Privacy Policy

Revoq — EU Withdrawal Button / Widerrufs-Button

Effective date: 20.03.2026
Last updated: 20.05.2026

This Privacy Policy explains how Revoq (formerly “EU Withdrawal Button”; also referred to as the “App”, “we”, “us”) processes personal data in connection with the App. It is intended to meet the information requirements under Articles 13 and 14 GDPR.

1) Controller (Merchant Data) and Contact

Controller:
Jonas Busch (Einzelunternehmer)
Email: hello@buschbytes.com

2) Roles Under Data Protection Law

Depending on the context, we act in different roles:

A) End-customer data (Processor)

For personal data of a merchant’s end customers (withdrawal-related data), we act as a data processor (Art. 28 GDPR) on behalf of the merchant, who is the controller. The details of this processing relationship are governed by our Data Processing Agreement (DPA/AVV), available at consumer-withdrawal.eu/dpa.

B) Merchant data (Controller)

For personal data relating to merchants (e.g., store account administration, support, security), we act as an independent controller.

3) Categories of Personal Data We Process

A) Merchant data (Controller)

• Shopify store name and store email address
• Shopify identifiers necessary to operate the App (e.g., shop ID, access tokens where applicable)
• Support communications (content you provide via support chat, contact form, or email)
• Technical logs related to merchant use of the App (e.g., timestamps, request metadata)

B) End-customer data (Processor, on behalf of merchants)

To handle electronic withdrawal requests, Revoq processes:

• Name (first and/or last name)
• Email address
• Order number / contract reference
• Timestamps (date and time of withdrawal declaration and confirmation)
• Withdrawal status (new / in_progress / completed / rejected)
• Browser language data (Accept-Language header for automatic language selection)

We do not collect withdrawal reasons or any additional end-customer tracking data beyond what is strictly required for withdrawal handling.

C) Technical and security data (Controller)

• Server logs (e.g., request time, endpoint accessed, status codes)
• Webhook event metadata
• Error and performance telemetry (see Sentry below)

4) Sources of Personal Data (Art. 14 GDPR)

Where personal data is not obtained directly from the data subject, it is typically received from the merchant’s Shopify store environment via Shopify APIs and webhooks, and/or from the merchant’s storefront withdrawal flow enabled by the App. Merchant data is provided by the merchant via Shopify and via communications with us.

5) Purposes of Processing

A) Withdrawal handling (Processor)

• Receiving and processing electronic withdrawal requests submitted by end customers on behalf of the merchant
• Enabling the merchant to manage withdrawal requests in the App (e.g., status changes, notes, audit trail where applicable)

B) Confirmation and communication (Processor)

• Sending the legally required acknowledgment of receipt (confirmation email) to the end customer on behalf of the merchant

C) Operation, security, and support (Controller)

• Providing and maintaining App functionality
• Preventing abuse, fraud, and ensuring IT security
• Troubleshooting and error diagnosis
• Responding to support inquiries

D) Partner Programme enrollment (Controller)

When an agency or reseller submits the partner enrollment form on consumer-withdrawal.eu/partner, we process the following data in order to evaluate the application, respond personally, and set up the partnership:

• Contact name
• Agency / company name
• Business email address
• Website (if provided)
• Approximate number of Shopify clients managed
• Free-text message (if provided)
• Technical metadata of the submission (IP address, timestamp) used for spam protection

Legal bases: Art. 6(1)(b) GDPR (pre-contractual measures at the applicant’s request) and Art. 6(1)(a) GDPR (consent given via the checkbox when submitting the form). The email containing the submission is delivered through Resend (see Section 7.A). Submissions are retained for the duration of the partnership relationship or — if no partnership is entered into — for up to six months for documentation purposes, after which they are deleted. You can withdraw your consent at any time by contacting partner@buschbytes.com; such withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal.

6) Legal Bases (for processing where we are Controller)

Where we act as controller (primarily merchant data and security/operations), the legal bases include:

• Art. 6(1)(b) GDPR – performance of the contract with the merchant (providing the App)
• Art. 6(1)(c) GDPR – compliance with legal obligations (where applicable)
• Art. 6(1)(f) GDPR – legitimate interests (security, fraud prevention, service reliability, debugging, and defending legal claims)

Where we process end-customer data, we do so as processor on the merchant’s instructions; the merchant determines the relevant legal basis for that processing.

7) Recipients / Service Providers

We use the following categories of recipients (processors/sub-processors). Data Processing Agreements (DPAs) have been concluded with all sub-processors listed below.

A) Email delivery: Resend

We use Resend (Plus Five Five, Inc.) to send withdrawal confirmation emails. Resend receives the email address and the necessary message content to deliver the email. Data processing location: Ireland (eu-west-1). Resend is a US-based company, but email processing is configured to use their EU region. Resend is certified under the EU-US Data Privacy Framework (since 20 February 2025). Safeguards: DPA with Resend including EU Standard Contractual Clauses (SCCs).

B) Error monitoring: Sentry

We use Sentry (Functional Software, Inc.) for error monitoring and stability diagnostics. Sentry is configured to use their EU region (Frankfurt, Germany). No personal data of end customers (PII) is transmitted to Sentry. Sentry is used exclusively for technical error diagnosis. Sentry is certified under the EU-US Data Privacy Framework. Safeguards: DPA with Sentry including SCCs.

