Legal

Privacy Policy

Effective 11 June 2026 · Version 1.0

1. Who we are

BeyondReviews ("BeyondReviews", "we", "us") is a review platform for Shopify stores, operated by Simon Folmann from Denmark.

For anything in this policy, write to [email protected]. We answer within 7 days, usually much faster.

This policy covers three things: this website (beyondreviews.app), the BeyondReviews app for Shopify (the "App"), and the review widget the App places on a merchant's storefront (the "Widget").

2. Controller or processor: which one we are, and when

Under the GDPR and similar laws, who is responsible for your data depends on how it reaches us. There are three flows:

  • Data about a merchant's customers, received through Shopify. When a merchant installs the App, we receive customer and order data from their store. The merchant is the data controller of that data. We are a data processor, acting only on the merchant's instructions under our Data Processing Addendum. If you are a shopper and want your data corrected or deleted, the fastest route is to ask the store you bought from; they can instruct us directly, and we also act on the deletion requests Shopify forwards to us (see section 8).
  • Data merchants give us about themselves. Account details, billing history, support conversations. We are the controller.
  • Data from visitors to this website and reviewers who submit a review through the Widget. We are the controller of website analytics data, and a processor of review content, which belongs to the merchant's store.

3. What we collect through Shopify's APIs

The App requests only the access it needs to collect, verify, and display reviews. The exact scopes are shown to every merchant on the install screen, and they are:

  • Customer data: customer first and last names and email addresses, used for exactly three purposes: sending review requests on the merchant's behalf, marking reviews as verified purchases, and enforcing opt-outs so that customers who have declined marketing never receive a review request.
  • Order data: line items, fulfillment status, financial status, and order history for the last 60 days, used to know when a purchase was delivered so a review request is timed correctly, and to verify that a reviewer really bought the product.
  • Product data: products and collections, used to attach reviews to the right product and render them in the Widget.
  • Store owner data: the store owner's name, email address, phone number, and business address, used to set up the account, send service messages, and provide support.
  • Locales and translations: used to display the Widget in the language of the storefront.

We practise data minimisation: we do not request scopes we do not use, and we only retain the fields a feature actually needs.

4. What we collect directly

From merchants

  • Account and contact details you give us when you install the App, sign up on this website, or write to support.
  • App settings and configuration choices.
  • Support messages and emails.

From reviewers (a merchant's customers)

  • The review itself: display name, email address, star rating, review text, and any photos or videos submitted.
  • Technical data submitted with the review: IP address, browser and operating system, and approximate location derived from the IP address. We collect these for fraud and spam prevention only, so that fake and duplicate reviews can be detected.

From visitors to this website

  • Usage data through analytics cookies and similar technologies, described in the Cookie Policy: pages viewed, device and browser type, approximate location, and interactions.
  • An email address, if you choose to join our early access list or write to us.

5. How we use the data

PurposeData usedLegal basis (GDPR)
Operating the App: collecting, verifying, moderating, and displaying reviews Customer, order, product, and review data Processing on the merchant's instructions (Art. 28); the merchant's basis is typically legitimate interest or consent
Sending review request emails on the merchant's behalf Customer name, email, order fulfillment data Processing on the merchant's instructions; the merchant is responsible for a valid marketing basis
Drafting reply suggestions to reviews with AI Review text and product context, sent to our AI subprocessor Processing on the merchant's instructions
Fraud and spam prevention Reviewer IP address, device and browser data Legitimate interest (Art. 6(1)(f))
Account management, billing, and support Merchant account data Contract performance (Art. 6(1)(b))
Website analytics and improvement Usage data, cookies Consent (Art. 6(1)(a)) where required, otherwise legitimate interest
Service emails and, with consent, our newsletter Email address Contract performance; consent for marketing

About the AI processing: the App can draft suggested replies to reviews. Review text is processed for this purpose only, through Google Vertex AI inside our European Google Cloud environment, under a configuration that does not permit the data to be used to train models. A merchant always sees and approves a draft before anything is published. We do not use merchant or customer data to train AI models ourselves, and we never sell personal data to anyone.

