Privacy, simply

Account data (email, role, authentication identifiers), promotion data (tracking references, click and conversion events), payout data (amounts, currency, ledger entries), and connected-store metadata (Shopify shop domain, OAuth tokens, product catalog). Order webhooks are reduced to an order id, value, and currency — we do not store buyer personal data.

We do not read merchant customer records beyond what's required to confirm an order is real and attributable. We don't sell personal data, we don't use it for third-party advertising, and we don't track you across the open web with advertising cookies or cross-site pixels.

To attribute sales to creators, calculate commission, surface analytics to merchants, process payouts, send transactional emails, and operate the service. Nothing more.

We process personal data where necessary to provide the service, comply with legal obligations, protect against fraud, and pursue legitimate business interests related to operating the platform.

When a creator shares a product, we attach a lightweight reference so we can credit them when a sale happens. No third-party cookies, no surveillance pixels — just the minimum needed to pay the right person. Analytics are first-party, scoped to the COOUP ecosystem, and used to operate attribution rather than profile users.

We use a small number of first-party cookies and secure session technologies for authentication, fraud prevention, analytics, and maintaining account sessions. No advertising cookies, no third-party trackers, no cross-site profiling.

Data is processed by our infrastructure providers (hosting, database, email delivery) under data-processing agreements. We share aggregate, non-identifying analytics with merchants about their own attributed activity. We disclose data only when legally required.

When a brand installs the COOUP Shopify app, we receive store metadata, products, and order webhooks via the Shopify Admin API. We request only the scopes needed to read the catalog and receive order events for attribution. Webhooks are verified via HMAC and shop-domain cross-validation before any data is applied. GDPR mandatory webhooks (customer data request, customer redact, shop redact) are honoured automatically.

Data is encrypted in transit. Access tokens and secrets are stored encrypted at rest, server-side only — never exposed to the browser. Access to production systems is restricted and audited.

Depending on your jurisdiction you may have rights to access, correct, port, or delete your personal data, and to object to or restrict processing. EU/UK users have the rights described under the GDPR; California users have the rights described under the CCPA. Email privacy@cooup.co and we'll respond within a week.

Brands can disconnect COOUP from Shopify at any time. On uninstall, we revoke access tokens immediately and delete associated credentials within 30 days. Shopify-required data deletion requests are processed in accordance with Shopify platform requirements. Product rows are soft-archived rather than hard-deleted so historical attribution and creator earnings remain auditable. You can request full deletion of your account and personal data via privacy@cooup.co.

We retain operational and financial records only for as long as necessary to operate the service, settle earnings correctly, comply with legal obligations, resolve disputes, and enforce agreements. Once that purpose ends, data is deleted or anonymized.

Data may be processed outside your country of residence. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses.

We will update this policy as the platform evolves and notify users of material changes via email or in-app notice.

Privacy, data, or general questions? Reach us via the Support page.