Inciwell Add to Shopify

POLICIES

Data Processing

Last updated: 7 July 2026

This page describes how Inciwell (KONSTANTINOS KATSINARIS L.P.) processes data on behalf of merchants who install the app.

Roles. For product-safety content stored in your Shopify store, you are the data controller and Inciwell is a processor acting on your instructions (your use of the app). Inciwell processes only what is needed to provide the app.

What we process and why. Store domain and access token (to authenticate and call the Shopify Admin API); app settings, plan status, audit cache, and an event log (to operate the app). Your product-safety content is stored in your Shopify store, not on our servers. We do not process your customers' personal data.

Sub-processors.

Sub-processor Purpose Region
Shopify App platform, authentication, Admin API, billing Global
Fly.io Application hosting EU / US
Sentry Error monitoring and diagnostics EU / US

Security. Data in transit is encrypted with TLS. Access to production systems is restricted. We use error monitoring to detect and fix problems.

Data-subject and redaction requests. We honor Shopify's mandatory compliance webhooks (customers/data_request, customers/redact, shop/redact). Because we do not store customer personal data, customer redaction requests are acknowledged accordingly; shop redaction removes the store's operational data from our systems.

Sub-processor changes. We will update this page if sub-processors change.

Contact. inciwell@gmail.com.