Privacy Policy
OrderGuard is a shipping protection service operated by Whmoro, doing business as OrderGuard ("OrderGuard", "we", "us"). This Privacy Policy explains what personal information we collect, how we use and share it, and the choices and rights you have. It is governed by the laws of the State of Idaho, USA, without regard to its conflict-of-law provisions.
This policy covers two groups of people. The first is our merchant users — the Shopify store operators who install and use OrderGuard. The second is shoppers — the customers of those merchants who purchase shipping protection at checkout and who may later file a claim if a package is lost, damaged, or stolen. Where a term like "you" applies differently to these groups, we make that clear in context.
Introduction
OrderGuard provides shipping protection for online stores. When a merchant installs our app, their shoppers can add package protection to an order at checkout. If a protected package is lost, damaged, stolen, returned to sender, or otherwise affected by a shipping issue, the shopper can file a claim through our portal, and we resolve eligible claims with either a refund or a replacement order, at OrderGuard's discretion.
We take privacy seriously and aim to collect only the information we need to deliver and support this service. This policy describes those practices in plain language. It is a foundational version (v1.0) and may be updated as our product and legal obligations evolve, as described in "Changes to this policy" below.
Information we collect
We collect information in three ways: information you provide to us directly, information we collect automatically when you use our marketing site, and information we receive from third parties such as the commerce platform a merchant uses. We describe each below.
Information you provide directly
If you are a merchant user, you provide business and account information when you set up and operate OrderGuard, including your store name, your store's domain and public URL, and contact details such as an email address and, optionally, a phone number.
If you are a shopper filing a claim, you provide the details needed to evaluate that claim. This includes the type of claim (for example, lost, damaged, stolen, returned to sender, wrong item, or other), free-text descriptions you write to explain what happened, comments you add to a claim, and any photos or documents you upload as evidence to support it.
Information collected automatically
On our public marketing website, we collect limited analytics information such as pages viewed and basic usage events, subject to your consent and the controls described in "Cookies and tracking." We strip personal identifiers from this analytics data before it is sent. We do not run this marketing analytics inside the authenticated OrderGuard app used by merchants or shoppers.
We also use an error-monitoring service to record technical diagnostic information when something goes wrong, so we can detect and fix problems. These records are filtered to remove certain sensitive values, such as email addresses and authentication tokens, before they are stored.
Information from third parties
When a merchant installs OrderGuard on their store, we receive order information from the merchant's commerce platform (Shopify) by way of order notifications. This typically includes the shopper's name and email address, the order details, and the shipping (ship-to) address for the order. We do not collect or store billing addresses.
We also receive identity and authentication information from our authentication provider (Clerk) when a merchant user or a shopper signs in to an OrderGuard portal. That provider manages sign-in credentials and account identity on our behalf; in our own systems we store only the identifiers needed to link an account to its activity.
How we use information
We use the information we collect to provide, operate, secure, and improve OrderGuard. For merchants, this means setting up your store, operating the protection offering at checkout, processing claims, and billing. For shoppers, this means letting you purchase protection, file and track claims, and receive a resolution.
More specifically, we use information to: enable shoppers to add shipping protection to an order and to record whether an order is protected; evaluate and resolve claims, including reviewing the evidence and details you provide and issuing a refund or a replacement order; maintain the financial records associated with protection fees and claims; invoice merchants for protection fees collected, net of the agreed revenue share; communicate with you about your account, your orders, and your claims; monitor, secure, troubleshoot, and improve our service; and comply with our legal obligations.
For individuals in the European Union or European Economic Area, our lawful bases for this processing are: performance of a contract, for operating the protection offering, processing and resolving claims, and billing; our legitimate interests, for securing our service, preventing fraud, monitoring errors, and improving what we offer; your consent, for analytics on our marketing site; and compliance with a legal obligation, for the financial and accounting records we are required to keep.
We never sell your personal information. We do not rent, trade, or sell the personal information of merchants or shoppers, and we do not share it for cross-context behavioral advertising. We share information only with the service providers that help us operate OrderGuard, as described below.
Information sharing
We do not sell your personal information. We share it only as needed to run our service, with the categories of recipients described here, and as required by law.
We rely on a small set of service providers (sometimes called processors) that handle information on our behalf and under our instructions. These currently include: Shopify, the commerce platform from which we receive order information; Clerk, which provides authentication and account identity; DigitalOcean, which provides our database hosting and file storage, including storage of claim evidence files; Amazon Web Services (AWS), which carries order notifications through our event and queuing pipeline; Sentry, which provides error monitoring; and Google Analytics, which provides analytics for our marketing website only.
Separately from these providers, when a shopper purchases protection or files a claim, the related order, claim, and evidence information is shared with and accessible to the merchant whose store the shopper used. That merchant is a distinct party, not one of our service providers, and it handles that information under its own privacy practices.
