Privacy Policy & Terms of Service

Last updated: April 2026

1. Introduction

Modilo ("we", "our", "us") provides a product personalization service for Shopify merchants. By installing or using Modilo, you agree to the terms described below.

2. Information We Collect

From the merchant (you)

• Your shop domain (e.g. example.myshopify.com)
• An OAuth access token issued by Shopify
• Templates, fonts, images, and configuration you upload to Modilo
• Order data forwarded from your shop (order ID, line items, personalization properties)

From your customers

• Images they upload to personalize a product
• Text and design choices entered into the personalizer
• Temporary preview images generated from the personalized design
• Personalization properties attached to a Shopify cart or order

We do not collect customer payment information. Customer names, email addresses, shipping addresses, and billing details are handled by Shopify checkout and are not collected through the Modilo personalizer. We do not use cookies for advertising or tracking.

3. How We Use Your Information

• To generate personalized print files (PDF) for your orders
• To store templates and assets so you can reuse them
• To deliver the personalizer interface to your customers

4. Data Storage

Merchant and personalization data is stored on secure infrastructure, including Bunny CDN, PostgreSQL, and Redis. Shopify access tokens are encrypted at rest. We do not sell merchant or customer data.

Each merchant's files are stored in a separate tenant folder. Temporary cart personalization data is stored separately from completed order production files.

5. Data Retention

Temporary cart personalization data that has not yet become a completed order is retained for up to 30 days and then automatically deleted. This includes pending personalization JSON data created before checkout is completed.

Completed order production files, such as generated PDFs and renamed customer image files, are retained so the merchant can produce and fulfill the order. These files can be deleted when Shopify sends a customer redaction request for the related order.

When a merchant uninstalls Modilo, the connection to the Shopify shop is removed immediately. Shopify later sends a shop/redact webhook. After receiving that webhook, Modilo deletes the shop's stored customer personalization and production data.

6. Customer Privacy Requests (GDPR)

If Shopify sends Modilo a customers/data_request webhook, we acknowledge the request and identify any relevant personalization data that is stored as merchant order production data.

If Shopify sends Modilo a customers/redact webhook, Shopify may include the orders that must be redacted. Modilo uses those order IDs to delete related indexed files, including pending order JSON, PDFs, preview images, and customer-uploaded image files where they are linked to that completed order.

Anonymous cart personalization data created before checkout might not be linked to a Shopify customer account. That temporary data is handled by the 30-day automatic deletion process.

7. Terms of Service

Use of the service

You may use Modilo only in connection with a Shopify shop you own or manage. You are responsible for the templates and content you upload, and for ensuring you have the right to use them.

Limitations

Modilo is provided "as is", without warranty of any kind. We are not liable for losses arising from use of the service, including downtime, data loss, or printing errors.

Termination

You may uninstall Modilo from your shop at any time via Shopify Admin. We may terminate accounts that violate these terms or Shopify's policies.

8. Contact

For questions, please contact: [email protected] (replace before going live)