Last updated: February 2026
TestimonialToolkit collects information that you provide directly, including your name, email address, company name, and payment information when you register for an account. When your customers submit testimonials, we collect the content they provide (text, video, audio), along with their name, email, and optional photo.
For Shopify merchants, we also collect your shop domain, shop name, and email through the Shopify OAuth process. We store a Shopify access token to inject and manage script tags on your storefront.
We use collected information to provide, maintain, and improve our services, process transactions, send service-related communications, and provide customer support. Testimonial content is displayed on your website only after you approve it. We do not sell personal information to third parties.
We use Supabase (hosted on AWS) for data storage with row-level security policies. All data is encrypted in transit (TLS 1.3) and at rest. Shopify access tokens are stored securely and are revoked upon app uninstallation.
We comply with the General Data Protection Regulation (GDPR). You have the right to access, correct, or delete your personal data. Customers whose data we process on your behalf can request data export or deletion. We process mandatory GDPR webhooks from Shopify including customer data requests, customer redaction, and shop redaction.
To exercise your data rights, contact us at support@testimonialtoolkit.com.
We retain your account data for as long as your account is active. Testimonial data is retained until you delete it or close your account. Upon Shopify app uninstallation, we revoke access tokens immediately and delete shop-specific data within 48 hours of receiving the shop/redact webhook.
We use Stripe for payment processing, Supabase for data storage, Resend for transactional email, and Vercel for hosting. Each provider maintains their own privacy policies and security standards. We do not share your data with any other third parties.
We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies.
For privacy inquiries: support@testimonialtoolkit.com