This Privacy Policy describes how Veritag Chargeback Sharedblock ("we", "us", or "our") collects, uses, and processes data when merchants install and use our Shopify application (the "App").
1. Who We Are and Who This Policy Covers
Veritag Chargeback Sharedblock is a Shopify app developed by Veritag. Our customers are Shopify merchants (businesses). This policy governs the data relationship between Veritag and those merchants. It does not directly govern how merchants interact with their own end-customers — that is the merchant's responsibility (see Section 5 below).
2. Data We Collect from Merchants
When a merchant installs the App, we access and process the following data from their Shopify store solely to operate the fraud prevention service:
- Order data: Order identifiers, transaction amounts, fulfillment status, and chargeback records.
- Customer identifiers: Email addresses, phone numbers, shipping/billing addresses, and IP addresses associated with orders — these are immediately converted into irreversible SHA-256 cryptographic hashes before being stored or shared.
- Store information: Shop domain, plan details, and app configuration settings.
We do not store raw email addresses, phone numbers, or any directly identifiable customer contact details. All such data is hashed at the point of ingestion.
3. How We Use This Data
- Cross-referencing hashed identifiers against the Veritag Fraud Prevention Network to detect fraudulent transaction patterns across participating merchants.
- Providing chargeback risk scores and alerts to the merchant within the App dashboard.
- Maintaining and improving the accuracy of the shared fraud prevention network.
- Communicating with merchants about the App, billing, and service updates.
4. Data Sharing
We share hashed (non-reversible) customer identifiers with other participating merchants in the Veritag Network strictly for fraud prevention purposes. No raw personal data is ever exposed to other merchants. We do not sell any data. We engage the following infrastructure sub-processors: DigitalOcean (hosting) and Neon, Inc. (database).
5. Merchant Obligation — Disclosing to Your Customers
Under our Data Processing Agreement (§2.3), merchants are required to inform their own customers that transaction data is processed by Veritag's fraud prevention service. Add the following paragraph to your store's Privacy Policy page:
Fraud Prevention and Security Network
To detect and prevent fraudulent transactions and maintain the security of our store, we utilize third-party risk analysis services provided by Veritag. For this purpose, certain identifiers (such as your email address and phone number) are converted into irreversible, cryptographically hashed strings (SHA-256) and shared with the Veritag Fraud Prevention Network. This allows the system to cross-reference risk signals across participating merchant stores to identify fraudulent patterns without revealing your raw identity. Our legal basis for this processing is our legitimate interest in mitigating financial fraud and protecting our business and customers.
6. Data Retention
Merchant account and configuration data is retained for the duration of the subscription and up to six years thereafter for legal and accounting purposes. Hashed fraud-network identifiers may be retained beyond uninstallation in an irreversibly anonymized form to preserve network integrity. Merchants may request deletion of their store profile and contributed data by contacting us.
7. Your Rights as a Merchant
Merchants may request access to, correction of, or deletion of their store's data at any time by contacting us. We will respond within 30 days.
8. Contact
For questions about this policy or our data practices:
Email: liminghui229@outlook.com
This Data Processing and Co-Control Agreement ("Agreement") is a legally binding contract entered into by and between the merchant installing the Veritag application ("Merchant") and Veritag ("Company", "Processor", "Veritag", or "we").
1. Purpose and Scope
1.1 This Agreement governs the processing and cross-merchant sharing of network personal data through the Veritag application on the Shopify platform.
1.2 This Agreement regulates the shared data protection relationship between the parties in compliance with the EU/UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the CPRA, and other applicable US state and global privacy laws.
2. Roles, Joint Control, and Network Mechanism
2.1 Dual-Jurisdiction Regulatory Status:
- Under GDPR/UK GDPR: The parties acknowledge and agree that for the specific purpose of operating the Veritag Fraud Prevention Network (the "Network"), the Merchant and Veritag act as Joint Controllers under Article 26 of the GDPR. They jointly determine the purposes and means of the cross-merchant risk analysis.
- Under US Privacy Laws (CCPA/CPRA, etc.): The parties acknowledge that they act as separate, independent businesses with respect to the cryptographic Network data pooling.
2.2 The Network Sharing Mechanism:
The Merchant acknowledges and agrees that to detect and prevent e-commerce fraud, certain Personal Data points (defined in Annex 1) collected from the Merchant's store will be converted into one-way cryptographic hashes (e.g., SHA-256) and pooled into the Network. Veritag will cross-reference and compare these identifiers against transaction behaviors, device fingerprints, and risk signals collected from other merchants within the Veritag application ecosystem.
2.3 Allocation of GDPR Responsibilities:
- Merchant's Responsibility: The Merchant shall be solely responsible for providing GDPR-compliant privacy notices to its end-consumers, explicitly informing them that their pseudonymous/hashed data will be shared with the Veritag Network for cross-merchant fraud prevention. The Merchant must secure a valid legal basis (such as Legitimate Interest under Article 6(1)(f) of the GDPR) before transmitting data.
- Veritag's Responsibility: Veritag shall be responsible for maintaining the security of the Network infrastructure, managing data subject rights related to the Network repository, and ensuring that no raw, unhashed contact details are exposed to third-party merchants.
2.4 US Privacy Law Compliance (CCPA/CPRA & State Laws):
To the extent that US state privacy laws apply, the parties agree that the cross-merchant data pooling within the Network is conducted strictly for the restricted Business Purpose of protecting against malicious, deceptive, fraudulent, or illegal activity. Veritag certifies that it shall not sell the Merchant's data, nor share or process the Merchant's data for cross-context behavioral advertising. Veritag shall not retain, use, or disclose Network data for any commercial marketing purpose outside the verification and fraud prevention scope of the Network.
