ipasis

IPASIS Privacy Policy

Last Updated: February 16, 2026

IPASIS ("we", "our", "us") provides IP reputation and fraud-prevention intelligence services. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. We are committed to transparency and protecting user privacy.

1. Introduction

IPASIS provides IP reputation and fraud-prevention intelligence services. This policy describes how we handle information in connection with our website, APIs, and related services.

2. What Data We Collect

A. Data You Provide

  • Name (optional).
  • Email address.
  • Billing information (handled securely by Stripe / LemonSqueezy).
  • Support messages or contact form submissions.

B. Data We Automatically Collect

  • Log data (IP, browser, time of access).
  • API usage metrics.
  • Error logs.
  • Authentication and security logs.
  • Non-identifying analytics events.

We do not collect personal data beyond what is required for product usage.

3. IP Data (Core Product)

IPASIS processes global IP address data for fraud detection and security analytics. This includes:

  • ASN / company / ISP mapping.
  • Hosting / VPN / Tor detection.
  • Reputation and abuse feeds.
  • Open-source and commercial datasets.

IP addresses are treated as device or network identifiers, not as direct personal identifiers. We do not use IP data to track individuals.

4. SignalWall — Shopify App

SignalWall is a Shopify app by IPASIS that provides fraud prevention for Shopify merchants. This section describes how SignalWall handles data within the Shopify platform.

A. Data We Collect via Shopify

  • Shop domain and Shopify access tokens (encrypted at rest with AES-256-GCM).
  • Order information: order ID, customer email address, and browser IP address.
  • Merchant-configured settings (risk thresholds, tagging preferences).

B. How We Use Shopify Data

  • Validate customer email addresses and IP addresses against our threat intelligence network.
  • Calculate fraud risk scores and submit them to Shopify's Order Risk API.
  • Tag orders with risk indicators (e.g., high-risk, VPN detected, disposable email).
  • Display analytics and fraud trends in the merchant dashboard.
  • Enforce plan-based usage limits.

C. Data Retention & Deletion

  • Order validation records are retained for analytics purposes.
  • When a merchant uninstalls SignalWall, the shop record is soft-deleted and analytics data is preserved.
  • Merchants can request full deletion of their data by contacting us.

D. GDPR Compliance

SignalWall supports Shopify's mandatory GDPR webhooks for customer data requests, customer data erasure, and shop data erasure. We process these requests promptly upon receipt.

E. Third-Party Sharing

SignalWall does not share merchant or customer data with any third party beyond what is necessary to operate the service. Risk assessments are submitted only to the merchant's own Shopify store via the Shopify API.

5. How We Use the Data

We use your information to:

  • Provide API and dashboard access.
  • Prevent fraud, misuse, and attacks.
  • Improve service reliability and performance.
  • Support and communicate with customers.
  • Process billing and subscriptions.
  • Monitor system performance and security.

We never sell personal data.

6. Sharing of Data

We share limited data only with trusted third parties necessary to operate the service:

  • Billing providers (Stripe / LemonSqueezy).
  • Infrastructure providers (Google Cloud Platform).

We do not sell data or allow advertising networks to profile our users.

7. Data Storage & Retention

  • Account data is stored as long as your account is active.
  • Log data is typically retained for 30–90 days for security and operational reasons.
  • Backups are encrypted and retained according to internal policy.

You can request deletion of your account data at any time by contacting us.

8. Cookies & Analytics

We use minimal cookies, including:

  • Session / authentication cookies.
  • Anonymous analytics cookies (optional).

We do not use cookies for advertising or cross-site tracking.

9. Your Rights

Depending on your region (for example, GDPR or CCPA), you may have the right to:

  • Access the data we hold about you.
  • Request correction or updates.
  • Request deletion of your data.
  • Request export (data portability).
  • Opt out of optional analytics.

To exercise these rights, contact us at contact@ipasis.com.

10. Children's Privacy

IPASIS is not intended for individuals under the age of 16.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

12. Contact Information

For privacy questions and general support, email us at contact@ipasis.com.