Privacy Policy

easySales Shipping · Last updated: 5 June 2026

easySales Shipping (“the app”) lets Shopify merchants offer home delivery and parcel-locker pickup at checkout. This policy explains what data the app processes, why, and how it is protected.

Data we process

Store / merchant data. The shop domain, Shopify session and access tokens, the easySales service token, and courier configuration — used to authenticate the store and provide the service.

Buyer data at checkout. Only the city, postal code, and country of the shipping address, used solely to find nearby pickup lockers. The app does notprocess the buyer’s name, email, phone, or street address. The locker a buyer selects is stored by Shopify on the order (order metafields), not by the app.

How we use it

Buyer location data is used only to show nearby lockers and record the chosen one — functional processing necessary to provide the delivery option the buyer is selecting. It is never used for marketing, profiling, or sold to anyone.

Third-party sub-processors

To convert a city/postal code into map coordinates, the app sends only the city, postal code, and country to a geocoding provider. Which provider handles a given request depends on current load and availability (requests may fall back between providers):

• Nominatim / OpenStreetMap
• Photon (Komoot)
• LocationIQ, Geoapify, OpenCage, or Mapbox (only if enabled)

No personal identifiers are sent to these providers.

Data retention

Geocoding results (coordinates only — no personal data) are cached for up to 90 days and then automatically deleted. The app stores no buyer personal data.

Security

All data is transmitted over encrypted connections (HTTPS/TLS). Access to systems is restricted, secrets are rotated, and we maintain a documented security incident-response process.

Merchant controls & opt-out

Merchants can disable Locker delivery and the Map picker in the app settings at any time, which turns off all geocoding and location processing.

Your rights

Data access and deletion requests are handled through Shopify’s mandatory compliance webhooks (customers/data_request, customers/redact, shop/redact). Because the app stores no buyer personal data, customer requests are acknowledged with no personal data to return; uninstalling the app removes the store’s data.

Changes & contact

We may update this policy; material changes will be reflected by the “last updated” date. Questions: contact@easy-sales.com.