PRIVACY

Privacy policy

Last updated: April 17, 2026. Questions: hello@relayship.app.

Who we are

Relayship is built and run by Leandro Zubrezki, working solo out of Buenos Aires, Argentina. For privacy questions, data requests, or to report a security incident, email hello@relayship.app. I read every one.

What we collect from you (the merchant)

When you install Relayship, we receive:

  • Your Shopify shop domain, store name, and primary email address
  • An OAuth access token scoped to the minimum permissions we need (read orders, read and write fulfillments)
  • Billing information through the Shopify Billing API (we do not see or store your payment details; Shopify handles that)

What we collect via the Shopify API (about your customers)

To match a forwarded supplier email to the right Shopify order, we retrieve the minimum fields needed:

  • Order number, order name, order tags, and order notes
  • Customer name (shipping name)
  • Shipping address (street, city, zip, country)
  • Line items (SKU, variant title, product title, quantity)
  • Fulfillment status

We do not access customer email addresses, phone numbers, payment methods, birth dates, or any marketing preferences. We do not access storefront browsing behavior or cookies.

What we collect from forwarded supplier emails

When you forward supplier dispatch emails to your Relayship address, we receive the full message (body text, HTML, and any PDF attachments) and extract tracking numbers, carriers, order references, and shipping details. The raw email is retained for 30 days to aid troubleshooting, then auto-deleted from our systems and from Cloud Storage. Structured extraction results (tracking numbers, match history) are retained indefinitely to power the per-supplier learning loop. You can request earlier deletion at any time.

How we use this data

  • Match extracted tracking numbers to the correct Shopify order and create or update fulfillments on your behalf
  • Improve extraction accuracy for your future messages from the same supplier (per-account learning only — never shared across merchants)
  • Send you product emails (daily digest, account notifications)
  • Bill your plan via the Shopify Billing API
  • Debug, investigate errors, and improve reliability

We don’t market to your customers, don’t sell your data, and don’t share supplier emails or extracted data with advertisers or data brokers. Ever.

Security

  • All data in transit is encrypted with TLS 1.2 or higher (HTTPS everywhere).
  • Shopify access tokens are encrypted at rest using Google Cloud KMS envelope encryption.
  • All other data is encrypted at rest by Google Cloud’s default encryption.
  • Firestore security rules enforce per-merchant data isolation: no cross-account reads are possible.
  • Test and production environments are fully separated; no real customer data is used in test or development.
  • Only the founder has access to protected customer data. Every access is logged.
  • Infrastructure access is logged via Google Cloud Logging and reviewed on a schedule.
  • If there’s ever a security incident involving your data, we’ll tell you within 72 hours.

Subprocessors we use

  • Google Cloud (United States, EU) — hosting, Firestore, Cloud Storage, Cloud Tasks, Cloud KMS, Vertex AI for extraction. Vertex AI does not retain your data for training.
  • Resend (United States) — inbound email delivery. Receives forwarded supplier emails and relays to our webhook.
  • PostHog (United States / EU) — product analytics and error tracking. Anonymized event traces only.
  • Shopify (your store’s region) — receives fulfillment writes via the standard Shopify Fulfillment API.

Where data is stored and processed

Relayship itself is operated from Argentina. Your data is processed and stored primarily in Google Cloud US regions (`us-central1`). Argentina has an EU adequacy decision, which means EU merchants can transfer personal data to Argentina-based controllers without additional safeguards. For the onward transfer of data to US-based Google Cloud, we rely on Google’s participation in the EU-US Data Privacy Framework and Standard Contractual Clauses where applicable.

Shopify mandatory compliance webhooks

Relayship subscribes to and responds to all three mandatory Shopify compliance webhooks:

  • customers/data_request — we respond within 30 days with any data associated with the customer identifier you provide.
  • customers/redact — fired 10 days after a customer requests deletion. We delete extraction, match, and fulfillment records tied to the customer’s name and postal code within 30 days.
  • shop/redact — fired 48 hours after you uninstall. We fully delete all data tied to your shop domain within 30 days.

Your rights

Depending on where you’re located (EU, UK, California, etc.), you may have the right to access, correct, delete, export, or restrict processing of your personal data. You can exercise any of these rights by emailing hello@relayship.app. We respond within 30 days.

You can also uninstall the app from your Shopify admin at any time. That triggers the shop/redact webhook and deletes your data on the schedule above. If you want a copy of your data before deleting, email us first.

Data Processing Agreement (DPA)

A standard DPA is available on request to any merchant, free of charge, regardless of plan. Email hello@relayship.appwith the subject “DPA request” and we’ll send it within one business day.

Contact

Privacy questions, data requests, incidents, or DPA requests: hello@relayship.app. We do not have a formal Data Protection Officer given our current size; the founder handles all privacy-related requests directly.

We may update this policy. Material changes go out by email to active merchants with at least 30 days’ notice.