Privacy Policy

No Lost Orders audits store configuration issues that may block checkout or hide products. This page explains what we collect, why we collect it, and your choices.

Effective date: Feb 26, 2026 · Last updated: Feb 26, 2026 · Plain-English summary first. Full policy below.

Summary (plain English)

Configuration audits. We built No Lost Orders to audit store configuration, not customer behavior.
Audit inputs. We read store configuration data needed to run audits (products, variants, shipping settings, market settings, and visibility-related settings).
No customer data needed. Core audits do not require order history or customer personal data.
No selling. We do not sell your data.
Retention is limited. We retain scan results and related service data only as long as needed to operate the service, support merchants, meet legal obligations, and secure the app.

Privacy at a glance

Category	What this means
Data used for audits	Store configuration: products, variants, shipping settings, markets, and visibility settings.
Not required for core audits	Not required: order history, customer profiles, payment card data, or full checkout contents.
Billing and plans	Shopify billing: plan and subscription state is handled via Shopify billing events.
Retention model	Purpose-limited retention: service data is kept only as long as needed for support, legal, billing, and security obligations.
Privacy requests	Email: privacy@nolostorders.com.

1. Who this policy applies to
2. Information we collect
3. What we do not collect for core audits
4. How we use information
5. Legal bases for processing
6. Data sharing
7. Data retention
8. Data security
9. International data transfers
10. Your rights and choices
11. Cookies and analytics
12. Children’s privacy
13. Changes to this policy
14. Contact us

1. Who this policy applies to

This policy applies to merchants who install and use the No Lost Orders Shopify app, and to visitors of our website pages such as support, help, contact, and marketing pages.

It does not govern Shopify’s own handling of your data. Shopify remains a separate controller/provider under its own privacy terms.

2. Information we collect

A. Information from your Shopify store (app functionality)

To perform store audits, we may access and process store configuration data such as:

Store identifier and store domain
Product and variant configuration (including shipping-related flags/settings)
Shipping zones and rates configuration
Market configuration (countries/regions and availability-related settings)
Product visibility and publication-related configuration
App scan metadata (scan time, scan result counts, issue categories)

We collect only what is reasonably necessary to provide the auditing service.

B. Account and subscription information

Depending on your plan and billing flow, we may process:

Shopify shop/account identifiers
Plan/tier status (Free, Pro, and similar tiers)
Subscription status and billing events (via Shopify)
Support communication details (email address and messages you send us)

C. Website and technical usage information

What we collect

Pages viewed with timestamps and diagnostic/error logs, used to secure, maintain, and improve the service.

What we don’t intentionally store

IP address or IP-based location data for analytics purposes.

What providers may process

Our infrastructure provider (Cloudflare) may process IP addresses and related network data to deliver and protect the service (for example, for security and abuse prevention).

If used, server-side analytics (e.g., Google Analytics) employ anonymization measures and do not run analytics scripts in the page.

3. What we do not collect for core audits

No Lost Orders is designed to audit store configuration. For core app functionality, we do not require access to:

Customer order history
Customer personal profiles
Payment card data
Full checkout contents of individual customers

If this changes for a future feature, we will update this policy and request any required permissions transparently.

4. How we use information

We use information to run audits, generate reports, classify issues, trigger re-scans for paid plans, show scan history and status, provide support, maintain security and reliability, prevent abuse, enforce our Terms, and comply with legal obligations.

We do not use your store data to build public datasets about your store.

5. Legal bases for processing (where applicable)

If GDPR or UK GDPR applies, our legal bases may include contract, legitimate interests, legal obligation, and consent where required.

7. Data retention

We retain data only as long as needed to provide the service, maintain audit history and monitoring features, resolve disputes, enforce agreements, and meet legal/accounting obligations.

Retention periods vary by data type. If you uninstall the app, we may delete or anonymize store-related data after a reasonable period unless retention is required for legal, billing, or security reasons.

8. Data security

We use reasonable technical and organizational measures to reduce unauthorized access, disclosure, alteration, and destruction. No system is fully risk-free, but we design No Lost Orders with reliability and least-necessary access for audits.

If you suspect a security issue, contact us immediately at security@nolostorders.com.

9. International data transfers

Your information may be processed in countries other than your own, depending on infrastructure and service providers. Where required, we use appropriate safeguards for international transfers, including contractual protections.

10. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, restrict, object, and request portability of personal data, and to withdraw consent where processing is based on consent.

To submit a request, email privacy@nolostorders.com. We may need to verify identity and authority (for example, if a request is made on behalf of a store).

11. Cookies and analytics

No Lost Orders does not use cookies for marketing or analytics. We may use essential storage only if required for core functionality (for example, session state). If this changes, we will update this policy.

12. Children’s privacy

No Lost Orders is intended for businesses and store operators. It is not directed to children.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the Last updated date. If changes are material, we may provide additional notice such as in-app messaging or email.

14. Contact us

Privacy email privacy@nolostorders.com

Security email security@nolostorders.com

Contact page /contact

Business name Inetis d.o.o. (a Slovenian limited liability company)

Address Kidričeva ulica 25, 3000 Celje, Slovenia

Country Slovenia

Policy note

Shopify is a separate service provider with its own privacy terms and data practices. This policy covers No Lost Orders only.