Privacy Policy.

The short version — if you only read one section.

• Merchants (Shopify stores) are our customers. We process your store and customer data on your behalf, as your data processor, to deliver the verification service.
• Customers of merchants (the people we call) — we contact you only because your order was placed at a store using Verifyio, and only to confirm that order.
• We record and transcribe verification calls so the merchant can review them and so our AI can keep improving. Recordings are deleted after 90 days by default.
• We do not sell personal data. Ever. We don't run ads. We don't share data with third parties for marketing.
• We use a small number of named sub-processors (telephony, AI inference, hosting) listed in Section 7.
• You have rights — access, correction, deletion, export. Email privacy@verifyio.io and we'll respond within 30 days.

Who we are and what we do.

Verifyio ("we", "us", "our") is the operator of the Verifyio Shopify app and the website verifyio.io. We make an AI voice agent that calls cash-on-delivery customers on behalf of Shopify merchants to confirm their orders before shipment, reducing failed deliveries.

For data-protection purposes:

• When a merchant installs Verifyio and provides their store data, we act as a data processor, processing data on the merchant's instructions. The merchant is the controller.
• For the website verifyio.io (this site, marketing pages, sales contact forms), we act as a controller for the limited data we collect there.

The data we touch.

We try to collect the minimum needed to run the service. Categories below are exhaustive.

From the merchant (Shopify store)

Generated by the service

From the website (verifyio.io)

• Standard server logs (IP, user-agent, request path, timestamp) — kept 30 days for security.
• Analytics — first-party, cookieless. We track aggregate page views, not individual visitors.
• Anything you voluntarily enter into a contact form or email us.

What we don't collect

• We don't collect payment-card numbers. Shopify handles all payments.
• We don't read storefront browsing behaviour, cart contents before checkout, or any data outside the order/customer scope our app requested.
• We don't access store data once the merchant uninstalls the app — see Section 8.

The call itself.

The most sensitive thing we do is place a phone call to your customer and record it. Here's exactly how that works.

The disclosure

Every Verifyio call begins with the same opening: the AI identifies itself as an automated assistant calling on behalf of [merchant name], states the order number, and tells the customer the call is being recorded. The customer can opt out at any moment by saying "stop", "do not call", or hanging up — and we won't call again about that order.

What gets recorded

• The full audio of the call, both AI side and customer side.
• A speech-to-text transcript with timestamps.
• Telephony metadata: duration, country routing, carrier, jitter / quality signals.

Two-party-consent jurisdictions

Some regions (e.g. several US states, EU member states) require all parties to a call to consent to recording. The opening disclosure constitutes notice; if the customer continues the call after the disclosure, that is taken as implied consent. Merchants are responsible for ensuring their use of Verifyio is lawful in their customers' jurisdictions; we provide the disclosure script and a simple toggle to refuse calling specific regions.

AI training

By default, recordings are not used to train third-party foundation models. We use de-identified transcripts (with names, phone numbers, addresses, and order IDs removed) to fine-tune our own models for verdict accuracy and language coverage. Merchants can opt out of this entirely from app settings; in that case, recordings and transcripts are used only for the merchant's own dashboard.

Why we hold any of this at all.

• Run the service. Place the call, transcribe it, post a verdict back to Shopify, update the order.
• Show the merchant their dashboard. Recent verifications, recordings, savings, RTO trends.
• Operate the platform. Billing (via Shopify), error monitoring, abuse detection, support.
• Improve our AI. De-identified transcripts, with merchant consent, to make our verdicts more accurate.
• Comply with law. Respond to lawful requests, fulfil tax/audit obligations.

We do not use this data to advertise, build profiles for third parties, or sell to data brokers.

Why we're allowed to do this.

For users in the EU, UK, and equivalent jurisdictions, our legal bases under GDPR Article 6 are:

• Performance of a contract — when a merchant installs Verifyio, we need to process their data to deliver the service.
• Legitimate interests — limited operational use (security, fraud prevention, service improvement) where the merchant's interest in a working product outweighs minimal privacy impact.
• Consent — for AI-training use of recordings, the merchant grants explicit opt-in consent during onboarding and can revoke it at any time.
• Legal obligation — where retention is required by law (e.g. tax records).

Who else touches the data.

To run Verifyio, we rely on a small set of vetted vendors. Each has a Data Processing Agreement with us and processes data only on our instructions.

We post any change to this list (new sub-processor, removed vendor, region change) at least 30 days in advance on this page. Material changes are also emailed to merchant admins.

We do not sell personal data. We do not share data with third parties for their own marketing. We may disclose data when required by valid legal process, and we will notify the affected merchant unless legally prohibited.

How long we keep things.

Where data physically lives.

Verifyio is operated globally. Data may be processed in any region listed in Section 7. By default, EU merchant data is stored in our Frankfurt region; Indian merchant data in Mumbai; everything else in our US region.

For transfers out of the EEA, UK, or Switzerland, we rely on the European Commission's Standard Contractual Clauses (SCCs) supplemented by the UK Addendum where applicable. A copy is available on request.

What you can ask us to do.

Depending on where you live, you have some or all of the following rights:

• Access — get a copy of the personal data we hold about you.
• Rectification — correct anything that's wrong.
• Erasure — ask us to delete your data ("right to be forgotten").
• Portability — receive your data in a machine-readable format.
• Restriction / objection — limit how we process your data.
• Withdraw consent — for any processing based on consent, including AI training.
• Lodge a complaint — with your local data-protection authority.

Email privacy@verifyio.io. For requests from a customer of a Verifyio-using store, we'll route the request to the merchant (the data controller) within 7 days.

For California residents: you also have the right not to be discriminated against for exercising any of these rights. We do not sell personal information as defined by the CCPA.

How we keep it safe.

• In transit — TLS 1.2+ for all API and dashboard traffic; SRTP for telephony where the carrier supports it.
• At rest — AES-256 encryption for recordings, transcripts, and database snapshots.
• Access control — engineering access to production data is limited to named on-call engineers, audited, and logged.
• Secrets — managed via AWS Secrets Manager; no plaintext secrets in source code.
• Compliance — SOC 2 Type II audit underway (target: Q4 2026). DPA available on request.

If you discover a vulnerability, please report it responsibly to security@verifyio.io. We respond within 48 hours and won't pursue researchers acting in good faith.

Children's data.

Verifyio is a B2B service used by Shopify merchants. We do not knowingly collect data from children under 16. If you believe we hold data about a child, contact us and we'll delete it.

Changes to this policy.

We update this policy when we change something material — a new sub-processor, a new product feature with new data implications, a clarification. The "Last updated" date at the top reflects the most recent change. For material changes affecting merchant accounts, we email admins at least 30 days before the change takes effect.

An archive of previous versions is available on request.

Talk to us.

The fastest way to reach us about anything privacy-related is email. We respond to every privacy enquiry within 7 business days, and resolve verifiable rights requests within 30 days.