- The General Data Protection Regulation (GDPR) for European Union and European Economic Area residents
- The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for California residents
- The Personal Information Protection and Electronic Documents Act (PIPEDA) for Canadian residents
- Other applicable state, federal, and international privacy laws
Data Controller
LOWBA LLC, a company located at 8 The Green #16433, in the city of Dover, DE 19901, registered under Tax ID (EIN): 93-3540339, and reachable at privacy@ollie.shop, acts as the Data Controller for personal data provided directly by users when using its website and services, or as a Data Processor for personal data collected from third parties in connection with the provision of its services. Data Controller vs. Data Processor Roles:- For merchant configuration data: Ollie acts as Data Controller
- For checkout session data: Ollie acts as Data Processor on behalf of merchants, who are the Data Controllers
- For log data: Ollie acts as Joint Controller with merchants, with the following responsibilities:
- Merchants determine the log retention period (within Ollie’s maximum limits)
- Ollie implements technical measures for automatic redaction
- Both parties are responsible for responding to data subject requests related to their respective processing activities
- Email: privacy@ollie.shop
- DPO: Bruno Moreira, CTO
Scope of this Privacy Policy
This Privacy Policy applies to all individuals whose personal data is processed by Ollie, whether through the use of its website, services, or other interactions with the company.Personal Data Collected
Ollie collects, stores, and processes the following types of personal data provided directly by users:Full Name
Email Address
Phone Number
Address
If users provide personal data of third parties, they must ensure they have authorization to do so. Ollie is not responsible for such disclosures.
Ollie does not actively collect sensitive personal data. However, if users voluntarily provide such data, they explicitly consent to its processing in accordance with this Privacy Policy.
How Ollie Processes Checkout Data
Ollie operates as a headless checkout platform that customizes the checkout experience between shoppers and merchants’ e-commerce platforms. Our architecture is designed to minimize the storage of personal data: Transient Processing:- Checkout data (cart contents, customer information, addresses) flows through Ollie infrastructure without persistent storage
- Personal data is processed in real-time and forwarded to the merchant’s commerce platform, which serves as the system of record
- Payment information is transmitted directly from the shopper’s browser to the commerce platform and never passes through Ollie servers
- Merchant store configurations and checkout customization settings
- Merchant-provided serverless functions for checkout customization
- System logs (see “Logging and Data Retention” section below)
- Checkout form submissions or cart contents
- Customer personal information from checkout sessions
- Payment card information
- Shipping or billing addresses from transactions
Purpose of Data Processing
Ollie processes personal data for the following purposes:- Compliance with legal and regulatory obligations, including tax reporting and government filings.
- Communication with customers, partners, and stakeholders regarding Ollie’s services.
- Enhancement of website and service offerings by analyzing user interactions.
- Customer support and inquiries related to Ollie’s services.
- Marketing and promotional activities, subject to user consent.
- Execution of contracts or pre-contractual measures with users.
- Legitimate business interests, except where overridden by users’ rights and freedoms.
- System reliability, security monitoring, and merchant debugging capabilities through time-limited log retention.
Data Sharing
Ollie operates as a transient processing layer and does not persistently store or share personal data from checkout sessions. Personal data flows through our infrastructure and is forwarded directly to:- Merchant’s commerce platform: The system of record that stores and processes customer orders, profiles, and transactions
- Legal compliance: In response to court orders, subpoenas, or other legal requests
- Regulatory obligations: To comply with tax, audit, or other governmental requirements
- Infrastructure providers: With AWS and Vercel for hosting and operational services
- Sub-processors: As documented in our Data Processing Agreement (available upon request)
- Logs are accessible only to the specific merchant and authorized Ollie personnel
- Log data may be subject to legal disclosure requirements during the retention period
Data Security Measures
Ollie implements appropriate technical and organizational measures to protect personal data, including:- Data mapping and monitoring of processing activities.
- Incident response plans to address data breaches.
- Employee training on data protection and privacy best practices.
- Data encryption and access controls to restrict unauthorized access.
- Designation of a Data Protection Officer (DPO) to oversee compliance.
USER RIGHTS
Under the CCPA, CPRA, and PIPEDA, users have the following rights:- Access: Request access to their personal data.
- Correction: Request correction of inaccurate or outdated data.
- Deletion: Request deletion of personal data, subject to legal obligations.
- Data portability: Obtain a copy of their personal data in a structured, commonly used format.
- Objection: Object to certain data processing activities.
- Withdrawal of consent: Revoke previously given consent at any time.
- Restriction of processing: Request that we limit how we process your data in certain circumstances.
