Legal

Privacy Policy

How WolfSell collects, uses, stores, and protects your personal data — in compliance with the GDPR (EU) 2016/679 and applicable national laws.

Last updated: 20/06/2026

Data Controller

The Data Controller for the personal data processed in connection with the WolfSell application is:

  • Name: Wolfsell
  • Address: Viale della repubblica, Prato, PO, 59100, IT
  • Email: support@wolfsell.com

Nature and Types of Data Collected

WolfSell collects the following categories of personal data relating to the merchant (store owner):

  • Shopify store owner`s email address: used to identify your account, ensure secure access to the service, and manage communications strictly related to the provision and improvement of the service.
  • Shopify store name and domain: collected to associate your account with the related store, ensuring personalized management and an optimized user experience.
  • Billing and usage records: data on accepted upsells and applicable billing tier, processed to operate the usage-based pricing of the service and to comply with accounting and tax obligations.
  • Aggregated and anonymized analytics: general information about application usage, such as total number of processed orders, conversion rates, and other non-identifying data useful for service improvement.

Data relating to your store`s end customers is addressed separately under “Processing of Your Customers` Data”.

Purpose of Data Processing

The personal data collected are processed exclusively for:

  • Service management and optimization: to provide a precise, timely, and personalized service, improve your overall experience with WolfSell, and enable efficient communication and technical support.
  • Billing and account administration: to operate usage-based pricing, manage your plan, and meet legal and accounting obligations.
  • Service analysis and development: through anonymous and aggregated statistical data, to identify areas for improvement, refine features, and increase overall service quality.
  • Security and fraud prevention: to protect the service, our users, and our systems against misuse, abuse, and security threats.

Processing of Your Customers` Data

WolfSell operates within your store`s native checkout extension and may process information relating to your store`s end customers and their orders solely to display and process post-purchase offers on your behalf.

For this data, you (the merchant) act as the data controller and WolfSell acts as a data processor, processing such data only on your documented instructions and exclusively for the purpose of providing the service. WolfSell does not sell end-customer data and does not use it for its own purposes. We support standard data subject request and erasure flows, including the mandatory customers/data_request, customers/redact, and shop/redact webhooks provided by Shopify.

Data Sharing and Disclosure

WolfSell will not sell, disclose, or share your personal data with third parties, except in the following circumstances:

  • With the sub-processors described in the next section, strictly to provide and operate the service.
  • Upon explicit request by competent judicial or administrative authorities in the context of legal proceedings or official investigations.
  • When necessary to protect and defend the rights, safety, or property of WolfSell, its users, or third parties, in full compliance with applicable laws.

Sub-processors

To provide the service, WolfSell relies on a limited number of trusted third-party providers (sub-processors) that may process personal data on our behalf, such as cloud hosting and infrastructure, database services, and communication or analytics tools. These providers are bound by contractual obligations to process data only as instructed and to maintain appropriate technical and organizational security measures. A current list of sub-processors is available on request at support@wolfsell.com.

International Data Transfers

Personal data is primarily processed within the European Economic Area (EEA). Where data is transferred to or accessed from outside the EEA, we ensure that appropriate safeguards are in place, such as the European Commission`s Standard Contractual Clauses or an adequacy decision.

Cookies

The WolfSell application and website may use strictly necessary cookies and similar technologies required for authentication, security, and core functionality. We do not use cookies for advertising. Where non-essential cookies are used, we request your consent beforehand.

User Responsibilities

It is your responsibility to ensure that the personal data provided are accurate, complete, and up-to-date. You must promptly communicate any changes to guarantee the correct provision of the WolfSell service.

Data Security

WolfSell adopts technical, organizational, and procedural measures to protect the personal data collected from unauthorized access, accidental loss, manipulation, alteration, or improper disclosure. These measures include access controls, data encryption, monitoring, and periodic reviews. Our security practices are regularly updated to maintain a high level of protection and regulatory compliance.

Data Retention Period

Personal data will be retained only for the period strictly necessary to achieve the purposes specified in this Policy or to comply with applicable legal obligations (for example, billing and accounting records). At the end of this period, the data will be deleted or irreversibly anonymized.

User Rights

In accordance with data protection laws, you have the right to:

  • Access your processed personal data.
  • Request correction or completion of inaccurate or incomplete data.
  • Request deletion of your personal data.
  • Restrict or object to the processing of your data.
  • Request portability of your personal data.
  • Lodge a complaint with a supervisory authority. In Italy, this is the Garante per la protezione dei dati personali (www.garanteprivacy.it).

To exercise these rights or for further clarification, contact the Data Controller using the details below. WolfSell will respond promptly and in any case within 30 days from receipt of the request.

Children`s Data

WolfSell is a business-to-business service that is not directed at children. We do not knowingly collect personal data from individuals under the age of 16. If you believe such data has been provided to us, please contact us so we can take appropriate action.

Relationship with Shopify

WolfSell operates independently on the Shopify platform. Shopify is not responsible for the data processing carried out by WolfSell; therefore, any requests regarding personal data must be addressed exclusively to WolfSell.

Changes to the Privacy Policy

WolfSell reserves the right to periodically update this Policy, adapting it to regulatory changes or improvements in data management. Changes will be published and communicated through the application, with an updated “Last updated” date. We recommend reviewing this Policy regularly to stay informed.

Contacts

For further information, questions, or requests, you can contact our team directly:

WolfSell Team

Email: support@wolfsell.com

Questions about your data?

Contact the WolfSell team directly — we respond within 30 days of any data request.