Keepr — Privacy Policy
Effective date: 2026-04-23 · Last updated: 2026-04-23
1. Who we are
Keepr ("we", "us", "our") is a Shopify app that helps merchants reduce return rates by presenting customers with alternative options at key moments in the post-purchase journey. Keepr is operated by [Founder / Company legal name — TBD], registered in [jurisdiction — TBD].
Contact for privacy matters: privacy@keepr.io
2. Scope
This policy covers data processed by Keepr. It does not cover the Shopify platform itself or any third-party apps you independently install.
3. Roles under GDPR
| Party | Role | Notes |
|---|---|---|
| Keepr | Data Processor | Processes data on behalf of the merchant |
| Merchant | Data Controller | Determines purpose and means of processing |
| End customer | Data Subject | The shopper whose return is being processed |
4. Data we collect and why
4.1 Merchant data
We store: Shopify shop domain, shop name, email, currency, API access token (encrypted at rest), and billing plan. Used for app functionality and billing.
4.2 Customer data (end shoppers)
Keepr stores a minimal representation: Shopify customer ID, email address (for portal auth), first/last name (for portal greeting), order count and lifetime spend (bucketed), and return and intervention records. We do not store: postal address, phone number, payment details, IP address, device fingerprint, or browsing history.
4.3 AI processing — what we send to Claude (Anthropic)
We never send personal data to the AI model. The AI receives only anonymized buckets (price range, return rate tier, inventory availability) and coded enums. No email, name, customer ID, order ID, or product title ever reaches Claude.
5. Data sharing
We share data with these sub-processors: Supabase (EU, database), Vercel (US/EU, hosting), Anthropic (US, LLM inference — anonymized only), Inngest (US, job queue), Resend (US, email), Sentry (US, error monitoring), Shopify (app platform).
We do not sell customer data. We do not use customer data for advertising.
6. Data subject rights (GDPR / CCPA)
End customers may exercise rights (access, erasure, rectification, portability, objection) by contacting the merchant who installed Keepr. The merchant, as data controller, is responsible for facilitating these requests. Keepr will respond within 30 days.
For erasure requests, we anonymize the customer row (NULL email, name) and delete portal sessions.
7. International transfers
Data is stored in Supabase (EU region by default). Processing is covered by Standard Contractual Clauses in the sub-processor DPAs.
8. Retention
Merchant data is retained while the app is installed + 48 hours post-uninstall (Shopify mandate). Customer email/name until erasure request. Return/intervention records until shop deletion. Portal sessions: 15 minutes (auto-expire).
9. Security
Shopify API tokens are encrypted at rest (AES-256-GCM). All traffic is TLS 1.2+. Row-Level Security on every tenant-scoped database table. The service-role key is never client-side.
10. Cookies
The Keepr return portal sets one httpOnly session cookie (keepr_portal_session, max 15 min TTL, no PII). The merchant dashboard sets one httpOnly session cookie (keepr-admin-session, 8-hour TTL). Neither cookie is used for advertising.
11. Children's data
Keepr is a B2B service. We do not knowingly collect data from individuals under 16.
12. Changes to this policy
We will notify merchants by email at least 30 days before any material change.
13. Contact
Privacy questions: privacy@keepr.io
For GDPR requests: email us with your shop domain and the nature of the request.