How we handle your customers' data for you

You, the merchant, are the controller of your customers' personal data. Margio is the processor: we process that data only to provide the app to you. For your own account data, such as your store and billing details, Margio is the controller, as described in the Privacy Policy.

On your behalf we process the personal data your store sends us through Shopify: customer name, email, the region an order shipped to, and order history. We process it for one purpose: to provide Margio's features to you, including customer segments, repeat purchase analysis, and tax reporting by region. We do not use it for our own purposes, and we never sell it or use it for advertising.

As your processor, we will:

• process personal data only to provide the service and on your documented instructions, which include your use of the app and these terms;
• keep the data confidential and ensure anyone with access is bound by confidentiality;
• apply appropriate security measures, including encryption of tokens at rest, restricted access, and isolation of each merchant's data;
• help you respond to your customers' data subject requests, including access and deletion;
• tell you without undue delay if we become aware of a personal data breach affecting your data;
• not use the data to train any AI model.

You authorise us to use sub-processors to deliver the service. The ones that may process your customers' personal data are:

• Anthropic, which powers the AI analyst, and only receives data when you use it. That data is used only to generate your answer, not to train any model.
• Cloud infrastructure providers in the United States that host the app and database under contractual data protection terms.

Plaid processes your bank data, where you are the controller of your own banking information rather than your customers' data. We will give you reasonable notice of any new sub-processor that handles your customers' personal data, so you can object on reasonable data protection grounds.

Your data is processed in the United States. Where it is transferred from the UK or the EU, we rely on appropriate safeguards, including the standard contractual clauses with our providers, so the data keeps an equivalent level of protection.

If one of your customers exercises a right, such as access or erasure, Shopify forwards the request to us and we act on it: we assemble the data we hold for an access request, and we erase a customer's personal data for an erasure request. You can also contact us directly at support@margio.app.

When you uninstall Margio, all of your data, including your customers' personal data, is permanently deleted within 48 hours through Shopify's standard data removal process. We do not retain copies except where the law requires.

On reasonable request, we will give you the information you reasonably need to show that we are meeting our obligations under this agreement, and we will assist you with data protection impact assessments where the law requires.

This agreement is governed by the same law and limitations as our Terms of Service. If any term here conflicts with the Terms of Service on the handling of your customers' personal data, this agreement governs. Questions? Email support@margio.app.