Your privacy is important to us. This Privacy Policy explains how Order Printer Pro collects, uses, shares, and protects personal information.

Last updated: 1 June 2026

This Privacy Policy ("Policy") explains the information collection, use, and sharing practices of Shop Circle Holdings Ltd (trading as Order Printer Pro), One Kingdom Street, Paddington Central, London W2 6BD, United Kingdom ("we," "us," "Order Printer Pro," and "our").

Order Printer Pro is designed for merchants ("Store Owners") who use the Shopify platform. Unless otherwise stated, references to collecting, using, or disclosing personal information in this Policy describe actions taken by the Store Owner, as the data controller, through the functionality of Order Printer Pro.

For customer, order, draft order, and other store data processed through Order Printer Pro, Shop Circle Holdings Ltd generally acts as a data processor on behalf of the Store Owner. For certain merchant account information, support communications, analytics, security logs, billing records, and operational information that we use for our own business purposes, Shop Circle Holdings Ltd may act as an independent data controller.

By using Order Printer Pro or otherwise interacting with the Services, you understand that information will be collected, used, and disclosed as described in this Policy.

Information We Collect

We collect information in multiple ways, including information you provide directly, information made available through Shopify and other third-party services, and information collected automatically when the Services are used.

Information You Provide Directly

Depending on how you use Order Printer Pro, you may provide:

• Account, contact, and support information, including names, email addresses, store owner details, support messages, and related communications;
• Template, document, and print configuration information, including template content, settings, document labels, branding preferences, and merchant-generated content;
• Uploaded files and branding assets, such as logos and images used in templates;
• Export recipient email addresses and export configuration choices;
• Optional B2B and Peppol information, such as company names, VAT numbers, enterprise numbers, business addresses, Peppol addresses, and invoice settings; and
• Other information you choose to submit through the Services.

Information from Shopify and Other Third-Party Sources

Order Printer Pro uses Shopify APIs, Shopify webhooks, and Shopify app functionality to provide the Services. We may receive or access:

• Store information, including shop domain, store name, shop ID, store owner name, store email, customer email, address, country, locale, currency, time zone, Shopify plan, and app subscription status;
• Shopify OAuth tokens, session tokens, app bridge context, access scopes, and authentication-related data needed to operate the embedded app;
• Order, draft order, customer, fulfillment, refund, product, variant, location, payment terms, metafield, tag, and custom attribute data needed to render, print, export, email, or send documents;
• Billing, subscription, plan, usage charge, and app installation information made available through Shopify;
• Webhook data, including app uninstall, shop update, order update, subscription update, and compliance-related webhook payloads; and
• Optional Peppol verification, company, directory, invoice status, and invoice submission information from our Peppol service provider where that feature is enabled.

Order Printer Pro does not generally store full customer or order records as long-term database records. Customer and order data is typically fetched from Shopify on demand to display orders, render documents, generate PDFs, or complete merchant-requested workflows. The app may temporarily cache fetched order data to improve performance, and may store references and operational metadata such as order IDs, template IDs, export email addresses, export status, error messages, and timestamps.

Information Collected Automatically

When you visit or use the Services, we and our service providers may automatically collect:

• IP address, browser type, device type, operating system, referring URLs, page URLs, and standard request metadata;
• Usage information, feature usage, dashboard interactions, events, and conversion information;
• Cookie, pixel, tag, session, CSRF, OAuth, and authentication-related information;
• Error, diagnostic, performance, and operational log information; and
• Standard browser and CDN request data when scripts, fonts, widgets, or other assets are loaded.

If a Store Owner uses Order Printer Pro to make document download links available to customers through Shopify emails, account pages, order status pages, checkout extensions, or app proxy routes, we may process request metadata and authentication-related information associated with those download requests. Where secure downloads are enabled, Order Printer Pro may process Shopify proxy signatures, session tokens, or customer identifiers provided by Shopify or by the Store Owner's configured link.

