Privacy Policy

Effective date: 1 February 2026

This Privacy Policy explains how Judo Gear (“we”, “us”, “our”) collects, uses, and shares information in connection with the Team-Storefronts Shopify application (the “App”) and related services (together, the “Service”).

1. Roles

When you install the App, you are typically the data controller for information about your Shopify store and your customers. We act as a data processor to provide the Service on your behalf, except where we act as a controller for our own business operations (e.g., billing administration, support, security, and compliance).

2. Information we collect

a) Merchant and store information

  • Store details (e.g., store name, myshopify domain, store ID).
  • Merchant contact information (e.g., name, email) where available via Shopify or provided to support.
  • App configuration and settings (e.g., plan, enabled features, team storefront configuration).

b) Store content needed to provide the Service

  • Product and collection identifiers and related metadata required to display team storefront catalogues.
  • Team storefront content you provide (e.g., team name, logos, banner images, guidance text, passcode settings).
  • Discount configuration metadata required for team pricing behaviour (where applicable).

c) Customer and order data (if permissions are granted)

Depending on the permissions you approve during installation, the App may access limited customer and/or order data to support storefront behaviour, reporting, support, fraud prevention, or troubleshooting. We recommend granting only the permissions you need.

d) Usage and technical data

  • Log data (e.g., timestamps, pages/actions within the App admin, error logs).
  • Device and browser information for the merchant admin experience.
  • Approximate location derived from IP address (security and analytics).

3. How we use information

  • Provide the Service (create and render team storefronts, apply configured behaviour).
  • Maintain security, prevent abuse, and troubleshoot issues.
  • Provide merchant support and respond to enquiries.
  • Operate billing and account administration (where applicable).
  • Improve the Service via aggregated analytics and product insights.

4. Legal bases (UK GDPR)

  • Contract — to provide the Service you request when you install and use the App.
  • Legitimate interests — to secure, maintain, and improve the Service and prevent fraud/abuse.
  • Legal obligation — to comply with applicable laws (e.g., financial record keeping).
  • Consent — where required for certain cookies or similar technologies (if implemented).

5. Sharing and disclosures

We may share information with:

  • Infrastructure and hosting providers used to operate the Service.
  • Analytics and error monitoring providers (typically in aggregated or pseudonymised form where possible).
  • Professional advisers and regulators where required (legal, compliance, or enforcement).

We do not sell personal information. We do not use merchant data to advertise third-party products to your customers.

6. Data retention

We retain information only as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. On uninstall, we will stop active access to your Shopify data. Residual logs/backups may be retained for a limited period for security and operational reasons.

7. Uninstall and data deletion

You can uninstall the App at any time from your Shopify admin, which revokes the App’s access to your store. You may request deletion of App-stored data by emailing email@judogear.shop and including your store domain. We will respond in line with applicable law and platform requirements.

8. International transfers

Some service providers may process data outside the UK. Where this occurs, we use appropriate safeguards (such as standard contractual clauses) as required by applicable law.

9. Security

We use reasonable administrative, technical, and organisational measures designed to protect information. No method of transmission or storage is 100% secure.

10. Your rights

Depending on your location and role (merchant or customer), you may have rights to access, correct, delete, restrict or object to processing, and request portability of personal data. For customer data processed on behalf of a merchant, requests may need to be directed to the merchant as the controller.

11. Cookies

The Service may use cookies or similar technologies for essential functionality and analytics. If you enable non-essential cookies, you should implement a consent mechanism appropriate for your jurisdiction.

12. Changes

We may update this Privacy Policy from time to time. We will update the effective date and, where appropriate, provide additional notice.

13. Contact

Privacy questions: email@judogear.shop.