Conscription logo Conscription
Legal

Privacy Policy

Last updated: 18 June 2026 · Applies to the Conscription Shopify app and conscription.co.uk

In plain terms Conscription processes the minimum Shopify customer and subscription data needed to manage subscription contracts, renewal billing, support, and required Shopify deletion requests. We do not store raw payment card details — payment methods are vaulted and managed by Shopify. We do not sell your data.

1. Who we are

Conscription (“Conscription”, “we”, “us”, “our”) is a subscriptions and bundles application for the Shopify platform. The app and this website are operated by Lewis Morris, a sole trader based in the United Kingdom.

For any privacy matter, contact us at support@conscription.co.uk. We are the data controller for this website and for the limited account and support data we hold about merchants, and a data processor acting on a merchant’s behalf for the Shopify store and customer data the app processes to deliver its features.

2. Scope & roles

This policy explains how we handle personal data when:

  • a merchant installs and uses the Conscription app on their Shopify store;
  • a merchant’s customers buy or manage subscriptions powered by the app; and
  • anyone visits this website or contacts our support.

When the app processes a store’s customer and subscription data, the merchant is the data controller and Conscription acts as a processor on their instructions. Each merchant is responsible for having their own customer-facing privacy policy and lawful basis for using subscriptions.

3. Merchant & store data we process

To run subscriptions, renewals, bundles, billing state, and merchant support, we store only the operational data the app needs, including:

  • shop domain and an internal shop record;
  • subscription programme configuration;
  • selling plan mappings and assignment state;
  • subscription contract mirror data and subscription line mirror data;
  • bundle definition and bundle instance data;
  • billing attempt records;
  • webhook event metadata and processing state;
  • merchant billing plan state;
  • audit log rows; and
  • worker heartbeat and setup diagnostics.

4. Customer data we process

For a merchant’s customers, we limit identifiers to the fields needed for subscription operations, support, and required redaction handling, such as:

  • Shopify customer GID (global identifier);
  • customer email, when provided by Shopify and needed for subscription support or redaction handling;
  • customer phone, when provided by Shopify payloads and needed for support or redaction handling;
  • subscription contract IDs;
  • order IDs; and
  • billing attempt IDs.

We access the protected customer data above under Shopify’s protected customer data requirements, and only to deliver the subscription features the merchant has enabled.

5. What we don't store

Conscription does not store:

  • raw payment card numbers;
  • CVV or other card verification data;
  • Shopify access tokens in client-visible state;
  • full protected webhook payloads for Shopify GDPR topics; or
  • unnecessary customer profile fields.

Our logging is intentionally structured and minimal: log entries may include shop domain, operation name, request IDs, contract IDs, billing attempt IDs, and object IDs, but never raw payment details, access tokens, or full protected customer payloads. Unexpected errors are reduced to safe name and message fields rather than raw object dumps.

6. Why we process data

We use the data above only to:

  • create and manage subscription programmes, selling plans, and contracts;
  • process recurring renewal billing through Shopify;
  • operate app-defined bundles as grouped subscription line items;
  • power the customer self-service portal (pause, skip, resume, cancel, change frequency);
  • provide merchant support and troubleshoot issues;
  • manage app billing and plan state; and
  • comply with Shopify’s required deletion and redaction requests.

We do not use customer data for advertising, profiling unrelated to subscriptions, or resale.

Where the UK GDPR or EU GDPR applies, our lawful bases are:

  • Contract — to provide the app to merchants who install it and to operate the subscriptions they configure;
  • Legitimate interests — to secure, maintain, debug, and improve the service, and to provide support, balanced against the rights of data subjects; and
  • Legal obligation — to honour data deletion and redaction requirements, including Shopify’s mandatory GDPR webhooks.

For customer personal data, the merchant determines the lawful basis as controller; we act on their documented instructions.

8. Payments

Conscription does not collect, see, or store raw payment card data. Customer payment methods are vaulted and processed by Shopify and its payment providers. Merchant billing for the app itself is handled by Shopify’s app billing, in GBP, on Shopify’s infrastructure.

9. Sub-processors

We use a small number of service providers to host and run the app. These may include:

  • Shopify Inc. — the platform on which the app and its data fundamentally operate;
  • our cloud hosting and managed database provider, used to run the application and store the operational data listed above; and
  • our transactional email provider, used only to send Shopify-supported subscription and portal emails where enabled.

Sub-processors are bound by contractual confidentiality and data-protection obligations and may only process data to provide their services to us. A current list is available on request at support@conscription.co.uk.

10. How we share data

We do not sell personal data and we do not share it for third-party advertising. We share data only: with the sub-processors above to run the service; with Shopify as part of normal platform operation; where required by law or to protect our legal rights; and, if the business is ever transferred, with a successor under equivalent protections.

11. Retention & deletion

We retain data only as long as needed to manage subscriptions and meet Shopify redaction requirements:

  • customer redaction requests anonymise mirrored contract and bundle-instance customer references;
  • a shop-redact request purges app-owned shop data via the GDPR webhook handler;
  • uninstalling marks the shop inactive, revokes portal tokens, and keeps minimal audit history until the normal retention window or a redaction request applies;
  • customer/privacy webhook payloads are sanitised before persistence;
  • processed webhook payloads and headers are redacted after 30 days;
  • processed webhook event metadata is purged after 365 days;
  • failed and dead-letter webhook metadata is kept for operator review until resolved, with customer/privacy payloads still sanitised; and
  • audit logs are retained for operational traceability for 730 days, then purged by the worker retention job.

12. Shopify GDPR webhooks

The app implements Shopify’s mandatory privacy webhooks and responds to:

  • customers/data_request — a customer’s request to view their data;
  • customers/redact — a request to delete or anonymise a customer’s data; and
  • shop/redact — deletion of a store’s data after uninstall.

These handlers are idempotent and designed to remove or anonymise mirrored customer data without disturbing unrelated operational records.

13. International transfers

Our providers may process data in countries outside the UK or EEA. Where that happens, transfers are protected by appropriate safeguards such as UK/EU adequacy decisions or Standard Contractual Clauses with supplementary measures as needed.

14. Security

We apply technical and organisational measures appropriate to the data we handle: least-privilege Shopify access scopes, structured logging that excludes secrets and raw payment data, sanitisation of protected webhook payloads, access tokens kept out of client-visible state, and encryption in transit. No system is perfectly secure, but we work to limit the data we hold and protect what we do.

15. Your rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to processing of your personal data, and to data portability. To exercise them:

  • Customers of a Shopify store should contact that store (the controller); the store can trigger Shopify’s data-request and redaction flows, which the app honours automatically.
  • Merchants can contact us directly at support@conscription.co.uk.

If you are in the UK and have a concern we can’t resolve, you may contact the Information Commissioner’s Office (ICO) at ico.org.uk.

16. Children

Conscription is a business tool for merchants and is not directed at children. We do not knowingly collect personal data from children.

17. Changes to this policy

We may update this policy as the app or legal requirements change. We will revise the “Last updated” date above and, for material changes, take reasonable steps to notify merchants.

18. Contact us

Questions, requests, or complaints about privacy? Email support@conscription.co.uk. We aim to respond within one business day.

Related See our Terms of Service, Cookie Policy, and Acceptable Use Policy.