Privacy Policy — AgeGuard

Effective date: 1 April 2026

Overview

AgeGuard ("we", "our", or "us") is a Shopify POS application developed by Scurix. This Privacy Policy explains what information we collect when you install and use AgeGuard, how we use it, and what rights you have in relation to it.

We have designed AgeGuard with privacy as a core principle. We collect only what is strictly necessary to operate the service, and we never sell or share personal data with third parties for commercial purposes.

What We Do NOT Collect

        AgeGuard does not store customers' dates of birth. The DOB entered at the point of sale is used only to compute whether the customer meets the minimum age threshold — the raw value is discarded immediately after that calculation.
      

We also do not collect:

Customer names, email addresses, or contact details
Payment information of any kind
Biometric data or identity document scans
Browsing history or behavioural analytics
Cookies or tracking pixels on any end-user device

What We Do Collect

To operate the app and provide your business with a compliance record, AgeGuard stores the following minimal data points each time a verification is performed:

Verification outcome — pass or fail (age threshold met / not met)
Timestamp — date and time of the check (UTC)
Location & register — your Shopify POS location ID and device ID
Order reference — the Shopify order or cart ID associated with the check
Staff ID — the Shopify staff account that performed the check

None of these fields contain the customer's date of birth or any other personal information belonging to the customer.

Shopify API Access

AgeGuard requests the following Shopify API scopes in order to function:

read_orders / write_orders — to tag verified orders and add internal notes
read_products — to identify age-restricted products in the cart
read_locations — to identify which store location the check was performed at

We access only the minimum data required to perform these operations. We do not read, store, or process any other Shopify store data.

Data Retention

Verification outcome records (as listed above) are retained for 90 days from the date of the check, after which they are automatically and permanently deleted from our systems.

If you uninstall AgeGuard from your Shopify store, all records associated with your store are deleted within 30 days of uninstallation.

Data Storage & Security

All data is stored on servers located within the European Economic Area (EEA) and is encrypted at rest (AES-256) and in transit (TLS 1.2+). Access is restricted to authorised Scurix personnel only, and only where necessary for support or maintenance purposes.

We do not use third-party analytics services, advertising networks, or data brokers in connection with AgeGuard.

GDPR & CCPA Compliance

Because AgeGuard does not store customers' dates of birth or any other customer personal data, your obligations under GDPR (EU) 2016/679 and the California Consumer Privacy Act (CCPA) with respect to age verification data are significantly reduced.

The verification outcome records we do retain relate to your business operations (order compliance records) rather than to any identified or identifiable natural person. Accordingly, these records do not constitute personal data under GDPR Article 4(1).

If you have specific questions about your compliance obligations, we recommend consulting a qualified legal adviser.

Merchant Rights

As the merchant (data controller for your store), you have the right to:

Request a full export of your store's verification records at any time
Request early deletion of your records before the 90-day window expires
Receive clarification on how we process any data associated with your store

To exercise any of these rights, contact us at support@scurix.com. We will respond within 5 business days.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, where the changes are material, notify you via the Shopify admin notification system.

Continued use of AgeGuard after any changes constitutes your acceptance of the updated policy.

Contact

If you have any questions about this Privacy Policy or how your data is handled, please contact us:

Email: support@scurix.com
Company: Scurix