New: Trio is live on the Shopify App Store — Install free today!

Privacy Policy

Last updated: February 19, 2026

1. Introduction

Trio ("we", "our", or "us") operates as a Shopify application that provides product reviews, email marketing, and loyalty program services to Shopify merchants. This Privacy Policy describes how we collect, use, and share information when you install and use our application.

2. Information We Collect

2.1 Merchant Information

When you install Trio, we collect information provided by Shopify through OAuth authentication, including your shop name, shop domain, email address, and API access tokens.

2.2 Customer Information

Through the normal operation of our services, we may process information about your customers, including:

  • Names and email addresses (for reviews, email campaigns, and loyalty programs)
  • Order information (for loyalty points attribution and review requests)
  • Review content, including text and photos submitted by customers
  • Loyalty program membership data, including points balance and transaction history
  • Email engagement data (opens, clicks)

2.3 Usage Information

We automatically collect information about how you interact with our application, including pages viewed, features used, and actions taken within the app.

3. How We Use Information

We use the collected information to:

  • Provide, maintain, and improve our services
  • Process and display product reviews
  • Send email campaigns and automated emails on your behalf
  • Manage loyalty programs, including points attribution and reward redemption
  • Provide customer support
  • Generate analytics and reports
  • Comply with legal obligations

4. Data Storage and Security

We store data on secure servers hosted by Neon (PostgreSQL database) and Vercel (application hosting). File uploads (such as review photos) are stored on Cloudflare R2. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

5. Data Sharing

We do not sell your personal information. We may share information with:

  • Service providers: We use third-party services including Resend (email delivery), Cloudflare R2 (file storage), and OpenAI (AI-powered chatbot assistance).
  • Legal requirements: We may disclose information if required by law or in response to valid legal requests.

6. Data Retention

We retain your data for as long as your Trio application is installed. Upon uninstallation, we retain your data for 30 days to allow for reinstallation. After 30 days, all merchant and associated customer data is permanently deleted.

7. GDPR Compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). We process data as a data processor on behalf of merchants (data controllers). We support the following Shopify mandatory webhooks:

  • Customer data request: We provide all stored customer data upon request.
  • Customer data erasure: We delete all customer data upon request.
  • Shop data erasure: We delete all shop data upon uninstallation.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability

To exercise these rights, please contact us at support@get-trio.com.

9. Cookies

Trio does not use cookies on your storefront. Within the Shopify admin, session management is handled by Shopify's standard authentication mechanism (session tokens).

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy within the application.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

support@get-trio.com