Delivery Date Predictor

Privacy Policy

Last updated: June 28, 2026

This policy explains what data Delivery Date Predictor (“the App”), provided by Oyolloo (“we”, “us”), accesses, stores, and shares when a merchant installs it on their Shopify store. Plain summary first: the App does not collect or store your shoppers’ personal information. It stores your store’s delivery configuration and the standard Shopify session needed to run an embedded app.


1. Information we process

a) Merchant / store data (stored)

When you install the App, Shopify provides and we store:

  • Store identifier — your .myshopify.com domain and access token (to call Shopify APIs on your behalf).
  • Session data — the standard Shopify session, which may include the name and email of the staff user who authenticates the embedded app. Used only for authentication.
  • Plan & billing status — your selected plan, subscription ID, and a monthly prediction-usage counter (for plan limits). Payments are handled entirely by Shopify Billing; we never see card details.
  • Your configuration — prediction rules, warehouse locations (names/ZIP you enter), custom holidays, and widget appearance settings.

b) Storefront prediction requests (not stored)

When a shopper views a product/cart page with the widget, the storefront sends a request to calculate a delivery estimate containing the product ID, destination country (and optionally postal code), and shipping method. This data is used only in memory to compute the date and is not stored or linked to any individual. We do not receive shopper names, emails, addresses, or payment information.

c) What we do NOT collect

  • No shopper/customer personal data (names, emails, addresses, phone, payment).
  • No order or fulfillment data (the App does not request read_orders).
  • No browsing/tracking profiles.

2. How we use information

  • To authenticate and run the embedded admin app.
  • To compute delivery-date estimates and render the storefront widget.
  • To enforce plan limits and process subscription changes via Shopify Billing.
  • To operate, secure, and support the App.

We do not sell your data or use it for advertising.


3. Sub-processors and third parties

ProviderPurposeData shared
ShopifyPlatform, authentication, billing, webhooksStore/session/billing data
Our hosting providerRuns the App serverApp data in transit
Our PostgreSQL database providerStores configuration & sessionsData in section 1(a)
Upstash Redis (optional)Caches predictions/holidays, rate limitingNo personal data
date.nager.atPublic holiday calendarCountry code + year only

4. Data retention & deletion

  • Configuration and session data are retained while the App is installed.
  • On uninstall, we delete your store’s data via Shopify’s app/uninstalled webhook.
  • We honor Shopify’s mandatory privacy/GDPR webhooks:
    • customers/data_request — we hold no shopper data; acknowledged.
    • customers/redact — we hold no shopper data; acknowledged.
    • shop/redact — we erase all of your store’s data (sent ~48h after uninstall).

You can also request deletion at any time by emailing us.


5. Security

  • All traffic is served over HTTPS.
  • Shopify sessions are stored server-side; inbound webhooks are HMAC-verified.
  • Database access is restricted and uses parameterized queries.
  • We follow least-privilege access scopes (write_products, read_inventory).

6. International transfers

Data may be processed in the regions where our hosting and database providers operate. We rely on those providers’ standard data-protection safeguards.


7. Your rights

Depending on your jurisdiction (e.g. GDPR/CCPA), you may have rights to access, correct, or delete data we hold about your store. Contact us to exercise them.


8. Changes

We may update this policy; the “Last updated” date will change accordingly. Material changes will be communicated through the App or the App Store listing.


9. Contact

Questions or requests: oyolloo.projects@gmail.com

This document is provided for the App. Have it reviewed by a legal professional and fill in your legal entity name/address before relying on it in production.

Privacy PolicyTerms of ServiceChangelog

© 2026 Oyolloo · oyolloo.projects@gmail.com