Additional CCPA/CPRA Rights for California Residents
California residents have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:- Right to know: Request information about the categories and specific pieces of personal information we collect, use, disclose, and share
- Right to delete: Request deletion of personal information we have collected about you
- Right to opt-out: Opt-out of the “sale” or “sharing” of personal information (note: Ollie does not sell or share personal information for cross-context behavioral advertising)
- Right to non-discrimination: Exercise your privacy rights without receiving discriminatory treatment
Exercising Rights Regarding Log Data
For personal data that may appear in system logs:- Access requests: We can provide information about whether your personal data appears in our logs, though log data is indexed by session identifiers rather than individual identity
- Deletion requests: You may request deletion of your personal data from logs before the automatic redaction period. Please provide session identifiers or timestamps to help us locate the specific data
- Automatic redaction: All personal data in logs is automatically and irreversibly removed within the configured retention period (maximum 30 days), regardless of whether a deletion request is submitted
Exercising User Rights
To exercise any rights under this Privacy Policy, users may contact Ollie at privacy@ollie.shop. Requests must include sufficient identification and details for proper processing.Logging and Data Retention
System Logs and Debugging Tools
Ollie uses centralized observability tools (including Grafana) to monitor system performance and enable merchants to debug and continuously improve their custom checkout implementations. During normal operations, system logs may transiently contain personal information from checkout sessions, including:- Email addresses
- Customer names
- Shipping and billing addresses
- Order identifiers and session IDs
- Request metadata
Time-Limited Log Retention with Automatic Redaction
To balance the operational necessity of debugging tools with privacy protection and GDPR/CCPA compliance, Ollie implements an automated log redaction system: Retention Periods:- Logs containing personal data are retained in their original form for a merchant-configurable period (maximum 30 days)
- This retention window enables merchants to effectively debug issues, trace errors, and improve their custom checkout implementations
- After the configured retention period, all personal data in logs is automatically and irreversibly redacted
- Personal information (email addresses, names, addresses, and other PII) is automatically masked or removed from logs after the retention period
- Redaction is performed using pattern-matching algorithms
- Technical metadata and non-personal diagnostic information is preserved to maintain long-term system performance insights
- The redaction process is automatic and irreversible
- Each merchant can configure their preferred PII retention period (from immediate redaction up to 30 days maximum)
- Merchants can adjust this setting based on their specific compliance requirements and debugging needs
- Access to logs containing personal data is restricted to:
- The specific merchant who owns the checkout implementation
- Authorized Ollie personnel for critical system reliability and security purposes
- Role-based access controls enforce strict separation between merchant data
- All log access is audited and monitored
- Legitimate interests (GDPR Article 6(1)(f)): Ensuring system reliability, security, and enabling merchants to debug and improve their services
- Performance of contract (GDPR Article 6(1)(b)): Providing merchants with operational tools necessary to deliver their checkout services
Data Retention Summary
Configuration and Operational Data:- Merchant store configurations and checkout customization settings: Retained for the duration of the merchant relationship
- Deleted configurations: Removed within 30 days
- Checkout session data (cart contents, customer information): Not retained by Ollie
- This data is processed transiently and forwarded to the merchant’s commerce platform
- Logs containing personal information:
- Original form with PII: Merchant-configurable (maximum 30 days)
- Redacted form (PII removed): Retained indefinitely for technical analysis
- Aggregated, anonymized usage metrics: Retained indefinitely
GDPR and CCPA Compliance Framework
Privacy by Design
Ollie’s platform implements privacy-by-design principles to minimize privacy risks:- Data minimization: We process only the minimum personal data necessary for system operation
- Transient processing: Checkout data flows through our system without persistent storage
- Automatic redaction: PII in logs is automatically removed after a limited, configurable period (maximum 30 days)
- Encryption: All data in transit is encrypted using TLS 1.2 or higher
- Access controls: Strict role-based access limits exposure of personal data
- PCI DSS Level 1 compliance: Demonstrating adherence to strict security standards for payment environments
International Data Transfers
Ollie’s infrastructure is hosted on Amazon Web Services (AWS) and Vercel across multiple regions. For transfers of personal data outside the EEA or other jurisdictions with data protection laws:- We rely on AWS and Vercel’s certifications, adequacy mechanisms, and Standard Contractual Clauses (SCCs)
- Data Processing Agreements (DPAs) with Standard Contractual Clauses are available to all merchants upon request
- Merchants can request information about specific data processing locations by contacting privacy@ollie.shop
Data Processing Agreements
Standard Data Processing Addenda (DPA) are available to all merchants and include:- Standard Contractual Clauses for international data transfers
- Security measures and technical safeguards
- Sub-processor lists and notification procedures
- Data subject request handling procedures
- Breach notification obligations