Legal

Requo Privacy Policy

Last updated: June 2026

Requo is a Shopify app, built by ShiKriLabs, that lets a store replace the "Add to Cart" button with a "Request a Quote" flow on selected products. This policy explains what data Requo handles, why, and how it is protected and deleted. It applies to the Requo app only; the ShiKriLabs website has its own privacy policy.

Our role

When a merchant installs Requo, the merchant is the owner (controller) of any personal data their shoppers provide. ShiKriLabs acts as a service provider (processor) that stores and processes that data only to run the app on the merchant's behalf. Merchants are responsible for maintaining their own privacy policy covering data they collect from their shoppers.

What we collect

From shoppers (via the quote form): the name, email address, and optional phone number they enter, the product and quantity requested, any notes, answers to questions the merchant has configured, and any files the shopper chooses to attach.

From the Shopify store: the store's domain and basic shop details, the products and collections the merchant selects for quotes, draft orders Requo creates, and the authentication tokens needed to connect to the store. Customer contact details are also included in the Shopify draft orders Requo creates so the merchant can send a checkout link.

Automatically: limited technical and error-diagnostic information used to keep the app running and to fix problems. Personal data is scrubbed from these diagnostics where possible.

How we use it

We use this data solely to provide the app's features: to capture and display quote requests in the merchant's admin, to create Shopify draft orders and checkout links, to send quote and order notification emails to the merchant and shopper, to generate quote PDFs, and to enforce plan limits. We do not sell personal data, and we do not use it for advertising.

Who processes data on our behalf

We rely on a small number of service providers to operate the app: Shopify (platform, orders, billing); MongoDB Atlas (database hosting); Amazon Web Services (application hosting and, where configured, email delivery via Amazon SES) or Resend (email delivery); Sentry (error monitoring, with personal data scrubbing); and Cloudflare (this website). Each processes data only as needed to deliver its service.

Data retention and deletion

We keep quote and request data for as long as the merchant has Requo installed, so it remains available in their admin. Deletion is handled through Shopify's standard data-protection requests:

  • Uninstall: when a merchant uninstalls Requo, Shopify notifies us and we delete all data associated with that store.
  • Shopper redaction: when a shopper asks a merchant to erase their data, Shopify notifies us and we erase or anonymize that shopper's personal information.
  • Data access requests: when a shopper requests a copy of the data we hold about them, we respond through the merchant within 30 days.

Cookies and tracking

The Requo admin authenticates using Shopify session tokens, and the storefront "Request a Quote" button sets no advertising or tracking cookies of its own.

Contact

Questions about your data, or want something deleted? Email support@shikrilabs.com and we'll help. Shoppers should contact the store they submitted a quote to, and that merchant can reach us on their behalf.