Reference

GDPR and Data Handling

What OrderWise stores, where it lives, and how to respond to GDPR data-subject requests.

Last updated

OrderWise is built for the EU compliance environment. All processing runs on EU-hosted infrastructure, customer data stays under EU jurisdiction, and we provide the tooling a merchant needs to fulfill GDPR data-subject requests.

Where the data lives

  • Primary database: Supabase (Postgres) in eu-central-1 (Frankfurt).
  • Conversation transcripts: same database, same region.
  • AI model calls: Anthropic, routed through the EU endpoint when available; explicit no-training contract for all message content.
  • Backups: encrypted at rest, stored in the same region. 30-day retention.

No customer data leaves the EU under normal operation. We do not use US-only LLM endpoints for any merchant whose store sets EU as its primary region.

What we store

OrderWise stores:

  • Order and customer references (Shopify IDs, not the underlying PII — we look them up live via the Admin API at request time).
  • Conversation transcripts (customer message, AI reply, action taken).
  • Knowledge-base entries (FAQs and policies — author-provided, no PII).
  • Aggregate analytics (anonymized counts; no individual customer identifiers).

We do not store:

  • Customer credit card data.
  • Order line-item details outside of an active conversation.
  • Customer addresses (we fetch them live from Shopify when needed).

Responding to data-subject requests

Three endpoints in the embedded admin handle the standard GDPR data-subject requests:

  • Right to access (Art. 15): Settings → Privacy → Export. Generates a JSON file with every conversation involving the named customer.
  • Right to erasure (Art. 17): Settings → Privacy → Delete. Anonymizes all conversation records for the customer and removes any cached order data.
  • Right to data portability (Art. 20): the access export is machine-readable JSON.

Shopify also sends customers/data_request and customers/redact webhooks when a customer initiates a request through the storefront — OrderWise handles these automatically and emails the merchant the required confirmation.

Auftragsverarbeitungsvertrag (DPA)

OrderWise offers a DPA template ready for German-law merchants. It's available under Settings → Legal → DPA and can be e-signed inside the embedded admin.