GrowMoe
Request early access

Privacy Policy

Last updated: 27 June 2026

This Privacy Policy explains how GrowMoe, LLC ("GrowMoe", "we", "us") handles personal data in connection with the GrowMoe platform and the GrowMoe marketing site at growmoe.com (together, the "Service").

1. Our two roles

GrowMoe handles personal data in two distinct capacities:

  • As a processor — when a Shopify merchant ("Merchant") uses GrowMoe, we process their customers' personal data on the Merchant's behalf and instructions. The Merchant is the controller of that data. This includes Shopify Protected Customer Data (PCD), which we handle under Shopify's PCD requirements (Level 2).
  • As a controller — for the account and contact data of the Merchant's own staff who sign in to GrowMoe, and for visitors to our marketing site.

2. Data we process

On behalf of Merchants (processor)

  • Customer profile and contact data synced from Shopify (name, email, phone, addresses).
  • Orders, quotes, carts, support conversations, and storefront activity.
  • Consent state and marketing preferences.

As a controller

  • Merchant staff account data (name, email, role) and authentication records.
  • Marketing-site enquiries (e.g. early-access requests you submit).
  • Limited technical/usage and error data needed to operate the Service securely.

3. How we use data

  • To provide, secure, and support the Service.
  • To process customer data per the Merchant's configuration and instructions.
  • To meet legal, tax, and compliance obligations.

We do not sell personal data, and we do not use Merchant customer data to train models or for our own marketing.

4. Sub-processors

We use a short, vetted set of sub-processors under data-processing agreements. We minimise what each receives.

Sub-processorPurposeData
ShopifySystem of record / commerce platformCustomer, order, and store data
CloudflareHosting, database (D1), object storage (R2), queuesAll Service data, encrypted at rest
PostHogProduct analyticsPseudonymous (hashed) identifiers + non-PII event properties only
SentryError & performance monitoringPII-scrubbed error payloads; opaque identifiers only

Customer events sent to PostHog are PII-minimised (no raw email, name, or address). Sentry runs with PII capture disabled and a scrubber driven by our PII classification. We will give Merchants advance notice of any new sub-processor so they can object, and the current list is available on request at privacy@growmoe.com.

5. Data residency

Each Merchant organisation has a data region (US or EU). Storage and sub-processor routing follow that region — e.g. EU organisations use EU-resident analytics and error-tracking projects.

6. Retention

  • High-volume behavioural events are retained for a bounded window (default 400 days), then rolled up or deleted.
  • Core records are retained for the life of the Merchant's account and deleted on erasure (see below).
  • On Shopify app uninstall, we purge the organisation's data within the Shopify-mandated window (48 hours).

7. Your rights

Depending on your location (e.g. under the GDPR, UK GDPR, or CCPA/CPRA), you may have rights to access, correct, delete, export, or restrict use of your personal data, and to object to certain processing.

  • If you are a Merchant's customer, the Merchant is your controller — please contact them. We support their requests: GrowMoe can delete a customer's data (erasure) and export it (portability), and we honour Shopify's customers/redact, customers/data_request, and shop/redact requests.
  • If you are a Merchant staff user or site visitor, contact us at privacy@growmoe.com.
  • California residents: we do not sell or share personal data as defined by the CCPA/CPRA. We treat a Global Privacy Control signal as a valid opt-out.
  • Withdrawing consent: where we rely on consent, you can withdraw it at any time without affecting processing already carried out.
  • Complaints: you have the right to lodge a complaint with your local data protection authority (e.g. your EU/UK supervisory authority). We ask that you contact us first so we can try to resolve it.

8. Do Not Track & Global Privacy Control

Our storefront tracking honours browser opt-out signals. A Sec-GPC: 1 (Global Privacy Control) signal is treated as an authoritative opt-out and suppresses non-essential tracking; a DNT: 1 (Do Not Track) signal is honoured by default and is configurable per Merchant. Suppressed events are dropped before any storage or transfer to a sub-processor.

9. Cookies

See our Cookie Policy for details on the cookies we use.

10. Security

Data is encrypted in transit and at rest, isolated per organisation, and access to customer PII is logged. We follow least-privilege access and a documented supply-chain posture.

11. International transfers

Where data is transferred across borders, we rely on appropriate safeguards (e.g. Standard Contractual Clauses).

12. Children

The Service is not directed to children and is not intended for their personal data.

13. Changes

We will post material changes here and update the "Last updated" date.

14. Contact

GrowMoe, LLC
Privacy enquiries: privacy@growmoe.com.