Legal

Privacy Policy

Last updated: July 8, 2026

Origova ("we," "us," or "our") provides Origova, a Shopify app that scans merchant product catalogs for missing or invalid customs and compliance data. This policy explains what information Origova accesses, how it's used, and how it's protected.

What data Origova accesses

When you install Origova, it reads product and variant data from your Shopify store, including titles, descriptions, SKUs, categories, images, and customs-related fields (country of origin, HS code, weight, material). Origova uses this data solely to identify missing or invalid compliance fields and to let you fix them.

Permissions requested

Origova also receives Shopify notifications when products, variants, or inventory items change, so its copy of your catalog stays current. These notifications carry catalog data only.

What Origova never accesses

Origova does not access, collect, or store your customers' personal data. No customer names, emails, addresses, orders, or payment information are ever touched by the app.

Although Shopify's inventory permissions are broad by design, Origova reads and writes only the customs fields on an inventory item — country of origin, HS code, and weight. It does not read or modify stock quantities, inventory levels, inventory transfers, or shipments.

Because Shopify links every inventory item to the locations that stock it, granting inventory access also requires read access to your location records, and Shopify syncs those records alongside the inventory data. Origova never reads, displays, exports, or modifies location data — it is stored only because the platform requires it to resolve inventory items. Origova never requests write access to locations.

When Origova writes to your store

Reading and syncing are automatic. Writing is not. Origova changes data in your Shopify store in exactly two situations: when you click Apply fix, and when you click Undo. It never modifies your catalog on its own.

Data isolation

Every store that installs Origova has fully isolated data. Your catalog, scan history, findings, and fix history are visible only to your store — no other merchant can see or access your data, even if multiple stores are managed by the same organization.

Data retention

Scan history, findings, and fix history are retained for as long as your store has Origova installed, so you can review past activity. If a product is deleted in Shopify, its catalog entry is deactivated rather than erased, so the fix history referencing it remains a complete audit trail.

If you uninstall Origova, we take steps to remove your store's data from our systems in accordance with Shopify's app requirements. If you have questions about the status of your data after uninstalling, contact us at the address below and we'll confirm directly.

GDPR and data subject requests

Origova implements Shopify's mandatory privacy webhooks (customer data request, customer redact, and shop redact). Because the app does not collect customer personal data in the first place, customer-related requests are acknowledged with no customer data to return or delete. Shop-level data is removed in accordance with Shopify's requirements when a store uninstalls the app.

Your choices

Changes to this policy

If this policy changes in a material way, we'll update the date at the top of this page. Continued use of Origova after a change means you accept the updated policy.

Contact us

Questions about this policy or how Origova handles data can be sent to privacy@origova.com.