Data processing agreement
Effective July 2026 · Draft pending legal review
Short version: you own your customers' data, Kelso only processes it on your instructions to send the alerts they asked for, and we never sell or share it. This addendum supplements ourterms of service.
1. Parties and roles
This data processing agreement is between you, the merchant who installed Kelso: Back in Stock Alerts, and Kelso ("we", "us"). You are the data controller. You decide what data is collected and why. We are the data processor. We act only on your documented instructions. If anything in this addendum conflicts with the terms of service, this addendum governs for the processing of personal data.
2. Scope and purpose of processing
We process personal data for one purpose: to send the back-in-stock notification emails your customers request through the storefront widget. We do not use that data for our own marketing, we do not sell or share it, we run no tracking pixels, and we make no automated decisions about your customers.
3. Categories of data and data subjects
- Data subjects. Your customers who ask to be alerted when a product comes back in stock.
- Categories of data. The shopper's email address and the specific product and variant they asked to be alerted about, plus the timestamps and send history needed to deliver and confirm the alert.
4. Our obligations as processor
- Documented instructions. We process personal data only to provide the service, and only on your instructions as reflected in the app and these documents.
- Confidentiality. Access is limited to the people who operate the service, and they are bound to keep it confidential.
- Security. Data is stored in Neon Postgres in the United States (AWS us-east-1), encrypted at rest with AES-256 and in transit with TLS. Hosting runs on Cloudflare Workers with secrets encrypted.
- Data-subject requests. We help you respond to access, correction, and deletion requests. We implement Shopify's privacy webhooks (customers/data_request, customers/redact, shop/redact), and you can export or delete data directly from the app.
- Breach notice. If a breach affects your data, we notify you without undue delay so you can meet your own reporting duties.
- Return or deletion. When you uninstall or this agreement ends, we delete or return your data as described in the privacy policy.
5. Retention
We retain a shopper's email until the alert is sent, and then for up to 12 months, or until the merchant deletes it or the shopper unsubscribes, whichever comes first.
6. Sub-processors
We use a short list of sub-processors to run the service. Each is bound by contract terms consistent with this agreement.
- Neon. Postgres database storage (United States).
- Resend. Delivery of the notification emails.
- Cloudflare. Application hosting.
7. International transfers
Personal data is stored in the United States (AWS us-east-1). If you or your customers are outside the United States, installing the app instructs us to process and store that data in the United States for the purpose described above.
8. This addendum
This addendum supplements the terms of serviceand the privacy policy. Questions:[email protected].