pengui

Privacy Policy

At Pengui, we take data privacy seriously. This Privacy Policy explains how we collect, use, and protect information when you use our website and our virtual coordination and support services.

1. The Relationship: Controller vs. Processor

  • The Client (You): You are the “Data Controller.” You own your customers’ data.
  • Pengui: We are the “Data Processor.” We only access and process your customers’ data to perform the services (support and coordination) you have hired us to do.

2. Information We Collect

We collect information in two ways:

  • From Our Clients: When you sign up, we collect business contact info, billing addresses, and payment details.
  • From Your Customers (via Your Systems): To resolve support tickets and coordinate logistics, we access data you provide via your store platforms (e.g., Shopify, Gorgias, Zendesk). This may include:
    • Names, email addresses, and phone numbers.
    • Shipping and billing addresses.
    • Order history and tracking numbers.

3. How We Use the Data

We use this information strictly for:

  • Service Delivery: Responding to customer inquiries and processing exchanges/returns.
  • Logistics Coordination: Communicating with your warehouses or carriers to track or re-ship items.
  • Security: Verifying customer identity to prevent refund fraud and protect your margins.
  • Internal Improvement: Analyzing post-purchase data to provide you with efficiency insights.

4. Data Sharing & Third Parties

We do not sell your data or your customers’ data. We only share information with:

  • Your Designated Partners: We share shipping details with your warehouses/carriers to fulfill re-orders.
  • Sub-Processors: Essential tools we use to run our business (e.g., secure communication tools or CRM software).
  • Legal Requirements: Only if required by law or to protect our legal rights.

5. Data Security

We implement industry-standard security measures to protect the data we access:

  • Limited Access: Only authorized Pengui agents assigned to your account can access your store data.
  • Credential Management: We encourage the use of “Collaborator” accounts rather than sharing master passwords.
  • Encryption: All data handled through our platform is encrypted in transit.

6. Data Retention

We only retain personal data for as long as necessary to provide our services. Once our contract ends, you are responsible for revoking our access to your third-party platforms (Shopify, etc.). We will delete any locally cached client data upon written request, subject to legal record-keeping requirements.

7. International Data Transfers

If you or your customers are located in the EU or UK, please note that we may process data in [Insert Your Country, e.g., the United States]. We ensure all transfers comply with applicable data protection laws (such as GDPR) through Standard Contractual Clauses.

8. Your Rights

Depending on your location, you (and your customers) may have rights to access, correct, or delete personal data. As the “Processor,” Pengui will assist the Client in responding to any such “Data Subject Access Requests” received from your customers.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of any significant changes by posting the new policy on our site.