Privacy Policy

Last updated: June 12, 2026

LastLook ("we", "our", or "us") operates the LastLook Shopify application. This Privacy Policy explains how we collect, use, disclose, and safeguard information when merchants install and use our app.

1. Information we collect

  • Merchant store domain and Shopify OAuth session data required to operate the app.
  • Merchant staff profile data provided by Shopify during online sessions (such as name and email) when applicable.
  • App configuration data such as widget settings and appearance preferences.
  • Technical logs including webhook delivery records, error logs, and security audit events.

2. Storefront customer data

LastLook displays recently viewed products using data stored in the customer's browser through localStorage. We do not store end-customer browsing history, names, emails, or order data on our servers.

3. How we use information

  • Provide and maintain the LastLook application.
  • Authenticate merchants and secure API access.
  • Respond to support requests and legal obligations.
  • Improve reliability, security, and product performance.

4. Cookies and similar technologies

The embedded Shopify admin experience may use cookies and session storage managed by Shopify App Bridge. On the storefront, LastLook uses browser localStorage to remember recently viewed products for the current visitor.

5. Third-party services

  • Shopify platform APIs, billing, and webhooks.
  • Hosting and infrastructure providers used to run the app.
  • Email support handled through merchant-provided contact channels.

We do not sell merchant or customer personal information.

6. GDPR and data subject rights

We comply with Shopify mandatory GDPR webhooks including customers/data_request, customers/redact, and shop/redact. Because LastLook does not store end-customer personal data on our servers, customer data requests typically require no exported records from us. When a shop is redacted or uninstalled, we delete associated app sessions and shop settings from our database.

7. Data retention

Merchant session and configuration data is retained while the app remains installed. Data is deleted upon app uninstall or receipt of a valid shop/redact webhook, subject to legal retention requirements.

8. Security

We use API key authentication, HTTPS, webhook HMAC verification, app proxy signature validation, access controls, and rate limiting to protect merchant data.

9. Contact us

Reach us anytime through the live chat on our support page.

LastLook

Recently viewed products for Shopify stores.

SupportFAQContactPrivacy PolicyTerms of Service

Need help? Chat with our support team