← Back to home

Privacy Policy

Last updated: April 26, 2026

RecallDocket (the "Service", "we", "us") helps Shopify merchants identify products in their catalog that match U.S. Consumer Product Safety Commission (CPSC) recalls and prepare related compliance filings. This Privacy Policy explains what data we collect, how we use it, and your rights regarding it.

Data we collect

  • Shopify store data: shop domain, store name, billing plan, and the OAuth access token issued to RecallDocket. Access tokens are encrypted at rest.
  • Product catalog: product titles, descriptions, vendor, product type, category, tags, and Shopify product IDs. We do not collect inventory levels, variants, or pricing.
  • Order metadata (only when you trigger customer notifications): the customer email addresses on orders that contain a matched product. Used solely to deliver the recall notification you authorise; never sold or shared.
  • Email addresses you provide: the merchant notification email used for in-app alerts.
  • Operational logs: request/response metadata and error reports (no payment data, no customer PII beyond the email above).

How we use your data

  • Run the daily CPSC recall match against your catalog.
  • Send recall alerts to the merchant notification email you configure.
  • Send opt-in customer notification emails when you click "Send to affected customers".
  • Pre-fill the Section 15(b) eFiling wizard with the matched product and recall data.
  • Bill you through Shopify Billing for the plan you select.

Third-party services we rely on

  • Vercel — application hosting (United States).
  • Neon — cloud database (United States).
  • Resend — transactional email delivery.
  • Shopify — authentication, product/order data, and billing.
  • CPSC SaferProducts.gov — public recall feed (we send no merchant data to CPSC).
  • Sentry — error tracking (only when SENTRY_DSN is configured).

Data retention & deletion

Catalog and match data is retained while your store has the app installed. When you uninstall RecallDocket, we receive Shopify's app/uninstalled webhook and mark your shop inactive within 24 hours. You can request a full deletion of your shop's data — including encrypted access tokens, products, matches, alerts, customer notification logs, and eFiling drafts — by emailing the address below. We will confirm deletion within 30 days.

Security

All traffic is served over HTTPS. Shopify access tokens are encrypted at rest with industry-standard encryption. Webhook payloads are verified using Shopify's HMAC signature. Database queries are parameterised to prevent injection attacks.

Your rights

Depending on your jurisdiction (e.g. GDPR, CCPA), you may have the right to access, correct, export, or delete data we hold about your store. Contact us at the email below to exercise those rights.

Contact

Questions about this policy? Email privacy@recalldocket.com.