Categories of Personal Information Processed

The specific categories of personal information processed through Order Printer Pro depend on the features used by the Store Owner. They may include:

• Merchant and staff account information, such as names, email addresses, shop owner details, shop identifiers, shop domains, and subscription information;
• Store data, such as store name, address, country, locale, currency, Shopify plan, billing status, settings, and app configuration;
• Order and customer data, such as order IDs, order names, line items, quantities, discounts, taxes, prices, shipping details, billing and shipping addresses, customer names, customer email addresses, phone numbers, customer tags, and custom order or customer attributes;
• Document and template data, including generated documents, PDFs, export metadata, template content, print settings, and download counts;
• Uploaded content, such as logos and branding assets;
• Analytics, support, diagnostic, and event data;
• Billing, subscription, plan, and usage information; and
• Optional B2B and Peppol information, including business identifiers, VAT numbers, enterprise numbers, Peppol addresses, invoice recipient details, invoice line items, amounts, tax data, order references, and invoice status data.

How We Use Information

We use the information we collect for the following purposes:

• To provide, maintain, secure, and improve Order Printer Pro;
• To authenticate merchants and operate Order Printer Pro inside Shopify;
• To fetch, display, print, render, download, export, email, and manage merchant documents and templates;
• To sync store, order, customer, billing, subscription, metafield, tag, and configuration data with Shopify where needed for app functionality;
• To create and manage Shopify subscriptions, app charges, usage charges, and billing-related records;
• To provide support, troubleshooting, product administration, and service communications;
• To monitor service performance, reliability, diagnostics, errors, security, and abuse prevention;
• To analyse usage, feature adoption, conversion, and service performance;
• To send lifecycle, onboarding, support, and product-related communications to merchants;
• To enable optional B2B and Peppol features, including company registration, company verification, invoice creation, invoice submission, invoice status retrieval, and related operational processing;
• To comply with legal obligations, respond to lawful requests, and enforce our rights, agreements, and policies; and
• For any other purpose for which the information was collected with notice or consent.

We do not use customer or order data processed on behalf of Store Owners for our own customer marketing, customer profiling, or automated decision-making.

Legal Bases for Processing

Where applicable data protection law requires a legal basis, we process personal information on one or more of the following bases:

• Performance of a contract, including providing Order Printer Pro to Store Owners;
• Legitimate interests, including operating, securing, supporting, analysing, and improving the Services;
• Consent, where required for certain optional communications, cookies, tracking technologies, or marketing-related activities;
• Compliance with legal obligations; and
• Store Owner instructions, where we process customer, order, or store data as a processor on behalf of the Store Owner.

Store Owners are responsible for determining the legal basis for their collection and use of their customers' personal information through Shopify and Order Printer Pro.

How We Share Information

We may share information in the following situations:

• With third-party vendors, subprocessors, consultants, and service providers who need access to information to perform services for us or on behalf of Store Owners;
• With Shopify, where necessary to provide app functionality, embedded app features, API access, billing, authentication, webhooks, metafield sync, tag management, and related Shopify workflows;
• With service providers selected or triggered by the Store Owner, such as export email recipients or optional Peppol network processing;
• In response to lawful requests or where disclosure is required by applicable law, regulation, legal process, or governmental request;
• Where we believe disclosure is necessary to protect the rights, property, security, or safety of us, Store Owners, customers, Shopify, or others;
• In connection with, or during negotiations of, any merger, sale of company assets, financing, restructuring, or acquisition of all or part of our business; and
• With consent or at the direction of the Store Owner or other authorised user.

Subprocessors and Service Providers

The following providers may process information in connection with Order Printer Pro. Not every provider receives every category of data, and some providers apply only when a Store Owner uses a specific feature.

We may also use the following providers in limited or conditional contexts:

Cookies, Analytics, and Tracking

We use cookies, pixels, tags, and similar technologies to operate the Services, maintain sessions, secure requests, understand usage, measure conversions, and improve Order Printer Pro. This includes Shopify session and OAuth-related technologies, Google Analytics, Google Tag Manager, Google Ads conversion tracking, Meta Pixel, Mixpanel, Intercom, and similar operational tools described above.

