Withdrawly

Data Processing Agreement

Data Processing Agreement for Shopify merchants using Withdrawly
Jun 3, 2026

Overview

This Data Processing Agreement ("DPA") applies when a Shopify merchant uses Withdrawly to process end-customer withdrawal data on behalf of the merchant's store.

The merchant is the data controller. Withdrawly acts as the data processor for withdrawal data processed through the app.

Version: June 2026. Withdrawly is a technical workflow tool and does not provide legal advice.

How It Works

By installing or using Withdrawly, and where available by accepting the DPA in the app settings, the merchant accepts this DPA electronically.

Withdrawly may record the accepted DPA version, acceptance timestamp, shop domain, and accepting Shopify user or account email where available.

What the DPA Covers

  • Subject matter and duration of processing tied to use of the Shopify app
  • Types of personal data processed for withdrawal requests
  • Merchant instructions and merchant responsibilities
  • Technical and organisational security measures
  • Approved subprocessors and change notices
  • Assistance with data subject rights and Shopify privacy webhooks
  • Data breach assistance, audit information, retention, export, and deletion
  • International transfer safeguards where a provider operates outside the EU/EEA

Where Is Your Data Stored?

Primary application and database processing is designed around EU/EEA infrastructure:

  • Database: Supabase PostgreSQL, Central EU / Frankfurt (eu-central-1)
  • Application servers: Fly.io, Frankfurt (fra) as primary region
  • Email delivery: Resend EU domain region, Ireland (eu-west-1)
  • Error monitoring: Sentry EU region, Frankfurt, if enabled
  • Shopify platform services: Shopify global infrastructure, governed by Shopify's platform and data processing terms

Some providers are headquartered outside the EU/EEA or operate global account and support systems. Where this involves a third-country transfer, Withdrawly relies on appropriate safeguards such as adequacy decisions, EU Standard Contractual Clauses, EU-US Data Privacy Framework certification where applicable, or another lawful transfer mechanism.

For the full provider list, see Subprocessors.

Personal Data Processed

Withdrawly may process customer email, optional customer name, order number, Shopify order identifiers, selected line items, withdrawal declaration text, optional reason, submitted locale, timestamps, status history, email delivery metadata, and hashed rate-limit identifiers.

The withdrawal workflow is designed not to request or store customer address, phone, payment method details, or customer account credentials.

Key Responsibilities

Withdrawly processes withdrawal data only on documented merchant instructions, including app installation, app settings, workflow configuration, retention settings, deletion controls, exports, Shopify privacy webhook events, and written instructions sent to support@withdrawly.app.

The merchant remains responsible for the legal basis, customer notices, store legal texts, withdrawal handling, retention requirements, refunds, returns, and customer communications.

Retention and Deletion

Merchants can delete withdrawal data from settings, export records where available, and configure retention where plan features allow.

On uninstall, Withdrawly deletes Shopify sessions and rate-limit events and follows the merchant's uninstall retention setting for withdrawal records until Shopify shop redaction or another deletion instruction applies.

Unless a shorter product workflow applies, deletion after termination or uninstall is completed without undue delay and within 30 days, unless legal retention obligations, Shopify privacy processes, export requests, security investigations, or merchant retention settings require otherwise.

Frequently Asked Questions

Do I need to sign the DPA separately?

No separate paper signature is required. The DPA is provided electronically and can be accepted through installation, continued use, or in-app confirmation where available.

Who is the controller and who is the processor?

The merchant is the controller for end-customer withdrawal data. Withdrawly acts as processor for that data.

Does Withdrawly handle Shopify privacy webhooks?

Yes. Withdrawly implements customer data request, customer redaction, and shop redaction workflows required for Shopify App Store apps.

How will I be notified of subprocessor changes?

Material subprocessor changes are communicated by website update, email, or in-app notice at least 14 days before the change takes effect where required.

Privacy Policy · Subprocessors · Security · Terms of Service

References

Contact

Data protection questions can be sent to support@withdrawly.app.