This Privacy Policy explains how TrueCOD ("we", "our", or "the app") collects, uses, stores, and protects information when merchants install and use the app on their Shopify store. We are committed to protecting the privacy of merchants and their customers.
• TrueCOD does not automatically cancel or modify orders. The app provides risk insights and merchants remain in full control of order decisions.
• We never sell, rent, or share your data with third parties
• We never email, contact, or communicate with your customers directly
• All final decisions on orders remain fully under the merchant's control
TrueCOD is a merchant-assist tool designed to provide Cash on Delivery (COD) fraud risk insights. The app analyzes incoming COD orders in real-time using risk scoring algorithms and presents actionable information to the merchant.
The app does not automatically block, cancel, modify, or interfere with any Shopify orders or the checkout process. It is strictly an informational and decision-support tool. All actions taken on orders — such as accepting, holding, or rejecting — are performed manually by the merchant.
To provide COD risk analysis, fraud scoring, and order insights, TrueCOD collects and stores limited order-related information made available through the Shopify API:
• Shopify Order ID and internal reference number
• Order amount and currency
• Payment method (to identify COD orders)
• Order status (pending, accepted, held, or rejected)
• Order creation timestamp
• Customer phone number (if provided in the order — used for risk pattern analysis and blacklist/whitelist matching)
• Shipping address details (city, state, pincode — used only for risk pattern detection)
• Shop domain (myshopify.com URL)
• Merchant email address (only if provided for email alert configuration)
• Subscription/billing plan status
• App settings and preferences
⚠️ TrueCOD only processes the minimum data required for fraud risk analysis.
The collected data is used strictly for the following purposes:
🔍 Risk Scoring: Analyzing COD orders to generate a fraud risk score (0–100) based on historical patterns, address analysis, phone number reputation, and order behavior.
📊 Dashboard & Insights: Displaying order analytics, risk charts, and fraud statistics to help merchants make informed decisions.
📧 Email Alerts: Sending fraud risk notifications to the merchant's configured email address (not to customers). Alerts are sent only based on explicit merchant settings.
🚫 Blacklist/Whitelist: Maintaining merchant-defined lists of phone numbers to automatically flag or trust specific customers in future orders.
⚙️ Automation Rules: If enabled by the merchant (Pro plan), automatically tagging orders in Shopify based on risk level. Tags are informational only — no orders are cancelled.
🏷️ Shopify Order Tags: Adding internal tags (e.g., truecod:accepted, truecod:hold, truecod:rejected) to orders for the merchant's organizational purposes.
TrueCOD does not make automated decisions on behalf of the merchant. The app only presents informational insights and allows the merchant to take manual action.
If enabled by the merchant in app settings, TrueCOD may send order risk alert emails. These emails:
• Are sent only to the merchant's email — never to customers
• Contain order risk summary and recommended action
• Are triggered only based on merchant-configured risk levels (High Risk, Medium Risk)
• Can be disabled at any time from the app settings
• Are subject to monthly limits on the Free plan (10/month) and unlimited on the Pro plan
✅ TrueCOD never sends emails, SMS, or any communication to your customers. All notifications are merchant-facing only.
❌ Sell any merchant or customer data
❌ Rent or lease data to any third party
❌ Share data with advertisers or marketing companies
❌ Use data for any purpose other than COD fraud protection
❌ Transfer data to any external analytics or tracking services
All collected data is accessible only to the merchant who installed the app. Data is stored securely and is isolated per store — no merchant can access another merchant's data.
We take data security seriously. TrueCOD implements the following security measures:
• All data is stored in secure, encrypted databases
• Communication between the app and Shopify uses HTTPS/TLS encryption
• Access to stored data is restricted and authenticated via Shopify's OAuth system
• We follow Shopify's security best practices and API guidelines
• Database access is protected with environment-level credentials
Order-related data is retained only for as long as necessary to provide COD risk insights and analytics, or while the app remains installed on the merchant's store.
• Active stores: Data is retained while the app is installed to enable historical risk analysis and pattern detection
• Monthly counters (order count, email count) are automatically reset at the beginning of each calendar month
• App uninstallation triggers immediate cessation of data collection and initiates data cleanup
TrueCOD fully complies with Shopify's mandatory GDPR and data protection requirements, including the European Union's General Data Protection Regulation (GDPR) and applicable international privacy laws.
When Shopify sends a customer data request, we provide all stored data associated with that customer (order history, risk scores, blacklist/whitelist status).
When Shopify sends a customer erasure request, we permanently delete all data associated with that customer including order records, phone numbers from blacklist/whitelist, and any related risk data.
When Shopify sends a shop erasure request (after app uninstall), we permanently delete all data associated with that store — including all orders, settings, blacklists, whitelists, automation rules, and billing records.
Merchants can also request manual data deletion at any time by contacting us via email.
As a merchant using TrueCOD, you have the right to:
• Access: View all data collected by the app through the dashboard
• Control: Enable or disable email alerts, automation, and other features at any time
• Modify: Update your blacklist, whitelist, and alert settings
• Delete: Request deletion of your data by contacting us or uninstalling the app
• Export: Request an export of all stored data by contacting us via email
• Unsubscribe: Cancel your Pro subscription at any time through Shopify admin
TrueCOD offers a Free plan and a paid Pro plan. All billing is handled entirely through Shopify's built-in billing system. We do not collect, store, or process any payment card information directly.
• Subscription charges appear on the merchant's regular Shopify invoice
• Merchants can cancel their subscription at any time
• No hidden fees or charges beyond the stated plan price
We may update this Privacy Policy from time to time to reflect changes in our practices, features, or legal requirements. Any significant changes will be communicated through the app interface. Continued use of the app after changes constitutes acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us:
App Name:
TrueCOD — COD Fraud Protection
Developer:
Ababeel Studio
Email:
ababeelstudioofficial@gmail.com
Response Time:
Within 48 hours on business days
© 2026 TrueCOD by Ababeel Studio. All rights reserved.