Privacy Policy – POS Layaway App
At United Apps, we take your privacy seriously. This policy explains how we handle customer and merchant data collected via our POS Layaway App, in accordance with Shopify’s requirements and privacy best practices.
1. What Information We Collect
When you use our app, we collect the minimum personal data required to power its core functionality. This includes:
- Customer name
- Email address
- Phone number
- Billing/shipping address
- Reservation details (items, dates, deposits)
2. How We Use the Data
We only use this data to:
- Create and manage in-store layaway reservations
- Send reservation confirmations and reminders
- Track expiry dates and automatically restore inventory
We never sell, share, or use this data for analytics or advertising.
3. How Long We Keep It
We retain customer data for no longer than necessary:
- Reservation data is deleted 30 days after pickup or expiration
- Contact details are deleted within 30 days of data deletion or app uninstallation
4. Data Security
We protect data using modern security standards, including:
- Encryption in transit and at rest
- Secure server access and logging
- Access control for support staff
- Isolated development and production environments
5. Your Rights
As a merchant or customer, you can request:
- Access to personal data
- Correction or deletion of personal data
- Data export for compliance with legal requests
To make a request, email us at privacy@unitedapps.io.
6. Shopify Compliance
We implement Shopify’s mandatory privacy webhooks, including:
customers/redactshop/redactcustomers/data_request
These ensure that customer data is removed or provided on request, as required by Shopify and local laws.
Data Removal Policy
United Apps is committed to respecting merchant and customer privacy. We follow a strict data removal policy to ensure that personal data is deleted when:
- It is no longer needed to provide app functionality
- A request is made by a merchant or customer
- Shopify or legal requirements mandate its removal
We support all Shopify privacy webhooks, including customer and shop redaction and data access requests.
What We Remove
When a deletion event is triggered, we remove the following data related to a reservation:
- Customer name
- Email address
- Phone number
- Shipping and billing addresses
- Reservation details (products, deposits, dates)
When We Remove Data
| Trigger | Retention Period | Action Taken |
|---|---|---|
| Reservation expires or is completed | 30 days | Data is automatically deleted |
| Merchant uninstalls the app | Within 30 days | All merchant and customer data is deleted |
Shopify sends customers/redact webhook |
Immediately | All data for the customer is deleted |
Shopify sends shop/redact webhook |
Within 30 days | All shop data is permanently deleted |
| Merchant or customer requests deletion | Within 10 business days | Data is deleted manually or via automation |
How We Remove Data
- Data is removed from our live production environment
- Backups follow the same retention policy
- We do not retain unnecessary copies or logs post-deletion
- Deletion events are logged for audit purposes
Compliance with Shopify
We implement all mandatory Shopify data protection webhooks:
customers/redactcustomers/data_requestshop/redact
These ensure we act promptly and securely when privacy requests are triggered.
How to Request Data Deletion
If you are a merchant or customer and would like your data deleted, email us at privacy@unitedapps.io. Please include:
- Your Shopify store name or domain
- Your customer ID or relevant reservation information (if applicable)
We will confirm receipt and process your request within 10 business days.
7. Contact Us
If you have any questions about our privacy practices or this policy, please contact:
United Apps – Privacy Team
Email: privacy@unitedapps.io