Last updated: 10 April 2026
ShopZero Privacy & Data Policy
This Privacy & Data Policy (“Policy”) describes how Arvyo Ltd. (“Arvyo”, “we”, “us”, “our”) collects, stores, and uses information in connection with the ShopZero platform—including the merchant application (e.g. app.shopzero.bd), APIs, documentation, and customer-facing storefront experiences we host or enable for merchants (collectively, the “Service”). It applies to merchants who register for ShopZero and to data processed through merchant stores on our systems. It should be read together with the ShopZero Terms of Service. If you are an end customer of a merchant’s store, that merchant’s own privacy notice may also apply to how they use your data; this Policy explains Arvyo’s role as the platform operator.
1. Who we are
The Service is operated by Arvyo Ltd., a company incorporated in Bangladesh. For privacy-related requests about ShopZero, use the contact options on https://shopzero.bd or support channels indicated in your merchant dashboard.
2. Data we process
We process: • Merchant account data — such as registration details, billing and subscription information, authentication data, and communications with us. • Store and business data — including product catalog, inventory, pricing, media you upload, orders, fulfillment and delivery information, and settings you configure in the Service. • Customer and transaction data — where end customers interact with storefronts or checkout flows we provide on your behalf, including identifiers (e.g. email or phone), shipping details, and payment-related metadata (payment processing may also be subject to your chosen payment providers’ terms). • Technical and operational data — such as logs, diagnostics, security signals, approximate usage patterns, and similar information needed to run and protect the Service.
3. Store data on our systems
Information that merchants enter into ShopZero, and data generated by the operation of merchant stores (including orders, configurations, and integrations you enable), is stored and processed on systems we operate or subprocessors we engage to deliver the Service. You are responsible for the lawfulness of personal data you instruct us to process on your behalf (for example, ensuring appropriate notices and consents for your end customers where required).
4. How we use data
We use the categories of data above to: • provide, maintain, and secure the Service (including authentication, hosting, backups, and support); • process subscriptions and payments owed to Arvyo; • detect, prevent, and investigate fraud, abuse, and security incidents; • comply with legal obligations and respond to lawful requests; • communicate with you about the Service, including important notices and (where permitted) product information. We and our subprocessors reserve the right to use merchant store data and related operational information—including in aggregated, de-identified, or anonymized form where appropriate—to improve and develop our systems, reliability, and features; to build internal and product reporting and analytics; and to train or evaluate models or heuristics only where consistent with this Policy and applicable law. We do not sell personal information of your end customers to unrelated third parties for those parties’ own marketing.
5. Sharing and international transfers
We may share data with service providers who assist us (e.g. hosting, email delivery, analytics) under appropriate contracts. We may disclose information if required by law or to protect rights, safety, and integrity of the Service. Where data is transferred across borders, we take steps consistent with applicable requirements.
6. Retention and security
We retain information for as long as needed to provide the Service, comply with law, resolve disputes, and enforce our agreements. We implement technical and organizational measures appropriate to the risks, but no method of transmission or storage is completely secure.
7. Your rights
Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of personal data, or to object to certain processing. To exercise rights relating to your merchant account, contact us as described below. Requests relating solely to an end customer’s purchase may need to be handled with the relevant merchant where they hold the direct relationship.
8. Changes
We may update this Policy from time to time. We will post the revised version on shopzero.bd and, where appropriate, provide additional notice (for example via email or dashboard message). Continued use of the Service after the effective date may constitute acceptance unless we require explicit consent for a change that legally requires it.
9. Contact
Questions about this Policy can be sent through the contact form on https://shopzero.bd or via support channels provided in your merchant dashboard.