Data processing (DPA)
Effective 1 July 2026 ยท applies to trackchat.in, app.trackchat.in and the TrackChat Shopify app
1. Roles & instructions
You (the merchant) determine the purposes of processing customer personal data; TrackChat processes it solely to deliver the features you enable, on your documented instructions โ that is, your in-app configuration of couriers, templates, automations and channels.
2. What is processed
Customer name, shipping address, phone number and email (to create shipments and send order updates); WhatsApp and email message content (only if you use the Inbox); abandoned-checkout contents; support-ticket text and customer-submitted media; courier tracking events; payment-link status metadata. Only the minimum needed for each feature flows to each provider.
3. Sub-processors
Shopify (platform and source of order data); Railway (application hosting and managed PostgreSQL with encryption at rest and encrypted backups); Meta Platforms (WhatsApp Business Platform โ receives the customer phone number and the message content you configure); Delhivery and Blue Dart / DHL (couriers โ receive name, address, phone and order details needed to deliver, on your own accounts); Razorpay (payment links and refunds โ receives amount and order reference, never card data from us); Zoho Corporation (support mailbox, if you connect email); Google (Ads conversion sync, only if you enable it). We notify listed changes 30 days before a new sub-processor handles personal data.
4. Security measures
TLS 1.2+ in transit everywhere; merchant API credentials encrypted at the application layer with AES-256-GCM before storage; database and backups encrypted at rest; least-privilege access limited to the app's service credentials; access to personal data logged; production and development data fully separated.
5. Data subject requests & audit trail
Shopify's customers/data_request webhook is implemented so you can fulfil a buyer's access request from the data we hold; customers/redact erases that customer's phone numbers, chat history and shipment payloads. Every redaction, data request and shop erasure is recorded โ event, row counts, outcome, timestamp โ in a compliance audit log kept as evidence of fulfilment (without personal data).
6. Retention, deletion & breach notice
Personal fields are purged on a rolling 90-day schedule (notification-log phone numbers, raw courier payloads, idle chat threads). On uninstall, the shop-redaction request Shopify sends ~48 hours later triggers erasure of the store's data set. In the event of a personal-data breach we notify affected merchants without undue delay โ within 72 hours per GDPR/DPDP expectations, and within 24 hours to Shopify per platform requirements.
ยฉ 2026 zsellr (OPC) Private Limited ยท GSTIN 06XXXXXXXXXXXXX ยท Gurgaon, Haryana, India