3. Term and Termination
3.1 Term: This Agreement shall commence on the date the Merchant installs the Veritag application and shall remain in full force and effect until the Merchant uninstalls the application.
3.2 Post-Termination Network Retention: Upon uninstallation, Veritag shall remove the Merchant's store profile. However, to maintain the integrity of the Network's security baseline, cryptographic hashes of fraud-related nodes (e.g., confirmed fraudulent email hashes) will be retained in the Network in an irreversibly anonymized form, provided they no longer contain any direct identifiers or metadata linking them back to the Merchant.
4. Technical and Organizational Measures & Hashing Standards
4.1 Data Minimization & Mandatory Hashing:
Veritag shall implement a strict data minimization pipeline. High-risk identifier fields, including Customer Email Addresses and Phone Numbers, must be cryptographically hashed (SHA-256) on the client-side or immediately upon ingestion before being processed by the Network cross-matching engine.
4.2 Security Safeguards: Both parties shall maintain appropriate technical and organizational security measures (as outlined in Annex 2). All cross-merchant database queries within the cloud database infrastructure must be strictly enforced via TLS/SSL encryption and isolated via programmatic access controls.
5. Sub-processors
5.1 Authorized Infrastructure: The Merchant grants authorization to Veritag to engage the infrastructure providers listed in Section C of Annex 1 to host the core ledger of the Network.
6. Data Subject Rights and US Opt-Out Linkage
6.1 Exercise of GDPR/UK Rights: Data subjects may exercise their rights (access, erasure, objection) against either controller. The parties shall assist each other in fulfilling such requests. If a consumer requests data erasure from the Merchant's store, Veritag shall automate the removal of that consumer's active profile via Shopify Privacy Webhooks, while ensuring that risk-essential hashes within the fraud ledger are decoupled from any identifiable merchant record.
6.2 US Opt-Out (Do Not Sell/Share) Integration: To the extent required by US Privacy Laws, the Merchant shall implement mechanisms on its storefront to capture user requests to opt-out of the "sale/sharing" of personal information (including Global Privacy Control signals). The Merchant must ensure that its implementation of the Veritag Service honors these choices by suppressing data transmission to the Network for any consumer who has exercised a valid opt-out right under applicable US state laws.
7. Data Breaches
7.1 Notification: Veritag shall notify the Merchant without undue delay — and no later than 72 hours, consistent with GDPR and US state breach notification timelines — after becoming aware of any security incident affecting the Network database that impacts the Merchant's customer data nodes.
8. International Data Transfers
8.1 Cross-Border Transfers: To the extent that Network data is transferred from the EEA/UK to a country not recognized as providing an adequate level of data protection, the EU Standard Contractual Clauses (SCCs) (Module 1: Controller-to-Controller) are hereby incorporated by reference and shall apply automatically.
9. Limitation of Liability
9.1 The aggregate liability of either party for any breach of this Agreement shall be limited to the total amount of fees paid by the Merchant to Veritag during the twelve (12) months preceding the event. This limit does not apply to:
- Administrative fines imposed by EU/UK supervisory authorities due to a party's direct failure to comply with its joint control obligations under Article 26 of the GDPR.
- Statutory damages or civil penalties levied under US state privacy laws directly arising from a party's systemic failure to respect user opt-out configurations.
10. Governing Law and Jurisdiction
10.1 This Agreement shall be governed by and construed in accordance with the laws of [Insert Country/State].
10.2 The parties submit to the exclusive jurisdiction of the courts located in [Insert City/Country].
Annex 1: Details of Data Processing and the Fraud Network
A. Description of Processing
- Categories of Data Subjects: End-consumers, customers, and visitors of the Merchant's Shopify store.
- Purpose of Processing: Operating a collaborative, cross-merchant Fraud Prevention Network. This involves transforming customer touchpoints into cryptographic hashes to run real-time risk assessment, velocity checks, and blocklist verification across all participating stores in the Veritag app ecosystem.
- Nature of the Network: A shared mathematical database where risk attributes are linked to structural hashes (e.g., identifying if an email hash has committed chargebacks on multiple member stores within 24 hours) without revealing the raw identity of the consumer or the commercial data of other merchants.
B. Categories of Personal Data & Transformation Matrix
| Data Category | Transmission Mode | Network Processing Method |
|---|---|---|
| Identity & Contact Info Customer Email, Phone Number |
Synced via Shopify API | Mandatory SHA-256 Hashing: Instantly transformed into irreversible strings for cross-merchant blocklist matching. |
| Geographic Info Shipping/Billing Address, Country |
Synced via Shopify API | Used for location velocity checks (e.g., billing country vs. IP country mismatch). |
| Network & Device Identifiers IP Address, User Agent |
Captured via application script | Hashed and combined into a collaborative "Device Fingerprint" ledger. |
C. List of Approved Sub-processors
- DigitalOcean, LLC — Cloud infrastructure hosting
- Neon, Inc. — Serverless PostgreSQL database infrastructure
Annex 2: Technical and Organizational Measures (TOMs)
- Access Control: Role-based access controls with least-privilege principles enforced across all system components.
- Data Encryption: AES-256 encryption at rest; TLS 1.2+ for all data in transit.
- Network Security: Firewall rules, DDoS mitigation, and isolated VPC environments for database infrastructure.
- Audit Logging: Comprehensive audit trails for all data access and administrative actions, retained for a minimum of 12 months.
- Cross-Merchant Isolation Layer: The Network engine uses blinded token matching. No participating merchant can view, query, or reverse-engineer the raw transaction data or customer identities belonging to another merchant within the Network.