Privacy & Data Usage

How Packstation Lookup handles merchant and shopper data. Adapt this to your own policies and jurisdictional requirements.

Data we store (app backend)

  • Shop settings: Validation preferences, field mapping configuration, display text, and Postnummer requirements (stored via Prisma in PostgreSQL).
  • Sessions: Shopify session tokens for authenticated API calls; no long-term storage of customer data.
  • Operational logs: Service and error logs for debugging; no sale of data.

Data read/written client-side

  • Shipping address fields: When a customer selects a DHL pickup location, the app writes the location’s address into the standard Shopify shipping address fields (address1, address2, city, zip, company, etc.) as configured by the merchant.
  • Postnummer: If entered, stored in the configured address field (default: company). The Postnummer is not stored by the app backend.

Data sent to external services

DHL Location Finder API

When a customer searches for a pickup location, the search query (postal code or city) is sent to the DHL Location Finder API (api.dhl.com). No personal customer data is included in this request.

DHL Postnummer Validation API (optional)

If enabled and configured, the customer’s Postnummer, first name, and last name are sent to the DHL Postnummer API (api-eu.dhl.com) to verify the Postnummer is registered to that customer. This data is not stored by our app — it is sent directly to DHL for validation and the response is used immediately.

Google Maps

The checkout modal displays a Google Map showing pickup locations. Google’s standard Maps terms and privacy policy apply. No customer personal data is sent to Google — only the coordinates of DHL pickup locations.

API tokens and access

  • Uses an offline Admin API token to read and write metafields for app configuration.
  • Checkout extension uses a session token for authenticated API calls to the app backend.
  • Access is limited to the scopes granted during install; rotation follows Shopify app best practices.

Data sharing and processors

  • Shopify acts as the primary data processor; additional subprocessors are limited to infrastructure providers (Fly.io) and DHL APIs.
  • No data is sold or rented. Production access is restricted to authorised personnel for support and operations.

Retention and deletion

  • Configuration settings and metafields are kept while the app is installed.
  • No customer personal data is persisted by the app backend.
  • Logs are retained for operational needs and rotated on a standard schedule.
  • Upon uninstall or request, stored configurations and related metafields can be removed; submit deletion requests via support.

Your obligations (merchants)

  • Ensure you have a lawful basis to process personal data (e.g., consent, contract, legitimate interest).
  • If using Postnummer validation, inform customers that their name and Postnummer are verified with DHL.
  • Update this notice to reflect your own data flows, vendors, and applicable regulations (GDPR, CCPA).

Rights

  • We will assist with access, correction, or deletion requests for data we control, subject to verification.
  • Shoppers should contact the merchant first; merchants can relay requests to us.

Security

  • Transport encryption (HTTPS/TLS) is required for all API calls.
  • DHL API credentials are stored as server-side environment variables, never exposed to the client.
  • Principle of least privilege for operator access.

Need help?

Privacy or data questions? Email support@example.com with your shop domain.

This site uses Just the Docs, a documentation theme for Jekyll.