Dispute Vault

Privacy Policy

Dispute Vault preserves evidence from your Shopify store to help you respond to Shopify Payments disputes. This page explains what we collect, why we collect it, and your choices.

Effective date: Mar 18, 2026 · Last updated: Mar 18, 2026 · Plain-English summary first. Full policy below.
Summary (plain English)
  • Evidence preservation. We built Dispute Vault to collect and assemble dispute evidence, not to track customer behavior.
  • What we collect. We receive order, fulfillment, and dispute data via Shopify webhooks, plus helpdesk communications you connect.
  • Enrichment only. We fetch store policies, product snapshots, and transaction details to strengthen your evidence pack.
  • No selling. We do not sell your data.
  • Retention is limited. We retain evidence and related service data only as long as needed to operate the service, support merchants, meet legal obligations, and secure the app.

Privacy at a glance

Category What this means
Data used for evidence Order and dispute data: orders, fulfillments, disputes, store policies, product snapshots, transaction details, and helpdesk communications.
Not required Not required: customer passwords, payment card numbers, or data beyond what Shopify provides via approved scopes.
Billing and plans Shopify billing: 30-day free trial, then $29/month via Shopify Billing API.
Retention model Purpose-limited retention: service data is kept only as long as needed for support, legal, billing, and security obligations.
Privacy requests Email: privacy@disputevault.com.

On this page

1. Who this policy applies to

This policy applies to merchants who install and use the Dispute Vault Shopify app, and to visitors of our website pages such as support, help, contact, and marketing pages.

It does not govern Shopify’s own handling of your data. Shopify remains a separate controller/provider under its own privacy terms.

2. Information we collect

A. Information from your Shopify store (app functionality)

To preserve dispute evidence, we may access and process:

  • Store identifier and store domain
  • Order data (order details, line items, customer email for evidence matching)
  • Fulfillment data (tracking numbers, carrier, delivery status)
  • Dispute data (dispute reason, status, deadlines, financial details)
  • Store policies (refund, shipping, terms of service — snapshotted at order time)
  • Product snapshots (product details as they appeared at order time)
  • Transaction details (AVS/CVV verification, authorization codes)

We collect only what is reasonably necessary to assemble dispute evidence.

B. Helpdesk communications (if connected)

If you connect a helpdesk provider (Zendesk or Gorgias), we receive:

  • Customer support ticket content matched to orders by email address
  • Ticket metadata (timestamps, status)

This data is used solely to include relevant customer communications in your dispute evidence pack.

C. Account and subscription information

Depending on your plan and billing flow, we may process:

  • Shopify shop/account identifiers
  • Subscription status (trial, pro, expired) and billing events (via Shopify)
  • Support communication details (email address and messages you send us)

D. Website and technical usage information

What we collect

Pages viewed with timestamps and diagnostic/error logs, used to secure, maintain, and improve the service.

What we don’t intentionally store

IP address or IP-based location data for analytics purposes.

What providers may process

Our infrastructure provider (Cloudflare) may process IP addresses and related network data to deliver and protect the service (for example, for security and abuse prevention).

If used, server-side analytics employ anonymization measures and do not run analytics scripts in the page.

3. What we do not collect

Dispute Vault is designed to preserve dispute evidence. We do not require access to:

  • Customer passwords or authentication credentials
  • Payment card numbers or full financial account details
  • Data beyond the Shopify scopes granted during installation

If this changes for a future feature, we will update this policy and request any required permissions transparently.

4. How we use information

We use information to preserve dispute evidence, assemble evidence packs, write merchant-reviewed responses back to Shopify, provide support, maintain security and reliability, prevent abuse, enforce our Terms, and comply with legal obligations.

We do not use your store data to build public datasets about your store.

6. Data sharing

We do not sell your personal information.

We may share information with trusted providers only as needed to operate the service, including hosting/infrastructure, logging/monitoring, support tools, email delivery, and billing integrations (including Shopify where applicable).

These providers may process data only on our behalf and under appropriate safeguards. We may also disclose information if required by law or to protect rights, security, and service integrity.

7. Data retention

We retain data only as long as needed to provide the service, maintain evidence history, resolve disputes, enforce agreements, and meet legal/accounting obligations.

Retention periods vary by data type. If you uninstall the app, we may delete or anonymize store-related data after a reasonable period unless retention is required for legal, billing, or security reasons.

8. Data security

We use reasonable technical and organizational measures to reduce unauthorized access, disclosure, alteration, and destruction. No system is fully risk-free, but we design Dispute Vault with reliability and least-necessary access in mind.

If you suspect a security issue, contact us immediately at security@disputevault.com.

9. International data transfers

Your information may be processed in countries other than your own, depending on infrastructure and service providers. Where required, we use appropriate safeguards for international transfers, including contractual protections.

10. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, restrict, object, and request portability of personal data, and to withdraw consent where processing is based on consent.

To submit a request, email privacy@disputevault.com. We may need to verify identity and authority (for example, if a request is made on behalf of a store).

11. Cookies and analytics

Dispute Vault does not use cookies for marketing or analytics. We may use essential storage only if required for core functionality (for example, session state). If this changes, we will update this policy.

12. Children’s privacy

Dispute Vault is intended for businesses and store operators. It is not directed to children.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the Last updated date. If changes are material, we may provide additional notice such as in-app messaging or email.

14. Contact us

Privacy email privacy@disputevault.com
Security email security@disputevault.com
Contact page /contact
Business name Inetis d.o.o. (a Slovenian limited liability company)
Address Kidričeva ulica 25, 3000 Celje, Slovenia
Country Slovenia
Back to top
Policy note

Shopify is a separate service provider with its own privacy terms and data practices. This policy covers Dispute Vault only.