This Privacy Policy describes how HoneyWired (“we,” “us,” or “our”) processes data when merchants install and use the Gatekeeper app on the Shopify platform. We are incorporated and operate in Illinois, United States.
Gatekeeper is a privacy-first age-verification tool. We believe the best way to secure personal data is to never collect it in the first place.
Gatekeeper evaluates age requirements entirely within the Visitor’s local browser. Because of this architecture, we intentionally do not transmit, collect, or store any of the following Visitor information on our servers:
Verification records live in the Merchant’s Shopify admin as order tags—where they belong. We do not operate an ID upload feature. We do not sell data. Whether a Visitor is granted or denied access, the date of birth they entered is processed entirely in their browser and is never transmitted to us.
Our data processing practices and legal roles depend on the specific data category and who is interacting with the software:
To operate the Gatekeeper service, administer subscriptions, and prevent abuse, we collect the following limited datasets:
When a Merchant installs Gatekeeper, Shopify provides us with necessary account details via OAuth. We store:
When an age gate is evaluated on a storefront, the Visitor’s browser fires a ping to our servers strictly for aggregate analytics. This payload contains exactly five fields: the shop domain, the verification result (pass/fail), a 2-letter ISO country code (derived from Shopify’s storefront localization, not an IP lookup), a broad device class (mobile/desktop/tablet), and the ID of the rule that matched.
This data is not linked to any individual person by Gatekeeper. Raw event pings are retained for a maximum of 90 days, while daily aggregate rollups are retained indefinitely to provide merchants with historical analytics.
To enforce our “one-trial-per-shop” policy and prevent systemic billing abuse, we generate and store cryptographically one-way hashed versions of the store owner’s normalized email address and payment method fingerprints (brand, last 4 digits, expiration date).
We rely on our legitimate business interests (e.g., GDPR Art. 6(1)(f)) to retain these hashes to secure our platform against fraud, which we have determined does not override the fundamental rights and freedoms of the data subject.
Gatekeeper utilizes a single, strictly necessary first-party cookie (_gk_verified) stored locally in the Visitor’s browser on the Merchant’s domain. This cookie simply remembers that a Visitor has successfully passed the age gate for a configurable period set by the Merchant (default 30 days; options range from 1 day to 1 year), preventing repeated prompts. HoneyWired cannot access this cookie from other websites, and does not combine it with any other data.
We share data only with essential service providers necessary to run the Gatekeeper application. We do not share data with advertising networks, third-party advertising analytics providers, or data brokers.
Our sub-processors include:
As we utilize US-based infrastructure, Merchant Data may be transferred outside the European Economic Area (EEA). We ensure appropriate safeguards are in place for these transfers, including the execution of Standard Contractual Clauses (SCCs), as detailed in our Data Processing Agreement.
When a Merchant uninstalls Gatekeeper, Shopify notifies us immediately, and we mark the account inactive. Approximately 48 hours later — unless the Merchant reinstalls in that window — Shopify fires a redaction webhook. Upon receiving it, we automatically delete:
Anonymous aggregate counts and our internal install and trial history are retained for up to twelve (12) months following the last active subscription. After that twelve-month window, we purge all remaining account data associated with the uninstalled shop. As noted in Section 4.3, we securely retain one-way hashed identifiers (derived from the former owner’s email and payment method) independently and indefinitely to prevent trial abuse; these hashes cannot be reversed into personal data.
Raw event ping records are independently capped at a maximum retention of ninety (90) days, regardless of subscription status.
A note on order tags: When the Service tags a verified order with age-verified-{age}, the tag is written to and stored by Shopify on the Shopify Order resource, where it lives indefinitely under Shopify’s data-retention policies and the Merchant’s data-controller responsibility for their own order data. Gatekeeper does not maintain an independent copy of which specific orders were tagged. The only related figure we retain is a non-identifying aggregate count of tags applied per shop per day, which contains no order ID, customer ID, or other PII and is subject to the twelve-month post-subscription purge described above.
Depending on your jurisdiction (including the GDPR and CCPA), individuals acting on behalf of a Merchant (such as store owners or operators acting as natural persons) have the right to request access to, correction of, deletion of, or restriction of processing regarding their personal data. These individuals also possess the right to data portability, the right to object to processing, the right to withdraw consent, and the right to lodge a complaint with a supervisory authority.
To exercise these rights, please contact us at support@honeywired.com.
Note for Visitors: Because HoneyWired does not store Visitor personal data, any Visitor seeking to exercise data rights regarding their verification status or order tags must contact the specific Merchant whose store they visited. If a Visitor contacts us directly, we can search our systems to confirm we have no records linking to them as an individual.
We may update this Privacy Policy from time to time. If we make material changes, we will notify Merchants via email or through an in-app banner at least 30 days prior to the changes taking effect.
For privacy inquiries, please reach out to:
HoneyWired
support@honeywired.com