Privacy Policy – GLS Slovakia

Shopify App by BrumShake

Effective: —

This Privacy Policy describes how the GLS Slovakia Shopify app (“App”) collects, uses, and shares information when installed and used by merchants. If you have questions, contact us at support@brumshake.com.

Data we collect How we use data Sharing Retention Security Merchant controls Contact
Key point: The App is designed to enable customers to choose a GLS pickup point after checkout (via a button on the Thank you / Order status pages that redirects to a map page). The selected pickup point is then saved to the corresponding order in Shopify Admin.

Data we collect

We collect only the data needed to provide the App’s functionality.

  • Shop information: shop domain (e.g. yourshop.myshopify.com) and related app installation identifiers.
  • Order information: order ID / Shopify order ID and shipping method identifiers needed for mapping and saving pickup point selection.
  • Pickup point selection: selected GLS pickup point details (e.g. pickup point ID, name, address, country code).
  • Technical data: request logs necessary for troubleshooting and security (e.g. timestamp, request metadata, error messages).

How we use data

  • To determine whether GLS pickup point selection should be shown for an order (based on the merchant’s shipping mapping).
  • To display a pickup point selection flow after checkout (button → redirect → map page).
  • To save the selected pickup point to the Shopify order (e.g. note/metafield/event).
  • To support merchants with troubleshooting and ensure the App operates reliably.

Sharing

We do not sell personal data. We share data only when necessary to provide the App’s shipping/pickup functionality:

  • Shopify: the App uses Shopify APIs/webhooks to read and update order data related to the pickup point selection.
  • GLS services: pickup point data may be retrieved from GLS systems or related services to display pickup locations.

We do not share data with third parties for advertising or marketing.

Retention

  • We keep data only as long as required to provide the App’s services and comply with legal obligations.
  • If the merchant uninstalls the App, we remove or anonymize stored shop-related data within a reasonable period, unless retention is required by law.

Security

Security measures: All communications are served over HTTPS. Shopify webhooks are verified using HMAC signatures. Access tokens are stored securely and used only for authorized Shopify API calls.

Merchant controls & requests

  • Merchants can uninstall the App at any time from Shopify Admin.
  • For privacy-related requests, contact us at support@brumshake.com.
  • Shopify may send privacy compliance webhooks (customers/data_request, customers/redact, shop/redact). We respond as required by Shopify policies.

Contact

BrumShake
Website: brumshake.com
Email: support@brumshake.com

If you are located in the EEA/UK, you may have additional rights under applicable data protection laws.