Privacy Policy

Last updated: 31 May 2026

This Privacy Policy explains how dotAOV ("we", "us") handles information in connection with the dotAOV: Order Editing app ("the App") for Shopify. It applies to the Shopify merchants who install the App and to their customers who use it to edit an order. By installing the App, the merchant agrees to this policy.

1. What the App does

The App lets a merchant's customers — and the merchant's own staff — correct a recently placed order (for example, a wrong shipping address) within a time window the merchant controls. The App reads the relevant order from Shopify, shows the current values, and saves the customer's corrections back to the order.

2. Information we access

When an order is being edited, the App accesses, from Shopify, only the data needed for that order:

We request the minimum Shopify permissions required for this: read/write orders, read products, and order-edit access.

3. Information we store

We practice data minimization. The App does not store your customers' names, addresses, phone numbers, or emails. Order details are read live from Shopify when needed and written straight back — never retained on our servers.

The only data we persist is:

4. How we use information

Information is used solely to display an order's current details and to save the customer's or staff's corrections back to that order. We do not use it for advertising, profiling, marketing, or analytics about individuals, and we do not build customer profiles.

5. Cookies & tracking

The customer-facing edit page sets no advertising or tracking cookies. The embedded merchant admin uses the session mechanism Shopify requires to keep you signed in. We do not use third-party analytics or ad trackers in the App.

6. How we protect information

7. Service providers (sub-processors)

The App relies on these providers to operate:

We share data with these providers only as needed to run the App, not for their own purposes.

8. International data transfers

Our hosting and database providers process data on servers located in the United States. Where data is transferred internationally, it remains protected by the security measures described above.

9. Data retention & deletion

Because we don't store customer personal data, there is nothing personal to delete on request. The edit audit log and shop settings are removed when the merchant uninstalls the App: settings are cleared on uninstall, and all remaining shop data is erased when Shopify sends the shop-redaction request (about 48 hours after uninstall). We honor Shopify's mandatory privacy webhooks for customer data requests and customer/shop redaction.

10. Your rights (GDPR / CCPA)

If you are a customer of a store using the App and want to know what data the App holds about you, or want it erased, contact the store you ordered from — they are the data controller. The App will provide or delete any data it holds (the audit-log entries for your orders) at the store's request. You can also reach us directly using the contact details below.

11. Children's privacy

The App is a merchant tool and is not directed at children. We do not knowingly collect personal information from children.

12. Changes to this policy

We may update this policy from time to time — for example, if we add new features. The "last updated" date above reflects the latest version, and material changes will be reflected here.

13. Contact

Questions about privacy or this policy? Email support@dotaov.com.