Public or marketing-facing pages may include advertising and conversion tags. Logged-in merchant areas may include product analytics, support widgets, and operational monitoring. Browser controls may allow you to block or delete some cookies, but doing so may affect how the Services work.

Aggregate and De-Identified Information

We may aggregate and/or de-identify information collected through the Services so that it can no longer reasonably be linked to you, a Store Owner, a customer, or a device. We may use such information for lawful purposes, including analytics, reporting, research, marketing, service improvement, and security.

International Transfers

We are based in the United Kingdom and use service providers that may process information in the United Kingdom, the European Economic Area, the United States, and other countries. These countries may have data protection laws that differ from those in your jurisdiction.

Where we transfer personal information outside the EEA or the United Kingdom, we implement appropriate safeguards in accordance with applicable law, which may include the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, adequacy decisions, or other lawful transfer mechanisms.

Data Retention

We retain personal information for as long as reasonably necessary to provide the Services, fulfil the purposes described in this Policy, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and keep appropriate business records.

Retention periods vary depending on the nature of the information and the feature used:

• Shopify customer and order data is generally fetched on demand and is not stored as full long-term customer or order records in the application database;
• Fetched order data may be temporarily cached for performance and document rendering, typically for short periods such as two hours for fetched order records and up to 48 hours for example order data;
• Temporary PDF and ZIP files generated for exports are deleted after generation and email delivery workflows complete or fail;
• Finished export records, including order IDs, template IDs, export recipient email addresses, status, error metadata, and timestamps, are retained for up to 60 days for export history, deduplication, retry, support, and operational purposes. Active export records are retained while the export workflow is pending or processing;
• Merchant account, shop configuration, template, uploaded asset, billing, support, analytics, and operational records may be retained for the duration of the merchant relationship and longer where required for legal, accounting, security, dispute resolution, or legitimate business purposes; and
• Optional Peppol records may be retained as needed to provide e-invoicing functionality, support invoice status workflows, comply with legal obligations, and maintain business records.

Data Subject Rights

Depending on where you are located, you may have rights under applicable data protection law, including the right to:

• Request access to your personal information;
• Request correction of inaccurate personal information;
• Request erasure of personal information;
• Object to processing of personal information;
• Request restriction of processing;
• Request portability of personal information;
• Withdraw consent, where processing is based on consent; and
• Lodge a complaint with a supervisory authority.

If you are a merchant or other direct user of Order Printer Pro and wish to exercise these rights, contact us using the details below.

Where Order Printer Pro processes customer or order data on behalf of a Store Owner, customer requests relating to that data should be directed to the relevant Store Owner. We will assist Store Owners with data subject requests as required by applicable law and our agreements.

Third-Party Services and Websites

The Services may contain content from and hyperlinks to websites, locations, platforms, and services operated by third parties, including Shopify, help documentation, support tools, partner pages, and other Shop Circle properties. These third parties may process information according to their own privacy policies. We encourage you to review the privacy policies of any third-party services you use.

Children's Privacy

The Services are not directed to individuals under the age of 16. We do not knowingly collect personal information directly from children under 16. If you become aware that a child has provided us with personal information, please contact us and we will take appropriate steps.

Security

We use technical and organisational measures designed to protect personal information against unauthorised access, use, disclosure, alteration, and loss. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, legal requirements, service providers, subprocessors, or operational needs. We encourage you to review this Policy periodically. If we make material changes, we will take reasonable steps to notify affected users as required by applicable law.

Governing Law

This Policy and any disputes arising out of or in connection with it shall be governed by and construed in accordance with the laws of England and Wales. The courts of England and Wales shall have non-exclusive jurisdiction.

Contact

For questions about this Policy, to exercise your rights, or to contact us about privacy matters, please contact us at:

• support@orderprinterpro.com
• hello@orderprinterpro.com