but we work to protect your information and limit what we collect.
7. Your rights
Depending on where you are located (e.g. under the GDPR or CCPA/CPRA), you may have the right to access, correct, export, or delete your data, and to object to or restrict certain processing. To exercise these rights, email us at support@complyo.app. We respond within the timeframes required by applicable law.
8. International transfers
We may process and store data in countries other than yours. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) for international transfers.
9. Children
The App is a business tool and is not directed to children. We do not knowingly collect data from children.
10. Changes to this Policy
We may update this Policy from time to time. We will change the "Last updated" date above and, for material changes, take reasonable steps to notify merchants.
11. Contact
Questions or requests? Contact Faizatech Ltd at support@complyo.app, 123 Example Str., 10115 Berlin, Germany.