Your data.
Your control.
We believe you should know exactly what data we access, how we protect it, and what we do with it. No fine print.
Only what we need.
Nothing more.
We request the minimum Shopify permissions required to deliver exceptional support for your customers.
Products & Catalog
- Product titles, descriptions, and images
- Pricing and inventory levels
- Collections and categories
Why: To answer customer questions accurately about your products
Orders (Limited)
- Order status and tracking info
- Product names in orders
- Order totals (for context)
Why: To help customers check their order status and resolve issues
Store Information
- Store name and contact info
- Shipping policies
- Return/refund policies
Why: To provide accurate policy information to your customers
Our promises to you
Non-negotiable commitments about how we handle your data.
We never sell your data
Your data is yours. We don't monetize it, share it with advertisers, or use it for anything other than powering your support.
We never access payment info
Credit cards, bank accounts, payment methods—we can't see them and don't want to. Shopify handles all of that.
We never store credentials
We use Shopify's OAuth system. We never see or store your Shopify password or API secret keys.
We never hoard your data
When you uninstall, we delete your data. Conversation history is retained only as long as you need it.
Enterprise-grade protection
Your data is protected by the same infrastructure trusted by Fortune 500 companies.
Enterprise Infrastructure
SOC 2 compliant data centers with automatic backups and 99.9% uptime.
Encrypted at Rest
AES-256 encryption protects your data even if storage is compromised.
Encrypted in Transit
TLS 1.3 encryption. No plaintext data ever travels over the network.
US Data Residency
All data stored in secure US data centers with physical access controls.
Who sees what
Clear boundaries on human access—yours and ours.
Your Team
Can Access
- Customer conversations
- Order history you grant access to
- Knowledge base content
- AI suggestions and drafts
Cannot Access
- Customer payment details
- Full customer addresses
- Other merchants' data
Garrio Team
Can Access
- Aggregate usage metrics
- Error logs (anonymized)
- Configuration settings
Cannot Access
- Your customer conversations
- Customer personal data
- Payment or financial info
We don't hoard data
Data is kept only as long as it's useful to you.
Customer Conversations
Delete anytime from your dashboard
Knowledge Base
Deleted 30 days after uninstall
Analytics
Rolling window, then aggregated
Product Cache
Synced fresh from Shopify daily
Questions about your data?
We're happy to answer anything about how we handle your information. Reach out anytime.