Privacy Policy

Order Invoice Display

Shopify Public App

1. General Provisions

DienesArt Kft. (hereinafter “Controller,” “we,” or “our”) is committed to protecting the privacy of our users and customers. We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Hungarian laws.

We ensure that:

– Personal data is processed lawfully, fairly, and transparently;

– Data is collected for specified, explicit, and legitimate purposes only;

– Data is adequate, relevant, and limited to what is necessary;

– Data is accurate and kept up to date;

– Data is retained only as long as necessary;

Appropriate technical and organizational measures are applied to protect personal data from unauthorized access, accidental loss, destruction, or damage.

2. Data Controller Information

– Company name: DienesArt Kft.

– Registered seat: 1027 Budapest, Bem József utca 6. fsz. 3., Hungary

– Company registration number: 01 09 444561

– Tax number: 32824179-2-41 (HU32824179)

– Representative: Ádám Dienes, Managing Director

– Contact email:

3. Scope of the Privacy Policy

This Privacy Policy applies to:

– Merchants using our Shopify app (“Invoice Banner”)

– Shopify store data accessed for app configuration

– Communication and support interactions regarding the app

Important: Our app does not store or access end-customer personal data such as names, addresses, or payment information.

4. Categories of Data Accessed

The app accesses only the following data necessary to function:

4.1 Shopify Store Data

– Store name and URL

– Merchant email (for notifications and support)

– Shopify order ID and processed date (via metafields)

4.2 Invoice and Order Information (via metafields)

– Invoice ID

– Invoice PDF URLs

– Invoice URLs

– Invoice date

– Order notes (if configured in the app)

Note: We do not access sensitive payment information (credit card numbers, payment methods, etc.).

4.3 Technical Data

– Device and browser information (for rendering the app correctly)

– Logs for debugging and error tracking

5. Purpose of Data Processing

We process data only for the following purposes:

– Displaying invoice information and order notes within the Shopify app

– Ensuring the app functions correctly

– Supporting merchant requests or troubleshooting

– Maintaining security and integrity of app operations

– Complying with legal obligations, if applicable

6. Legal Basis for Processing

The legal bases under GDPR are:

– Article 6(1)(b) – necessary for the performance of a contract (use of the Shopify app)

– Article 6(1)(f) – legitimate interests (ensuring app functionality and security)

– Article 6(1)(c) – compliance with legal obligations, if applicable

7. Data Retention Period

Shopify store metafields and configuration data are retained only while the app is installed.

Support communications are retained up to 3 years after resolution.

Upon app uninstallation, data is deleted or anonymized unless legal retention obligations require otherwise.

8. Data Sharing and Third-Party Processors

To operate the app, we use trusted third-party services, including:

– Shopify – platform provider and source of store configuration data

– Hosting and storage providers – for app configuration and metafield processing

– Email providers – for support communications

– Analytics and error tracking tools – to improve app performance

These providers act as data processors and process data only according to our instructions.
We do not sell or share personal data for marketing purposes.

9. Transfers Outside the EEA

If data is transferred outside the European Economic Area (EEA), we ensure:

– Adequate safeguards such as EU Standard Contractual Clauses (SCCs)

– Compliance with GDPR transfer requirements

10. Security Measures

We implement appropriate technical and organizational measures, including:

– HTTPS encryption for API calls and data transmission

– Access controls for app administrators

– Secure cloud storage and hosting

– Logging and monitoring for debugging and error tracking

11. Automated Decision-Making

Our app does not perform automated decision-making or profiling that produces legal or similarly significant effects.

12. Data Subject Rights

Merchants have the right to:

– Access their personal data

– Request correction of inaccurate data

– Request deletion of data (“right to be forgotten”)

– Restrict processing

– Data portability

– Object to processing based on legitimate interest

– Lodge a complaint with a data protection authority

Requests may be submitted to

13. Supervisory Authority

In Hungary, the competent authority is the National Authority for Data Protection and Freedom of Information (NAIH).

14. Changes to This Policy

We may update this policy periodically to reflect changes in app functionality, legal requirements, or operational practices.
The updated policy will be available in the app and on our website.

DienesArt.
Powered by  GDPR Cookie Compliance
Adatvédelmi áttekintés

Ez a weboldal sütiket használ, hogy a lehető legjobb felhasználói élményt nyújthassuk. A cookie-k információit tárolja a böngészőjében, és olyan funkciókat lát el, mint a felismerés, amikor visszatér a weboldalunkra, és segítjük a csapatunkat abban, hogy megértsék, hogy a weboldal mely részei érdekesek és hasznosak.