Privacy Policy

MapMigo Shopify App and Storefront Store Locator Widget

Last updated: June 3, 2026

This Privacy Policy explains how we process personal data in connection with the MapMigo Shopify app (“MapMigo” or the “App”) and related services.

Important: If you are a shopper using a store locator on a merchant’s website, the merchant is usually the “controller” for the merchant’s storefront. This Privacy Policy still explains our processing for transparency, but the merchant’s own privacy notice remains the primary notice for shoppers.

1. Controller (who is responsible for processing)

Tim Wessels UG (haftungsbeschränkt) Blockener Str. 38 28816 Stuhr Germany

Responsible person: Tim Wessels

Email (privacy inquiries): support@mapmigo.io

Email (support): support@mapmigo.io

Data Protection Officer (DPO): We have not appointed a Data Protection Officer. If you believe a DPO is required for our processing, please contact us at the privacy email above.

2. What this Privacy Policy applies to

This Privacy Policy applies to personal data processing:

  • when merchants (Shopify store owners and their staff) install and use the MapMigo App (“merchant/admin context”);
  • when we provide support and communicate with merchants; and
  • when shoppers use the store locator widget (map, store list, search, optional geolocation) on a merchant’s storefront (“storefront context”).

This Privacy Policy does not apply to:

  • the merchant’s own website processing practices (please see the merchant’s privacy policy);
  • third-party services used by a merchant that are not part of MapMigo.

3. Roles (controller vs. processor)

Merchant/admin context: In operating the App relationship with merchants (account, billing-related app operations, support), we act as a data controller.

Storefront context: For store locator content and storefront widget functionality, we generally process data on behalf of the merchant as a data processor. The merchant decides which store data is published, which map provider is used, and whether optional features (such as geolocation) are enabled.

Sub-processors we engage under our own accounts: To deliver certain storefront features, we use our own provider accounts and therefore engage the following as our sub-processors (acting on our behalf):

  • Stadia Maps – for map display, but only when the merchant selects a Stadia Maps map style. In that case the map is served through MapMigo’s own Stadia Maps account at no cost to the merchant.
  • Mapbox – for place/store search. Search always runs through MapMigo’s own Mapbox account and API, regardless of which map provider the merchant has selected for the map display.

Map display via the merchant’s own provider account: If the merchant selects a Mapbox map style, the map is displayed using the merchant’s own Mapbox account and API key. In that case the merchant maintains its own direct relationship with Mapbox and is responsible for that account and for Mapbox’s applicable terms; MapMigo only facilitates the technical integration.

If a shopper requests GDPR rights regarding a specific merchant storefront, the shopper should contact the merchant first. If we receive such a request directly, we may forward it to the merchant where appropriate.

4. What personal data we process

4.1 Merchant/admin data (Shopify app users)

Depending on how the merchant uses the App and what Shopify provides, we may process:

  • Shopify shop identification data (e.g., shop domain and identifiers) required to operate the App.
  • Merchant contact details (e.g., name and email address) as provided via Shopify and/or entered by the merchant.
  • App configuration and settings (e.g., store locator configuration, selected map provider, and feature toggles).
  • The merchant’s Mapbox API key – only where the merchant selects a Mapbox map style for map display. The merchant provides and controls its own Mapbox account and token for this purpose. Map display via Stadia Maps does not require a merchant key, as it runs through MapMigo’s own Stadia Maps account. Place/store search does not use the merchant’s Mapbox key either, as it always runs through MapMigo’s own Mapbox account.
  • Store data uploaded by the merchant (see 4.2).
  • Support communications (tickets, emails, chat messages, and related metadata).
  • Technical data (e.g., timestamps, application logs; potentially IP addresses in server logs for security/operation).

 

Shopify API scopes: Our App requests the following Shopify API scopes: write_app_proxy, write_content, read_themes, write_products. We do not request Shopify customer or order scopes.

4.2 Store locator content uploaded by merchants

Merchants can upload and manage store locator content such as:

  • store names, addresses, coordinates, opening hours, phone numbers, and other store details the merchant chooses to publish;
  • custom markers and images;
  • CSV files for importing store data.