We are also integrating additional providers as our service grows. We are onboarding Stripe to process invoice payments, and we are integrating Postmark for transactional email. When these providers begin handling personal information, they will do so under the same processor framework described above.
We may also disclose information when we believe in good faith that doing so is required to comply with applicable law, legal process, or a lawful governmental request; to enforce our agreements; to protect the rights, property, or safety of OrderGuard, our users, or others; or in connection with a merger, acquisition, financing, or sale of assets, in which case we will require the recipient to honor commitments consistent with this policy.
Data retention
We keep personal information for as long as it is necessary to provide OrderGuard, to support and resolve claims, to maintain the financial and billing records associated with the service, and to meet our legal, accounting, and compliance obligations. When information is no longer needed for these purposes, we take steps to remove or anonymize it.
Because retention needs differ by record type — for example, claim and transaction records may need to be kept longer than other data for financial and dispute-resolution purposes — we do not apply a single fixed retention period to all information. If you would like to request deletion of your information, see "Your rights" below.
Security
We use technical and organizational measures designed to protect personal information. Sensitive fields are encrypted at rest using industry-standard encryption — this includes shopper names and email addresses, merchant email addresses and phone numbers, and the precise parts of a shipping address such as the street lines and any geographic coordinates. We also apply access controls so that information is reached only through our authenticated, permission-checked systems, and we scope access to information so that one merchant cannot reach another merchant's data.
Some operational data — such as coarse geographic fields used for shipping and region purposes, store names and URLs, and certain free-text claim notes — is stored without encryption because it is needed in plain form to operate the service or because it does not by itself identify a person. No method of transmission or storage is completely secure, and while we work to protect your information, we cannot guarantee absolute security.
Your rights
Depending on where you live, you may have rights regarding your personal information. The rights we can act on today are access to and a copy (export) of the personal information we hold about you, and deletion of that information. To exercise either of these, contact us by email using the details in "Contact" below; our team handles these requests on your behalf, as we do not currently offer a self-service download-or-delete portal.
When we act on a deletion request for a shopper, we remove or anonymize the shopper's identifying details (such as name and email), the associated shipping address, and any uploaded claim evidence files. A merchant user who wants to access or delete their own information can make the same request on the email channel above, and our team will handle it manually. Some records, such as claim and transaction history kept for financial and legal reasons, may be retained as permitted by law. We will tell you if we cannot fully complete a request and why.
Residents of other US states with comprehensive privacy laws may have similar rights, including the right to access, delete, or correct their personal information. You can make any of these requests on the same email channel, and if we deny a request you may ask us to reconsider it by replying to our response, which we will review. We will respond to verified requests within the time required by applicable law, and an authorized agent may submit a request on your behalf with proof that they are permitted to act for you.
California residents (CCPA/CPRA)
If you are a California resident, you may request to know and access the personal information we hold about you and request that we delete it. You also have the right not to be discriminated against for exercising these rights. As stated above, we do not sell your personal information and we do not share it for cross-context behavioral advertising. Any precise geolocation we hold is collected only as part of a shipping address and is used solely to provide and support the protection service, not to infer characteristics about you, so we do not offer a separate right to limit its use. To exercise your rights, contact us by email using the details in "Contact" below, and we will verify and process your request.
EU/EEA residents (GDPR)
If you are in the European Union or European Economic Area, you may request access to and a copy of your personal information (Article 15) and request its erasure (Article 17). You may also contact us to ask about other rights you may have under the GDPR, such as correction of inaccurate information and restriction of or objection to certain processing, and you may lodge a complaint with your local data protection authority. To make a request, contact us by email using the details in "Contact" below; we handle these requests directly rather than through an automated portal.
International transfers
OrderGuard is operated from the United States, and the service providers we use may also process information in the United States or other countries. If you access OrderGuard from outside the United States, your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your country. Where required, we use appropriate safeguards for international transfers of personal information.
Children's privacy
OrderGuard is intended for businesses and their adult customers. It is not directed to children, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us using the details in "Contact" below, and we will take appropriate steps to delete it.
Third-party links
Our website and app may contain links to third-party websites and services, including the merchant stores that use OrderGuard and the providers we work with. We are not responsible for the privacy practices or content of those third parties. We encourage you to review the privacy policies of any third-party site or service you visit.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, our service, or applicable law. When we make material changes, we will update the version or date shown with the policy and, where appropriate, provide additional notice. We encourage you to review this policy periodically to stay informed about how we protect your information.
Contact
If you have questions about this Privacy Policy or wish to exercise any of your privacy rights, please contact us by email using the address shown below. We are happy to help and will respond as promptly as we reasonably can.