Avada Order Editing
Resources
Privacy Policy

Privacy Policy

This page summarises how Avada Order Editing collects, uses, and deletes data. The full legal text is at avada.io/privacy (opens in a new tab).

What we collect

From the merchant (your store)

  • Store domain, store name, support email — to identify the install.
  • Currency, plan, timezone — to render the dashboard correctly.
  • App settings (allowed edit types, time window, etc.) — what you typed in.

From customers (when they use the widget)

  • Order ID, customer email, the address fields they edited.
  • The before and after values — so the merchant can see the diff.
  • A timestamp and session ID — for activity logging.

We do not collect payment card information, browser fingerprints, or anything not directly tied to the edit.

How we use it

  • Power the app — Activity page, emails, dashboard metrics.
  • Diagnose bugs — engineering can see anonymised error traces.
  • That is it. We do not sell, share, or rent any of this data.

Where it lives

Firestore (Google Cloud, EU region for EU stores, US region for US stores). Encrypted at rest, TLS in transit.

How long we keep it

  • Activity log — 12 months. Older entries auto-purge.
  • Edit session metadata — 90 days.
  • Aggregated metrics (counts only) — kept indefinitely for the dashboard.
  • PII (customer emails, addresses) — purged 90 days after the related order is fulfilled.

GDPR webhooks

Shopify sends three GDPR webhooks; we honor all three:

WebhookOur action
customers/data_requestWe email the merchant a JSON export of all data we hold for that customer within 30 days.
customers/redactWe delete all PII for that customer within 30 days, keeping only anonymised counts.
shop/redactWe delete the entire store record within 48 hours.

Uninstall

When you uninstall, Shopify sends app/uninstalled. We:

  • Disable the app immediately (no further writes).
  • Schedule full data purge in 48 hours (Shopify gives a grace window for re-installs).
  • Send shop/redact confirmation back to Shopify when complete.

Sub-processors

ServicePurposeRegion
Google Cloud (Firestore, Cloud Functions)Hosting + databasePer-store region
SendgridTransactional emailUS
CrispLive chat / helpdeskEU

Contact

Data protection officer: [email protected].

Changelog
Products
Avada SEO SuiteAvada AEO OptimizerAvada AI Blog BuilderAvada Product CopyAvada Speed OptimizerAvada Shipping LabelsAvada Backups & Restore
Resources
DocumentationSEO Suite DocsBlog DocsSpeed DocsShipping Labels DocsBackups & Restore Docs
Company
Avada GroupPrivacy Policy
© 2026 Avada Group. All rights reserved.