Note: Store data is often business information. However, it can still be personal data if it relates to a natural person (e.g., sole proprietors) or contains personal contact details.

4.3 Storefront context (shoppers using the store locator)

We design the store locator to minimize shopper personal data processing. Depending on merchant configuration and the shopper’s choices:

Map display

The map is rendered by one of two map providers, depending on the map style the merchant has selected:

  • Mapbox: when the merchant selects a Mapbox map style, the map is loaded through the merchant’s own Mapbox account and API key. To render the map, technical data (such as the shopper’s IP address and map requests) is transmitted to Mapbox.
  • Stadia Maps: when the merchant selects a Stadia Maps map style, the map is loaded through MapMigo’s own Stadia Maps account. To render the map, technical data (such as the shopper’s IP address and map requests) is transmitted to Stadia Maps. We use Stadia Maps’ standard global endpoint, which serves map tiles from the fastest available server; depending on the shopper’s location and network, this server may be located inside or outside the EU/EEA (see Section 8).

In both cases, loading a map requires the shopper’s IP address to reach the relevant map provider as a technical necessity of delivering the requested content.

Search

  • Search input: when a shopper searches for a place/store, the query is processed to show matching stores. We do not store or log shopper search queries at the App level.
  • Place search via Mapbox: to locate a searched place and show nearby stores, the shopper’s entered search may be sent to Mapbox (together with technical data such as the IP address). This search always runs through MapMigo’s own Mapbox account and API, regardless of which map provider the merchant selected for the map display.

 

Optional geolocation

If enabled by the merchant, the store locator may request the shopper’s location through the browser. If the shopper agrees, the location is used to display nearby stores. Nearest-store calculations are performed in the shopper’s browser, and we do not send shopper coordinates to our backend solely for distance calculations. If the shopper refuses location access, the store locator falls back to showing all stores and/or manual search.

5. Purposes and legal bases

We process personal data for the following purposes and legal bases (where applicable):

5.1 Providing the App to merchants

Purpose: App installation/operation, configuration, store locator publishing, import processing, map display via the selected provider, place/store search, and providing the features the merchant requests.

Legal basis: performance of contract (GDPR Art. 6(1)(b)).

For the storefront widget, loading the map (via Mapbox or Stadia Maps) and performing place search (via Mapbox) require transmitting limited technical data, including the shopper’s IP address, to the relevant provider. This is technically necessary to deliver the map and search functionality the merchant has chosen to make available, and is generally based on the merchant’s legitimate interests / performance of contract (GDPR Art. 6(1)(b) and (f)) in the merchant’s role as controller for the storefront.

5.2 Security, abuse prevention, debugging, and reliability

Purpose: keeping the service secure and available, preventing abuse, troubleshooting, and maintaining backups.

Legal basis: legitimate interests (GDPR Art. 6(1)(f)) and, where applicable, compliance with legal obligations (GDPR Art. 6(1)(c)).

5.3 Support and communications with merchants

Purpose: handling support requests and service communications.

Legal basis: performance of contract (GDPR Art. 6(1)(b)) and/or legitimate interests (GDPR Art. 6(1)(f)).

5.4 Optional geolocation in storefront context

Purpose: showing nearby stores when the shopper chooses to share location.

Legal basis: consent (GDPR Art. 6(1)(a)).

Consent is voluntary. The shopper can refuse without losing access to the store locator. Consent can be revoked by disabling location permissions in browser/device settings.

6. Cookies and similar technologies

Storefront widget: The MapMigo storefront widget itself does not set its own cookies and does not use localStorage/sessionStorage for tracking. However, third-party map and search services (in particular Mapbox and Stadia Maps) may use cookies or similar technologies depending on the merchant’s storefront setup and the providers’ SDK behavior. Merchants are responsible for configuring their consent tools and notices on their storefront.

Merchant/admin context: We may use strictly necessary storage (e.g., a localStorage flag for an admin-side acknowledgement) to operate App UI features. This is not used for advertising or cross-site tracking.