6. Public display of reviews

Reviews are meant to be read. When a reviewer submits a review and the merchant publishes it, the review text, star rating, display name, and any photos appear publicly on the merchant's storefront, and may appear in search engine results and AI answer engines through structured data. A reviewer's email address, IP address, and order details are never displayed publicly. Reviewers can choose how their name is shown and can ask for a review to be amended or removed at any time (section 9).

7. How long we keep data

  • Review and customer data: kept while the merchant's App installation is active, because it is needed to display reviews and prevent duplicates.
  • After uninstall: when a merchant uninstalls the App, Shopify notifies us, and we delete the store's data, including its customers' data, within 30 days. Data in encrypted backups is purged within 90 days.
  • Merchant account and billing records: kept up to 5 years after the relationship ends, as required by the Danish Bookkeeping Act.
  • Website analytics: per the retention windows in the Cookie Policy.

8. Privacy requests through Shopify

The App subscribes to Shopify's mandatory privacy webhooks and honours them for every store, in every country, not only where the law requires it:

  • Customer data request: when a customer asks a store for their data, we compile what we hold and provide it to the merchant within 30 days.
  • Customer redact: when a customer asks to be erased, we delete or anonymise their personal data within 30 days, keeping only what the law requires us to keep.
  • Shop redact: 48 hours after a store uninstalls the App, Shopify tells us to erase the store's data, and we do, on the schedule in section 7.

9. Who we share data with

We share personal data only with the subprocessors needed to run the service, listed with their locations and purposes on the Subprocessors page: our infrastructure provider (Google Cloud, in the European Union), Shopify itself, and our email delivery provider (Resend), which receives only the recipient's email address. This website separately uses Cloudflare for hosting and Brevo for email. Each is bound by a data processing agreement. Beyond that, we disclose data only if a law or court requires it, to professional advisors under confidentiality, or as part of a business transfer, in which case this policy continues to apply and we will notify affected merchants. We do not sell personal data, and we do not share it for cross-context behavioural advertising.

10. Where data is stored and international transfers

App data, including merchants' customer data, is stored and processed in the European Union, on Google Cloud infrastructure, encrypted at rest and in transit. The one exception is email delivery: our email provider (Resend, United States) receives the recipient's email address only. This website runs on Cloudflare's global network, so website visitor data may be processed outside the EU/EEA. Wherever data leaves the EU/EEA, we rely on the European Commission's Standard Contractual Clauses and, where the recipient is certified, the EU-U.S. Data Privacy Framework. Our agreements with each subprocessor include these safeguards.

11. Security

Data is encrypted in transit (TLS 1.2+) and at rest, including backups. Test and production environments are separated, access to production data is limited to the people who need it and is logged, and we maintain an incident response process. If a personal data breach affects a merchant's data, we will notify the merchant without undue delay after becoming aware of it, as set out in the DPA.

12. Your rights

Depending on where you live, you have the right to access, correct, delete, or receive a copy of your personal data, to restrict or object to its processing, and to withdraw consent at any time. None of these rights are charged for, and we do not discriminate against you for exercising them.

  • Shoppers and reviewers: contact the store you bought from, or email us directly at [email protected]; where we act as processor we will loop the merchant in.
  • Merchants and website visitors: email [email protected].

If you are in the EU/EEA and believe we have not handled your data lawfully, you can complain to the Danish Data Protection Agency (Datatilsynet, datatilsynet.dk) or your local supervisory authority.

For California residents (CCPA/CPRA): we collect the categories described in sections 3 and 4 (identifiers, commercial information, internet activity). We do not sell or share personal information as those terms are defined in the CPRA. You may exercise your rights to know, delete, and correct via the contacts above.

13. Children

The service is not directed at children, and we do not knowingly collect personal data from anyone under 16. If you believe a child has provided us data, contact us and we will delete it.

14. Changes to this policy

When we change this policy materially, we will update the date at the top and notify merchants by email or in-app notice at least 14 days before the change takes effect. Earlier versions are available on request.

15. Contact

BeyondReviews · Simon Folmann · Denmark
[email protected]