C) Support chat: Crisp

We use Crisp (Crisp IM SAS, France) to handle support messages from merchants. Crisp processes data in the EU (Netherlands and Germany). Support chat is used for merchant communications only; no end-customer data is shared with Crisp. Safeguards: DPA with Crisp.

D) Database hosting: Supabase

We host the App’s primary database on Supabase (PostgreSQL). Data processing location: Frankfurt, Germany (EU). Data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Safeguards: DPA with Supabase including SCCs.

E) Application hosting: Fly.io

The App’s server infrastructure runs on Fly.io. Data processing locations: Amsterdam (Netherlands) and Frankfurt (Germany). Both locations are within the EU. Safeguards: DPA with Fly.io including SCCs.

F) Domain registration: Strato

Our domain (consumer-withdrawal.eu) is registered with Strato. Strato does not process any end-customer or merchant data beyond standard DNS resolution.

G) E-commerce platform: Shopify

The App operates within the Shopify ecosystem and accesses order data via Shopify APIs for order verification purposes (where enabled by the merchant). Shopify’s own data processing is governed by Shopify’s privacy policy and DPA. Safeguards: Adequacy decision (Canada); Shopify Partner Agreement; Shopify DPA including SCCs.

We do not sell personal data and do not share personal data for advertising.

8) International Data Transfers (Outside the EU/EEA)

Our primary data infrastructure is located entirely within the EU (Germany and the Netherlands). The following transfers outside the EU/EEA may occur:

• Resend: US-based company; email processing configured for the EU region (Ireland). Certified under the EU-US Data Privacy Framework. Safeguards: DPA including SCCs.
• Sentry: EU region configured (Frankfurt); no end-customer PII transmitted. Certified under the EU-US Data Privacy Framework. Safeguards: DPA including SCCs.
• Shopify: Canada / global. Safeguards: Adequacy decision for Canada; Shopify DPA including SCCs.

9) Retention and Deletion

We retain personal data only as long as necessary for the purposes described above.

A) Withdrawal-related data (Processor)

• Starter plan (Free): automatic deletion after 90 days (fixed, privacy-by-default)
• Essential / Professional plan: configurable retention (6 / 12 / 18 / 24 months), adjustable by the merchant
• Upon uninstallation: all withdrawal-related data is deleted immediately, unless the merchant has previously exported their data (e.g., via CSV export)

Note: If a merchant selects a shorter retention period, this does not override any retention obligations applicable to the merchant under their own legal requirements.

B) Technical logs (Controller)

Server/security logs: typically up to 30 days (or longer if needed for security incident investigation).

C) Error monitoring data (Controller)

Sentry events: retained according to Sentry configuration, typically 30–90 days.

D) Support communications (Controller)

Retained for the duration of the support relationship and up to 12 months thereafter, unless required longer for legal reasons.

10) Security Measures

We implement appropriate technical and organizational measures to protect personal data, including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256)
• Access controls (least-privilege principle)
• Logical separation of merchant environments (row-level security)
• Anti-spam protection (honeypot, rate limiting)
• Monitoring and incident response processes
• Multi-factor authentication for infrastructure access

11) Is Providing Data Required?

For end customers, providing certain information (order number, name, and email address) is required to identify the relevant contract and to send the legally required confirmation message. If this data is not provided, the withdrawal request may not be processable via the App, and the customer may need to use alternative withdrawal channels offered by the merchant (e.g., email, letter).

12) Data Subject Rights

Under GDPR, data subjects have rights including access, rectification, erasure, restriction, portability, and objection.

A) End customers

Because end-customer data is processed on behalf of the merchant (controller), end customers should generally direct requests to the merchant. We will support merchants in fulfilling such requests where applicable.

B) Merchants

Merchants can exercise their rights by contacting us at hello@buschbytes.com.

Complaint to a supervisory authority

Data subjects have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of habitual residence, place of work, or place of the alleged infringement.

13) Automated Decision-Making

We do not carry out automated decision-making or profiling within the meaning of Art. 22 GDPR.

14) Cookies and Similar Technologies

The App may use technically necessary cookies/session storage in the merchant-facing interface to maintain sessions and ensure core functionality. We do not set analytics or advertising cookies for end customers through the withdrawal functionality.

15) Deletion Requests / Shopify Processes

If a merchant uninstalls the App or submits a Shopify-related deletion request, all withdrawal-related data is deleted immediately. Merchant account data is processed for deletion in line with Shopify’s mechanisms and our contractual obligations, without undue delay, subject to legal retention requirements.

16) Data Processing Agreement (DPA / AVV)

For the processing of end-customer data on behalf of merchants, we have established a Data Processing Agreement (Auftragsverarbeitungsvertrag / AVV) pursuant to Art. 28 GDPR.

The DPA is available at: consumer-withdrawal.eu/dpa.

The DPA applies to all plans, including the free Starter plan. Acceptance of the DPA is provided through active confirmation within the App (Settings → “Data Processing Agreement” section → checkbox → “Accept DPA”). The date and time of acceptance are recorded electronically.

17) Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be made available within the App and/or on our website, with the “Last updated” date adjusted accordingly.

18) Contact

Jonas Busch (Einzelunternehmer)
Email: hello@buschbytes.com
Website: www.consumer-withdrawal.eu