Product Customization Formsby ArvoPeak

Privacy Policy

Effective date: June 26, 2026

This Privacy Policy explains how ArvoPeak (“we”, “us”) collects, uses, stores, and protects information when a merchant installs and uses Product Customization Forms (the “App”) on their Shopify store, and when that store’s customers interact with customization forms the App renders. By installing the App you agree to this Policy.

1. Information we collect

a. Merchant & store data (from Shopify)

b. End-customer data (collected on your storefront)

The App intentionally does not request the read_orders scope or broad customer/Protected Customer Data access. Customer answers travel with the order as native Shopify line item properties; we only store the submission content you collect through your forms.

2. How we use information

We do not sell personal data, and we do not use customer answers or uploads for advertising or for training models.

3. Storage, location & security

4. Sub-processors & sharing

We share data only with infrastructure providers strictly necessary to run the App:

ProviderPurpose
Shopify Inc.Hosting your store, OAuth, billing, and order data exchange
Server / hosting providerCompute, database, and file storage for prd.arvopeak.com
Cloudflare, Inc.CDN, TLS, and DDoS protection in front of our server

We may disclose information if required by law or to protect our legal rights.

5. Data retention & deletion

6. Your rights

Depending on your location (e.g. the EEA/UK under GDPR, or California under CCPA/CPRA), you or your customers may have rights to access, correct, export, or delete personal data, and to object to or restrict processing. Merchants can trigger deletion by uninstalling the App or by emailing us. A store’s customers should contact the merchant (the data controller); we act as the merchant’s processor and will assist with any verified request. Email [email protected] to exercise a right.

7. Children

The App is for use by merchants and is not directed to children. We do not knowingly collect data from children under 16.

8. International transfers

Your data may be processed in countries other than your own. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) for such transfers.

9. Changes to this Policy

We may update this Policy from time to time. Material changes will be reflected by a new effective date on this page, and where appropriate we will notify merchants.

10. Contact us

ArvoPeak — [email protected]
Privacy policy URL: https://prd.arvopeak.com/privacy