7. Recipients and service providers

We use service providers to operate the App. These providers may process personal data on our behalf (as our sub-processors) or as independent controllers for their own purposes.

Sub-processors engaged under MapMigo’s own accounts:

  • Shopify – platform for App installation and operation
  • Stadia Maps – map display, only when the merchant selects a Stadia Maps map style; served through MapMigo’s own Stadia Maps account
  • Mapbox – place/store search; always served through MapMigo’s own Mapbox account, regardless of map provider
  • Supabase – database and file storage
  • Redis Cloud – background job queue state for imports
  • Fly.io – hosting of our application workloads
  • Crisp – customer support communications

 

Provider engaged directly by the merchant:

  • Mapbox – map display, only when the merchant selects a Mapbox map style; served through the merchant’s own Mapbox account and API key. Here the merchant maintains its own relationship with Mapbox.

 

Third-party privacy notices (for convenience):

 

We share personal data with providers only to the extent necessary to operate, secure, and support the App.

8. International transfers

We primarily host and store App data in the EU/EEA (based on our current infrastructure configuration). However, some providers may process data outside the EU/EEA depending on their infrastructure and processing purposes. This is particularly relevant for:

  • Mapbox, which processes personal data in the United States and caches content globally (see Mapbox’s legal documentation). This applies both to map display via a merchant’s Mapbox key and to place/store search via MapMigo’s Mapbox account.
  • Stadia Maps, which is based in the United States. We use Stadia Maps’ standard global endpoint, which serves from the fastest available server; depending on the shopper’s location and network, requests may be handled by servers inside or outside the EU/EEA. Stadia Maps offers EU-only endpoints as an option, but the standard global endpoint is currently in use for map display.
  • Fly.io and other vendors that may process certain account-level or operational data outside the EU/EEA.

 

Where we transfer personal data outside the EU/EEA (or where our vendors do so), we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) and/or other lawful transfer mechanisms, as applicable.

9. Data retention and deletion

We keep personal data only as long as necessary for the purposes described in this Privacy Policy.

Merchant data deletion after uninstall: Automated deletion takes place after app uninstall using Shopify’s mandatory compliance webhooks (including shop/redact). We delete merchant store locator data, settings, uploaded media, and import files within Shopify’s required timeframe unless legal retention obligations require otherwise.

Shopper search queries: We do not store or log shopper search queries within the App.

Logs and backups: Operational logs, provider logs, and backups may be retained for limited periods depending on the provider and security needs. Where possible, we minimize retention. Exact retention can vary by provider (see the providers’ privacy documentation).

Support communications: Support tickets/messages may be retained for as long as needed to resolve the request and for a reasonable period thereafter, unless deletion is requested and no legal obligations prevent deletion. Support tooling providers may have their own retention practices.

10. Security

We use appropriate technical and organizational measures to protect personal data, such as:

  • encryption in transit (TLS),
  • access controls and least-privilege access,
  • backups and procedures for incident response.

 

No system is fully secure, but we work to protect data and reduce risk.

11. Your rights (GDPR)

If we process personal data about you as a controller (e.g., merchant/admin context), you may have rights including:

  • access, rectification, erasure, restriction;
  • data portability;
  • objection to processing based on legitimate interests;
  • withdrawal of consent where processing is based on consent;
  • complaint to a supervisory authority.

 

To exercise rights, contact us at: support@mapmigo.io

Storefront/shoppers: If your request relates to a merchant storefront using MapMigo, please contact the merchant first. The merchant is typically the controller for storefront processing.

12. Supervisory authority

You have the right to lodge a complaint with a supervisory authority. If you are in Germany, you can contact the authority responsible for us:

Der Landesbeauftragte für den Datenschutz Niedersachsen Prinzenstraße 5 30159 Hannover Germany

Email: poststelle@lfd.niedersachsen.de Phone: +49 511 120-4500 Website: https://www.lfd.niedersachsen.de/

13. Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes in our processing or legal requirements. We will publish the updated version with an updated “Last updated” date.