Last updated: June 2, 2026
This Privacy Policy explains how Voice Nimble ("Voice Nimble", "we", "us") collects, uses, shares, and protects information in connection with the Voice Nimble application (the "App") for Shopify. Voice Nimble provides an AI-powered voice agent that places and answers phone calls on behalf of a Shopify merchant ("Merchant", "you"). By installing or using the App, you agree to this Policy.
For data the App processes about a Merchant's own end customers, the Merchant is the data controller and Voice Nimble acts as a data processor, processing that data only to provide the App's functionality and on the Merchant's instructions. For Merchant account information, Voice Nimble is the controller.
When you install Voice Nimble on your Shopify store, we collect the following information from Shopify through the secure OAuth installation flow, so the App can connect to your store:
.myshopify.com domain (and custom domain, if configured);read_products, read_orders, read_customers;| Category | Examples | Source |
|---|---|---|
| Online store data | Products, orders, and customer contact details (name, phone, email) accessed via the
read_products, read_orders, and read_customers scopes. |
Shopify Admin API (with your authorization) |
| Call data | Caller and called phone numbers, call timestamps and duration, call status, AI/caller transcripts, and — only when you connect your own cloud storage and enable it — call recordings. | Generated when the AI agent places or answers a call |
| Account & billing data | Subscription plan, status, and usage (minutes used). Payment itself is handled by Shopify; we do not receive or store card details. | You / Shopify Billing |
| Configuration | Agent settings, greetings, templates, knowledge base, phone/SIP connection details, and (encrypted) credentials for any cloud storage bucket you connect. | You |
All data is transmitted over TLS/HTTPS and stored on access-controlled cloud infrastructure. Secrets — your Shopify access token and any cloud-storage credentials you provide — are additionally encrypted at rest with AES-256-GCM. We practice data minimization: we request only the data the App needs to function, and we process customer personal data solely to deliver the calling features you configure.
We do not sell personal information.
To deliver the service we share the minimum necessary data with the following categories of service providers, each bound to process it only on our behalf:
Call recording is optional and is only active when a Merchant connects their own storage and enables it. Recording and the monitoring of phone calls are regulated by law in many jurisdictions. The Merchant is responsible for providing any legally required notice to, or obtaining consent from, call participants. The App can play a recording-disclosure message at the start of calls to assist with this.
Call metadata and transcripts are retained for as long as your account is active or as needed to provide the service. Recordings are retained in your storage bucket according to your settings and plan, after which they are deleted. We delete or de-identify personal data on account uninstall and in response to the deletion requests described below.
Voice Nimble honors Shopify's mandatory privacy webhooks. When a store owner or customer exercises their rights through Shopify, we respond accordingly:
customers/data_request — we make available the customer data the App holds;customers/redact — we delete the identified customer's personal data, including related call records, transcripts, and recordings;shop/redact — 48 hours after uninstall we erase all data associated with the shop.Depending on your location, you (or your customers, via you) may have rights to access, correct, delete, or restrict processing of personal data. Contact us at the address below to exercise them.
Data is encrypted in transit using TLS. Sensitive secrets — including Shopify access tokens and any cloud-storage credentials you provide — are encrypted at rest using AES-256-GCM. Access to production data is restricted to authorized personnel.
Data may be processed in countries other than where you or your customers are located. Where required, we rely on appropriate safeguards for such transfers.
We may update this Policy from time to time. Material changes will be reflected by updating the "Last updated" date above and, where appropriate, by notice within the App.
Questions or requests regarding this Policy or your data can be sent to support@voicenimble.com.