Chargeback Copilot Privacy Policy

Last updated: March 4, 2026

Install on Shopify Data access Free evidence PDF Evidence checklist builder Sample pack Checklist Shopify disputes Friendly fraud Privacy · Terms · Pricing

Know your store domain? Start the free dispute evidence workflow directly in Shopify Admin.

Free plan: 3 evidence PDFs per month, demo mode, no credit card for the free workflow.

Chargeback Copilot helps merchants prepare dispute evidence packs. This policy explains what data we access, why we use it, and how we protect it.

Who this policy applies to

This policy applies to merchants and merchant staff who install and use Chargeback Copilot in their store admin.

Data roles

For merchant store and transaction data, the merchant is the controller and Chargeback Copilot acts as processor.
For app account, billing, and service reliability data, Chargeback Copilot acts as controller.

Data we access

Order, fulfillment, and shipping records needed for dispute support files
Limited customer identity and contact details tied to disputed orders
Payments dispute records, amounts, reasons, deadlines, and status updates
Store identifiers and app installation metadata

How we use data

Generate dispute evidence packs, checklists, and downloadable PDF summaries
Display deadlines, dispute status, and workflow context inside the app
Provide customer support and investigate errors
Maintain security and reliability logs

Lawful basis

We process data to perform our contract with merchants, provide the requested service, and maintain platform security and reliability.

Sharing and subprocessors

Cloudflare provides hosting, runtime, and data storage infrastructure.
An optional email provider is used only when merchants enable dispute alerts.
We do not sell personal data.

International transfers

Service providers may process data in multiple regions. Where required, we apply contractual and organizational safeguards for cross-border transfers.

Cookies and local storage

Chargeback Copilot uses only necessary session/context storage to keep merchants authenticated and the embedded app working correctly.

Retention and deletion

Data is retained while the app is installed, unless deletion is requested sooner.
Uninstall and redaction events trigger deletion workflows for app-held data.
We keep limited logs only as long as needed for security, debugging, and legal compliance.

Security

We use access controls, encryption in transit, and verification checks on incoming platform requests. No system is perfectly secure, but we continuously improve safeguards.

Data subject requests

The app supports platform compliance webhooks for customer data requests and redaction. Merchants may also contact us directly for privacy requests.

Your rights

Depending on your location, you may have rights to request access, correction, deletion, objection, restriction, or portability of personal data.

Children's privacy

Chargeback Copilot is a business tool and is not intended for use by children.

Policy updates

We may update this policy from time to time. Material changes will be reflected by the "Last updated" date above.

Contact

For privacy requests, contact support@chargebackcopilot.app.