ZapCOD
Privacy Policy
support@zaptechapps.comWhatsApp +13322652144

Legal Information

Privacy Policy

This Privacy Policy explains how ZapCOD collects, uses, stores, and protects merchant and customer data.

Last updated: May 7, 2026

1. Who We Are

ZapCOD is a Shopify application available at https://zaptechapps.com. The app helps Shopify merchants create cash-on-delivery order forms, process COD orders, reduce fraudulent submissions, manage phone verification, and connect optional marketing and analytics services.

For privacy questions, contact us at support@zaptechapps.com.

2. Merchant Data We Process

When a merchant installs or uses ZapCOD, we may process store domain, Shopify access tokens, app configuration, billing plan status, product identifiers, order configuration, country settings, shipping settings, form settings, fraud settings, integrations, and app usage events needed to operate the service.

3. Customer And Order Data We Process

ZapCOD may process customer information submitted through merchant COD forms, including name, phone number, email address, shipping address, city, country, product selections, quantity, order value, IP address, user agent, source URL, UTM parameters, fraud flags, and order status. This information is used to create and manage COD orders for the merchant.

4. OTP And Phone Verification

If a merchant enables WhatsApp or phone OTP verification, ZapCOD stores the phone number, verification code status, expiry time, verification status, and usage status. OTP data is used only to verify that a customer controls the phone number submitted with an order and to reduce fake or fraudulent COD orders.

5. Shopify API Data Access

ZapCOD uses Shopify APIs to authenticate merchants, read products, create Shopify COD orders, manage sessions, check billing status, and support app functionality requested by the merchant. ZapCOD requests only the Shopify scopes required to provide the service.

6. Third-Party Integrations

ZapCOD may connect to third-party services when enabled by the merchant, including Shopify, Google Sheets, Meta/Facebook Pixel and Conversions API, TikTok Events API, Google Analytics 4, Snapchat Pixel, Twilio WhatsApp, UltraMsg, and CallMeBot. Data shared with these services depends on the merchant configuration and may include order, event, phone, product, or analytics information needed for that integration.

7. Data Retention

ZapCOD retains merchant configuration, order records, analytics events, OTP records, and integration settings while the app is installed and as needed to provide the service, resolve disputes, meet legal obligations, and maintain security. Data may be deleted or anonymized after app uninstall, merchant request, customer request, or Shopify privacy webhook request, subject to lawful retention requirements.

8. Security Measures

ZapCOD uses access controls, Shopify authentication, webhook HMAC verification, secure environment variables, encrypted transport through HTTPS, database access controls, and least-privilege operational practices to protect data. No method of transmission or storage is completely risk-free, but we work to protect merchant and customer data using commercially reasonable measures.

9. GDPR And Privacy Compliance

ZapCOD supports Shopify mandatory privacy webhooks for customer data requests, customer redaction, and shop redaction. Merchants and customers may contact us at support@zaptechapps.com for privacy requests related to data processed by ZapCOD.

10. Contact

Email: support@zaptechapps.com