Restock
Back to site

Legal

Privacy Policy

Last updated: July 11, 2026 · Effective: July 11, 2026

This Privacy Policy explains how [YOUR LEGAL ENTITY] (“Restock”, “we”, “us”) collects, uses, shares and protects personal data when you visit our website, join our waitlist, or install and use the Restock app for Shopify (the “App”).

We are the data controller for personal data collected through our website and waitlist. When you install the App on your Shopify store, you (the merchant) are the controller of your customers’ personal data, and we act as your data processor.

1. Information we collect

Information you give us

Information we receive from Shopify (when you install the App)

With the permissions you approve at install, the App accesses store data needed to run inventory workflows:

We do not receive or store payment card numbers. Billing is handled by Shopify.

Information collected automatically

We do not use advertising cookies, third-party trackers, or cross-site profiling.

2. How we use information

We do not sell personal data, and we do not share it with advertisers.

3. Legal bases (UK/EU GDPR)

PurposeLegal basis
Providing the App to a merchantPerformance of a contract
Waitlist emailsConsent (withdraw any time)
Security, fraud prevention, debuggingLegitimate interests
Processing merchant customer dataProcessing on the merchant’s documented instructions
Tax, accounting and legal recordsLegal obligation

4. Who we share data with

We share data only with service providers (“subprocessors”) who help us run Restock, under contracts that require them to protect it:

ProviderPurposeData
Shopify Inc.App platform and billingStore, product, inventory and order data
Vercel Inc.Website hostingLog data, IP address
Formspree Inc.Waitlist form deliveryEmail address you submit
[YOUR EMAIL PROVIDER]Sending waitlist and support emailEmail address

We may also disclose data if required by law, or as part of a merger or acquisition — in which case we will notify you before your data becomes subject to a different privacy policy.

5. International transfers

Our providers may process data outside your country, including in the United States. Where data leaves the UK/EEA, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses.

6. How long we keep data

7. Shopify merchant and customer data

As required by Shopify, the App responds to the mandatory GDPR/privacy webhooks:

Merchants can also contact us directly to request access, export or deletion at any time.

8. Your rights

Depending on where you live, you may have the right to:

California residents: we do not sell or share personal information as defined by the CCPA/CPRA, and we will not discriminate against you for exercising your rights.

To exercise any right, email hello@restockpos.com. We respond within 30 days.

9. Security

We protect data with encryption in transit (TLS), encryption at rest, least-privilege access controls, and regular patching. Access to production data is limited to staff who need it. No system is perfectly secure, but if a breach affects your personal data we will notify you and the relevant regulator as required by law.

10. Children

Restock is a business tool and is not directed at children under 16. We do not knowingly collect their personal data.

11. Changes to this policy

We may update this policy as the App evolves. We will change the “Last updated” date above and, for material changes, notify you by email or in the App before they take effect.

12. Contact

[YOUR LEGAL ENTITY]
[REGISTERED ADDRESS]
Email: hello@restockpos.com

If you are in the UK/EU and have concerns we have not resolved, you may complain to your local supervisory authority.