Skip to content
cod guard Install on Shopify

COD Guard Privacy Policy

Last updated: May 14, 2026

What COD Guard does

COD Guard is a Shopify app that helps merchants detect fraudulent Cash-on-Delivery (COD) orders. When a new order is placed, COD Guard analyses the order's customer name, phone number, email address, and shipping address to compute a fraud-risk score. The result is shown to the merchant in the COD Guard dashboard and optionally used to tag or flag the order in Shopify Admin.

What data we process

COD Guard receives and processes the following data from Shopify order webhooks:

  • Customer name
  • Customer phone number
  • Customer email address
  • Shipping address (street, city, province, postal code, country)

This data is received directly from Shopify via the orders/create and orders/updated webhooks. COD Guard does not collect payment information, order line items, or any data beyond what is listed above.

Why we process it

The sole purpose of processing this data is COD fraud risk detection on behalf of the installing merchant. COD Guard does not use customer data for advertising, profiling, resale, or any purpose beyond the fraud review service the merchant has explicitly requested by installing the app.

Data retention

Data category Retention period
Order PII (name, phone, email, address) Retained while the merchant's subscription is active. Deleted within 48 days of app uninstall (on receipt of Shopify shop/redact webhook).
Application logs 30 days, then automatically rotated and deleted.
Database backups 30 days rolling. Older backups are deleted automatically.
Customer data exports Not applicable — COD Guard does not provide a data export feature.

Data protection commitments

COD Guard is operated as a data processor on behalf of each installing merchant (the data controller). We commit to the following:

  • Customer data is processed only for COD fraud detection and for no other purpose.
  • Customer data is not shared with, sold to, or disclosed to any third party except as necessary to operate the service (e.g., Google Maps API for address geocoding, which receives address text only and returns a geocoded result).
  • The production database is encrypted at rest and accessible only via SSH key authentication.
  • Transport security (HTTPS/TLS) is enforced for all connections to COD Guard.
  • Access to customer data is limited to a single named operator and is not delegated to third parties.

GDPR and customer data requests

COD Guard implements the three Shopify GDPR webhook handlers:

  • customers/redact — nullifies all PII fields on matched order records within the COD Guard database.
  • customers/data_request — identifies and logs all order records held for the specified customer.
  • shop/redact — permanently deletes all order and blocklist data for the merchant's shop, triggered 48 days after app uninstall.

All GDPR webhook events are logged to an internal audit table as proof of processing.

Incident response

In the event of a confirmed data breach or unauthorized access to customer data, affected merchants will be notified by email within 72 hours of the incident being confirmed. Full details of our incident response procedure are documented internally and available on request.

Contact

For privacy-related questions, data requests, or to report a concern, contact the COD Guard operator at hiendinhngoc@gmail.com.