Privacy Policy
Last updated: June 24, 2026
FairGate (“FairGate”, “the app”, “we”, “us”) is a Shopify app that helps merchants block unwanted, fake, or abusive checkout attempts using a merchant-defined blocklist. This policy explains what data the app handles, how it is used, and the choices available to merchants and their customers.
1. Who this policy is for
This policy applies to merchants who install FairGate on their Shopify store and to the buyers who interact with those stores at checkout. FairGate is installed by the merchant, and the merchant is the controller of any personal data they choose to add to their blocklist.
2. Information we collect
We keep data collection to the minimum needed to run the blocklist. Specifically:
- Store and account data. Your Shopify store domain and the access token/session details Shopify issues so the app can operate inside your store admin.
- Blocklist data you enter. The values you add to your blocklist — emails, email domains, phone numbers, shipping countries, postal codes, and address keywords — along with any optional note you attach. These values may constitute personal data, and you choose what to add.
- Configuration and audit data. Your protection settings, the customer-facing error message, publish status, and an audit log of admin actions (including the email of the staff member who made a change) so you can review your own history.
3. Buyer data at checkout
FairGate enforces the blocklist through a native Shopify Cart and Checkout Validation Function that runs inside Shopify’s sandboxed environment. During a checkout, the function reads only the minimal fields needed to evaluate the blocklist (such as the buyer’s email, phone, and shipping/billing address) and compares them against the published blocklist.
This evaluation happens entirely within Shopify. The function does not send buyer data to FairGate servers, does not call any external service, and does not store buyer checkout information in our database. If a match is found, the buyer sees a single generic message and the specific reason is never revealed to them. If the configuration is missing, disabled, or malformed, the function fails open and allows the checkout to proceed.
4. How we use information
- To provide and operate the blocklist and checkout protection features.
- To save your settings and publish your configuration to Shopify.
- To maintain an audit log so you can review changes made within your store.
- To secure the service, troubleshoot issues, and comply with legal obligations.
We do not sell personal data, and we do not use buyer or blocklist data for advertising or profiling.
5. Sharing and sub-processors
We use a small number of service providers to run the app, and we share data with them only as needed to provide the service:
- Shopify — the platform the app runs on and the source of store and checkout data.
- Render — application hosting and the managed PostgreSQL database where your blocklist and settings are stored.
We may also disclose information if required by law or to protect the rights, safety, and security of our users and the service.
6. Data retention and deletion
Your blocklist, settings, and audit history are retained while the app is installed. You can edit or delete blocklist entries at any time from the app. We honor Shopify’s mandatory data-protection (GDPR) webhooks, with verified authenticity (HMAC), as follows:
-
shop/redact— Sent about 48 hours after you uninstall the app. We permanently erase all data we hold for your store: your blocklist entries, settings, publish snapshots, audit log, and session records. -
customers/data_request— Acknowledged. FairGate stores no buyer-profile data, so there is nothing to assemble or return programmatically. Any disclosure to the buyer is handled by you, the merchant, out of band. -
customers/redact— Acknowledged, with no change to your blocklist. The values on your blocklist are merchant-entered, operational fraud-prevention data that you control as the data controller — they are entries you typed in to protect your store, not personal data FairGate collected from the buyer. We retain them on your behalf for the fraud-prevention purpose for which you added them, so a buyer redaction request does not delete your blocklist. You can remove any entry yourself at any time, and everything is erased onshop/redactafter uninstall.
None of these handlers log buyer personal data — only the store domain, the webhook topic and id, and counts.
7. Merchant responsibilities
As the merchant, you decide which values to add to your blocklist. You are responsible for ensuring you have a lawful basis to store and process any personal data you enter, and for honoring your own customers’ privacy rights under applicable laws such as the GDPR and CCPA. Keyword-based address matching can produce false positives, so review your entries carefully.
8. Security
Data is transmitted over encrypted connections (HTTPS) and stored with our hosting and database providers under their security controls. No method of transmission or storage is completely secure, but we work to protect your information using reasonable safeguards.
9. Changes to this policy
We may update this policy from time to time. When we do, we will revise the “Last updated” date above. Material changes will be reflected here, and your continued use of the app after an update constitutes acceptance of the revised policy.
10. Contact us
If you have questions about this policy or how your data is handled, contact us at info@fairgate.app.