Data Processing Addendum
Last updated: 2026-07-01
Access Readiness Doctor is designed to minimize personal data processing. It requests only the read_products scope and does not request customer data, order data, or payment data.
Where we process personal data on behalf of a merchant, the merchant is the controller and we act as processor only to provide the app.
Processing scope
- Shopify shop identity and session data.
- Scan metadata: status, timestamps, rule version, trigger, coverage manifest, and per-severity counts.
- Findings: page URL, page type, check id, WCAG reference, selector path, a short message and fix hint, and a truncated HTML snippet of at most 200 characters. Full page HTML is never stored.
- Subscription/plan state.
- An optional storefront password, stored encrypted at rest and used only transiently during a scan.
Retention
We keep recent scans only (the last 3 on Free, the last 12 on Pro) and delete all app-side shop data after uninstall or shop redact.
Subprocessors
Expected subprocessors include:
- Shopify, for app installation, authentication, billing, and product handle discovery.
- Vercel, for application hosting.
- Neon, for PostgreSQL database hosting.
We use subprocessors only to provide and operate the app.