GDPR

Level is designed to help merchants comply with GDPR and similar data protection regulations.

Data Level processes

When you use Level, we process:

Merchant data — Your account, team, store connection, and settings
Customer data — Phone numbers, order details, and WhatsApp message history needed to deliver verification and recovery messages
Message data — Delivery status, customer responses (confirm/cancel/STOP)

Your responsibilities as merchant

As the data controller for your customers, you should:

Inform customers that WhatsApp messages will be sent for order verification
Honor customer opt-out requests (Level handles STOP replies automatically)
Only send marketing messages to customers with proper consent
Respond to customer data access or deletion requests

Customer rights

Under GDPR, your customers have the right to:

Access their personal data
Correct inaccurate data
Delete their data (“right to be forgotten”)
Port their data to another service
Withdraw consent for marketing communications

For data deletion requests involving Level, contact hello@uselevel.ai or use uselevel.ai/contact .

Data retention

Level retains order and message data as long as your account is active and as needed to provide the service. Uninstalling Level from Shopify revokes API access.

Privacy policy

Full details are in the Level privacy policy .