Local Delivery Premium — Shopify App
This Privacy Policy describes how Local Delivery Premium (“we”, “our”, or “the App”), operated by Locate Technologies, collects, uses, stores, and protects information when you use our Shopify application. By installing or using the App, you agree to the practices described in this policy.
Local Delivery Premium is a delivery and pickup scheduling application for Shopify merchants. It enables merchants to offer their customers the ability to select a preferred delivery or pickup date, time slot, and location during checkout.
When a merchant installs our App, we receive the following customer information from Shopify orders via the Shopify Admin API:
| Data Type | Specific Fields |
|---|---|
| Name | Customer first name and last name |
| Customer email address | |
| Phone | Customer phone number |
| Address | Shipping address (street, city, province, postal code, country) |
| Order details | Order ID, order total, subtotal, shipping fee, currency, and order status |
When a customer uses our checkout widget to schedule a delivery or pickup, we collect the following information:
When a merchant installs the App, we store the following information:
Merchants configure the App through our admin dashboard. This configuration data includes:
We use customer data solely to provide the App’s core delivery and pickup scheduling functionality:
Delivery and pickup selections made by customers are used to:
Merchant data is used to:
We do not sell, rent, or trade customer personal data to any third party. Data is only shared with the following parties as described below:
We communicate with the Shopify Admin API to read order data, update order tags, and manage fulfillment. This communication is essential for the App to function and is governed by Shopify’s own privacy policy and terms of service.
If a merchant enables the Locate2u integration for route optimization, the following data is sent to Locate2u’s API:
This integration is entirely opt-in. Merchants must manually enable it and provide their own Locate2u API credentials. No data is shared with Locate2u unless the merchant explicitly configures and activates this integration.
We use the following infrastructure providers to host and operate the App:
These providers process data on our behalf under their respective privacy policies and security commitments. They do not use your data for their own purposes.
We take the security of your data seriously. The following measures are in place to protect your information:
We retain data only for as long as necessary to provide the App’s services. The table below outlines our retention periods:
| Data Type | Retention Period |
|---|---|
| Order data (customer names, emails, addresses, phone numbers, and order details) | Retained while the merchant has the App installed. Deleted upon merchant request or when Shopify sends a shop/redact webhook after app uninstallation. |
| Delivery scheduling selections | Retained while the merchant has the App installed. Deleted under the same conditions as order data. |
| Merchant configuration (locations, settings, and rules) | Retained while the merchant has the App installed. Fully deleted when Shopify sends a shop/redact webhook after app uninstallation. |
| Session and authentication data | Retained while the merchant has the App installed. Deleted when Shopify sends a shop/redact webhook. |
When a merchant uninstalls the App, Shopify sends a shop/redact webhook within 48 hours. Upon receiving this webhook, we permanently delete all data associated with that merchant’s store, including all orders, delivery selections, locations, settings, products, delivery rules, and session data.
We support the following data rights in compliance with the General Data Protection Regulation (GDPR) and other applicable privacy regulations:
You have the right to request a copy of the personal data we hold about you. When Shopify sends a customers/data_request webhook on your behalf, we compile the relevant data from our records and make it available to the merchant for disclosure to you.
You have the right to request the deletion of your personal data. When Shopify sends a customers/redact webhook, we redact all personally identifiable information from associated order records — including names, email addresses, phone numbers, and addresses — and delete any delivery scheduling selections associated with the customer.
Merchants can export their order and location data from the App at any time through the App’s built-in export functionality.
When a merchant uninstalls the App, all associated data is permanently deleted from our systems upon receiving Shopify’s shop/redact webhook. This includes data across all database tables: orders, delivery selections, delivery rules, products, locations, checkout settings, integration settings, and sessions.
To exercise any of these rights, you may:
We will respond to all valid data requests within 30 days of receipt.
The App does not use cookies, tracking pixels, or any browser-based tracking technologies. We do not track or monitor customer browsing behavior. The App uses Shopify session tokens for merchant authentication, which do not rely on third-party cookies.
The App is not directed at children under the age of 13 (or 16 in the European Union). We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child, we will promptly delete that data from our systems.
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make changes, we will update the “Last Updated” date at the bottom of this page. We encourage you to review this policy periodically.
If you have questions or concerns about this Privacy Policy or our data practices, please contact us: