Back to home

Otryon Privacy Policy (GDPR)

Effective date: October 28, 2025

Version: 1.0

1) Who we are and how to contact us

Controller (for merchant/admin data and Otryon's own operations):Athen Labs, LLC d/b/a Otryon, 56 Broad Street STE 14022, Boston, MA 02109, United States. Primary contact: hello@otryon.com. Privacy and data protection requests may also be sent to support@otryon.com.

Data Protection Officer / EU or UK representative: Otryon has not appointed a formal Data Protection Officer or EU/UK representative at this time. EU or UK individuals may contact us at hello@otryon.com or support@otryon.com; we will update this notice if that changes.

Processor (for storefront customer data): When the Otryon widget runs on a Shopify store, the Merchant is the controller/business and Otryon processes data on their documented instructions.

This notice satisfies Articles 13 and 14 of the GDPR. It explains what we collect, why, how long we keep it, and how individuals can exercise their rights.

2) Scope

  • The Otryon marketing site at otryon.com and associated landing pages.
  • The Shopify app surfaces (admin UI, storefront widget) when a merchant installs Otryon.
  • Support, billing, and operational workflows necessary to provide the Service.

3) Roles & relationship to Shopify

For Merchant personnel data, Otryon is a controller. For Shopper data collected via the storefront, the Merchant is the controller/business and Otryon is the processor/service provider. Shopify remains an independent platform and its customer privacy framework governs consent on storefronts.

Our widget can be configured to respect Shopify's Customer Privacy API and privacy categories. Merchant implementers must enable the appropriate consent tools and verify that marketing and analytics events align with the permissions granted by their shoppers.

4) Data we process

Merchant/admin data (Otryon as controller)

  • Shop domain, contact details, installation metadata, plan selection, and account activity metrics.
  • Support conversations, feedback, and communications.
  • Technical logs containing request IDs, timestamps, and limited device/browser data.

Legal bases: contract performance (Article 6(1)(b)), legitimate interests (Article 6(1)(f)), and compliance with legal obligations (Article 6(1)(c)).

Storefront customer data (Merchant as controller, Otryon as processor)

  • Engagement records: page views, try-on start/complete/error, add-to-cart, checkout, purchase, coupon impressions, search and share events, along with product/variant context.
  • Attribution signals: cart tokens, checkout tokens, order IDs, discount codes, and conversion metadata when the Merchant enables attribution.
  • Try-on media: shopper-provided photos are processed transiently in memory to render previews. The hosted widget does not upload or persist the images or generated results, and merchants should ensure any customizations follow the same approach.
  • Privacy metadata: limited technical details such as IP address and browser information used for storefront analytics and security. Access to this information is restricted and retained only as long as needed for those purposes.
  • Shopify data retrieved with Merchant authorization (e.g., product catalogs, discount codes, order webhooks) and responses to Shopify GDPR webhooks.

Merchants are responsible for choosing and documenting a lawful basis (consent, contract, legitimate interests, etc.) for storefront data and for configuring Shopify's privacy tools accordingly. Otryon provides guidance and APIs to help align with those choices but does not override merchant settings.

5) Why we use the information

  • Deliver try-on previews, promotions, and analytics dashboards for merchants.
  • Monitor aggregate engagement on our marketing site with privacy-minded analytics.
  • Prevent abuse and automate quota protections with fraud and security safeguards.
  • Improve reliability, answer support requests, and aggregate anonymized statistics.
  • Manage billing and comply with tax, accounting, and audit duties.
  • Respond to Shopify GDPR webhooks for data access, erasure, and shop-wide deletion.

We do not sell personal information. Shopify blocks the pixel if visitors opt out of sale/share and we configure the pixel to honor that behavior.

6) Cookies, local storage, and consent

Otryon's marketing site uses privacy-focused analytics tools to understand general engagement without building individual profiles. The storefront widget follows Shopify's privacy settings, so merchants must confirm their consent experiences work as expected before enabling the embed.

On our own site or in-app surfaces we may set essential cookies for authentication and security; where required we will obtain consent directly.

7) Sharing & sub-processors

  • Trusted cloud hosting and infrastructure partners that help us run the service securely and reliably.
  • Customer support, communications, and productivity tools that assist with emails, help tickets, and account management.
  • Analytics and performance partners that help us understand how the marketing site and app perform.
  • Shopify (independent platform) for app distribution, billing, and privacy orchestration when you install Otryon.
  • Legal, accounting, and compliance professionals, or disclosures required by law to protect rights and safety.

We require vendors to implement appropriate safeguards and to process data only on our documented instructions.

8) International transfers

Data may be processed in the United States or other countries where we or our providers operate. Transfers are protected by Standard Contractual Clauses and, where applicable, the UK International Data Transfer Addendum. We supplement these with technical and organizational measures detailed below.

9) Security measures

  • Industry-standard protections to keep data secure in transit and at rest.
  • Access controls, multi-factor authentication, and audit trails for internal tools.
  • Safeguards that prevent unauthorized embedding or tampering with admin surfaces.
  • Integrity checks and monitoring on key integrations and data flows.
  • Limited retention of necessary technical logs, with regular reviews to remove what we no longer need.

10) Retention

  • Storefront analytics events are retained for a short window so we can deliver reports, then aggregated or deleted.
  • Marketing-site analytics follow the standard retention schedule provided by our analytics vendor.
  • Support conversations and administrative records are kept while needed to provide the Service or comply with law, then deleted or anonymized.
  • Billing and accounting records are kept for statutory periods (usually 6–7 years).
  • Attribution or order data is removed when a merchant uninstalls, requests erasure through Shopify GDPR webhooks, or the agreed wind-down period ends.
  • Operational logs rotate on schedules set to maintain reliability and security.

11) Your rights

If Otryon is the controller (merchant/admin data), you may request access, rectification, erasure, restriction, portability, or object to processing. Submit requests to hello@otryon.comor support@otryon.com. You can also lodge a complaint with your data protection authority.

For storefront shoppers, please contact the relevant Merchant first. We assist merchants in fulfilling privacy requests submitted through Shopify's privacy tools and required notifications.

California, Colorado, and other U.S. state residents can exercise rights to know, delete, correct, and opt out of sale/share or targeted advertising subject to applicable laws by emailing us or the Merchant directly.

12) Children

Otryon is not directed to children. If you believe a child has provided personal data, contact us and we will delete it promptly.

13) Changes

We will update this policy as our services or legal requirements evolve. Material updates will be announced in the app or via email to Merchant contacts.

Data Processing Addendum (DPA)

The following DPA governs how Otryon processes personal data on behalf of Merchants under GDPR/UK GDPR. It supplements the Terms and applies whenever Otryon acts as processor.

Subject matter and duration

Otryon processes storefront customer data to deliver try-on, analytics, and related services for the subscription term and a defined post-termination deletion window.

Nature and purpose

Processing includes collection, storage, aggregation, transfer, and deletion to deliver the Service, ensure security, provide support, calculate billing, and comply with legal requirements.

Data subjects and categories

  • Shop visitors and customers interacting with the widget (identifiers, try-on media, events, orders).
  • Merchant staff interacting with the admin (names, emails, roles, support information).
  • No special categories or biometric identifiers are created for identity verification.

Controller instructions

Otryon acts only on documented instructions provided through the app, Shopify configuration, and written agreements. If an instruction appears unlawful, we will notify the Merchant unless prohibited by law.

Personnel and confidentiality

Access to personal data is restricted to trained personnel under confidentiality obligations and least privilege controls with enforced MFA.

Security measures

Otryon maintains technical and organizational measures consistent with Annex B below, including encryption in transit and at rest, secret management, access controls, logging, incident response processes, and privacy-by-design reviews.

Sub-processing

Merchants authorize Otryon to use sub-processors listed in Annex A. We bind each sub-processor to equivalent data protection obligations and remain liable for their performance. We will notify Merchants of material changes so they can object where legally required.

International transfers

Transfers outside the EEA/UK rely on the EU Standard Contractual Clauses (2021/914) and, for UK data, the UK Addendum/IDTA. These clauses are incorporated by reference and applied to controller-to-processor and processor-to-processor relationships as applicable.

Assistance & breach notification

We assist Merchants with data subject requests, DPIAs, regulator queries, and incident response. In the event of a personal data breach we will notify the Merchant without undue delay and provide relevant information to support their obligations.

Return or deletion

At the end of the Services Otryon deletes personal data within the agreed retention window unless a Merchant requests return (where technically feasible) or law requires longer retention. Shopify's shop deletion notice triggers removal of remaining shop-scoped data.

Audit rights

Upon written request (no more than annually) we will provide information demonstrating compliance and allow audits subject to reasonable scheduling, confidentiality, and security requirements.

Annex A — Approved sub-processors

  • Cloud infrastructure partners that provide secure hosting, storage, and scheduling for the Service.
  • Marketing site and content delivery providers that serve public-facing pages and static assets.
  • Analytics and performance tools that measure aggregate engagement on our marketing site and app surfaces.
  • Customer support, communications, and incident response platforms that help us assist merchants.

Shopify is an independent controller for its own processing and is not Otryon's sub-processor.

Annex B — Technical & organisational measures

  • Security policy, role-based access, enforced MFA, and employee confidentiality agreements.
  • Provider-managed encryption, key rotation, and restricted access to configuration secrets.
  • Network protections provided by our hosting providers plus application-level rate limiting.
  • Webhook verification, audit logging, incident response playbooks, and regular tabletop exercises.
  • Privacy-by-design reviews for new features, including data minimization and consent considerations.
  • Regular review of subprocessors and DPIA updates where material changes occur.

Annex C — Data & retention map

  • Storefront analytics: engagement and device metadata kept briefly to power dashboards before being aggregated or removed.
  • Marketing analytics: aggregated engagement metrics stored by our analytics provider under its standard retention settings.
  • Support & success records: email correspondence and troubleshooting context retained while the merchant relationship remains active or as required by law.
  • Orders & attribution: retained while a merchant's subscription remains active or where required for accounting/tax obligations; deleted following Shopify uninstall/GDPR erasure events or the agreed wind-down period.
  • Billing & accounting: subscription and invoice records (no card data) retained 6–7 years under applicable law.
  • Operational logs: technical logs retained on rolling schedules to maintain reliability and security, then purged.

Annex D — Shopify GDPR workflows

  • Customer data access requests: we compile and return the information we hold to Shopify/the Merchant.
  • Customer erasure requests: we remove or anonymize the individual's data in our systems.
  • Shop deletion requests: we purge shop-level personal data after uninstallation or closure.

Annex E — International transfer mechanisms

Otryon relies on the European Commission's Standard Contractual Clauses (Module Two and Module Three, 2021/914) and, for UK data, the UK IDTA or Addendum. Supplemental measures include encryption, access controls, and privacy-by-design safeguards outlined above.

Quick-fill checklist

  • Insert your legal entity name, address, and contact emails (privacy/legal/support).
  • Confirm your analytics tools follow appropriate consent settings for the regions you serve.
  • Review log retention and purge schedules so they match the commitments in this policy.
  • Confirm Shopify GDPR webhooks are subscribed, verified, and monitored if you deploy the widget in production.
  • Publish this policy at a stable URL and link it in your Shopify App Store listing.