What SupplySafe Does
SupplySafe helps Shopify merchants collect, review, publish, and export product safety information for GPSR workflows.
The app is a data collection and workflow tool. It is not legal advice and does not guarantee compliance.
Privacy
Last updated: June 10, 2026
SupplySafe helps Shopify merchants collect, review, publish, and export product safety information for GPSR workflows.
The app is a data collection and workflow tool. It is not legal advice and does not guarantee compliance.
Shopify store information such as shop domain, product titles, product handles, product IDs, vendors, product types, SKUs, and SupplySafe metafields.
GPSR workflow information such as manufacturer details, EU Responsible Person details, identifiers, warnings, safety instructions, safety document URLs, batch notes, review status, and audit records.
Supplier form information such as supplier contact name, supplier email, saved supplier profiles, submitted product safety data, reminders, and activity timestamps.
Merchant settings such as report brand name, prepared-by defaults, compliance contact email, target markets, storefront languages, report notes, approval policy, and retention policy choices.
Team workflow records such as permission role labels, allowed GPSR actions, review-required notes, follow-up owner rules, workflow areas, vendor owner names, owner emails, routing notes, and timestamps when saved in the app.
Catalog monitor snapshots such as product IDs, titles, vendors, missing GPSR fields, review checks, and GPSR status used to detect future product changes.
Product webhook alerts such as product create, update, and delete notices sent by Shopify while the app is installed.
Uploaded document attachments such as safety documents, manuals, declarations, test reports, file names, file types, file sizes, and optional merchant notes.
Support and onboarding records such as issue title, affected product or vendor, customer contact email, severity, status, next step, resolution notes, setup owner, and timestamps when saved in the app.
Safety notices such as product safety warning or recall-style follow-up status, severity, customer message drafts, internal notes, sources, next steps, and timestamps.
To scan product catalogs and show missing GPSR data.
To create supplier requests and magic links.
To save drafts, approvals, published records, exports, and audit events.
To troubleshoot support requests and improve the product workflow.
SupplySafe does not sell merchant or supplier data.
SupplySafe uses Shopify APIs to read and write product and metafield data needed by the app.
Supplier magic links are intended to be shared by the merchant with the relevant supplier contact.
SupplySafe keeps workflow records while the app is installed so merchants can review history and export reports for their records.
Merchants can set retention policy windows for old local workflow records, local audit events, uploaded document attachments, and resolved safety notices. A cleanup removes only local SupplySafe records that match the saved policy.
If a merchant uninstalls the app, SupplySafe removes Shopify app sessions, merchant settings, team permission policies, follow-up owner rules, supplier profiles, supplier requests, supplier submissions, supplier activity, catalog monitor snapshots, product webhook alerts, document attachments, safety notices, support records, onboarding records, and local product audit events through the uninstall webhook.
Product metafields written into the merchant's Shopify store may remain because they are merchant-owned Shopify store data unless removed by the merchant.
Supplier links use secure random tokens and do not require Shopify admin access.
Merchants should only send supplier links to trusted supplier contacts.
Questions can be sent to support@supplysafe.app.
Merchants can contact support to ask about stored SupplySafe workflow records or app setup.