Back to home
Your Rights

Data Subject Rights

Under the General Data Protection Regulation (GDPR), you have powerful rights over your personal data. This page explains each right and how to exercise them.

Last updated: May 16, 2026

30-Day Response Guarantee

We respond to all data requests within 30 days. Complex requests may take up to 90 days with notice. All requests are handled free of charge.

Your 8 GDPR Rights

Exercise Your Rights

To submit a data request, please use one of the following methods:

Dashboard

Access self-service tools for data export and deletion.

Go to GDPR Dashboard

Email

Contact our privacy team for assistance with any request.

[email protected]

Shopify Data Used With AI

How this fits under GDPR

If you interact with a merchant's AI chat and ask about an order, return, refund, shipment, or recommendation, Shopify data may be processed to answer that request. We minimise the data before it reaches the AI model and use server-side checks for identity, ownership, and sensitive actions.

In plain terms:

  • The merchant controls why Shopify customer data is used for their store; Omniops processes it to provide the connected support service
  • Order-specific data is only used in customer-facing chat after verification, and only for the order or support task being handled
  • The AI is not given Shopify access tokens, payment details, customer IP addresses, or full raw Shopify records
  • Customer details are masked or checked by the server where possible, so the AI does not need to see the full value
  • You can request access, correction, deletion, restriction, portability, objection, or human review using the rights listed on this page

For Shopify-related support data held in Omniops, contact [email protected]. Where the merchant remains the controller for their Shopify store, we may need to coordinate the request with that merchant.

Data Breach Notification

If a data breach occurs that poses a high risk to your rights and freedoms, we will notify you without undue delay. You will receive:

  • Description of the breach and data involved
  • Likely consequences and our response actions
  • Contact details for further information
  • Recommendations to protect yourself

Frequently Asked Questions

Contact and Complaints

Data Controller

Omniops Ltd

Email: [email protected]

Supervisory Authority

UK Information Commissioner's Office (ICO)

Website: ico.org.uk

Phone: 0303 123 1113

You have the right to lodge a complaint with the ICO or your local supervisory authority if you believe your data protection rights have been violated.