AgeProof — Privacy Policy
Last updated: June 18, 2026
AgeProof ("the app", "we") is operated by Wigley Studios LLC. It blocks underage checkout with a storefront age gate and a server-side checkout block, and keeps a tamper-evident compliance log. This policy explains what we access and store.
What we access
- Checkout validations (read & write) — we register and manage a cart/checkout validation rule on your store so the age block can run on Shopify's servers (scopes: read_validations, write_validations).
- App-owned shop metafield (write) — we store your age-gate settings in an app-owned metafield our checkout validation reads at runtime; app-owned metafields need no access scope.
We do not read your products, orders, or customers through the API — choosing which products to age-restrict happens in your browser via Shopify's product picker. The storefront gate and the checkout block run via a theme app embed and a Shopify Function; the app does not request theme permissions or edit your theme files.
What we do NOT access
We do not request orders or customers, and we use no Protected Customer Data scopes. The age gate never collects a name, email, or the visitor's date of birth — a date of birth entered at the gate is used only to compute, in the visitor's own browser, whether they meet the minimum age, and is never sent to us or stored.
What we store
- Your shop domain and a Shopify session/access token (to operate the app).
- Your settings (minimum age, enforcement, plan, gated products, regional rules).
- A compliance log of age-gate decisions — a timestamp, the outcome (verified / blocked), the method, the minimum age, the derived age, and a best-effort country. This contains no personal data: no name, email, IP address, or date of birth.
What we send to third parties
AgeProof uses no AI/LLM providers and sends no data to any third party beyond Shopify itself.
Data retention & deletion
- We retain your shop's data only while the app is installed.
- On uninstall, AgeProof honors Shopify's
shop/redactwebhook and deletes the sessions, settings, gated-product rules, and verification log we hold for your shop. - We also honor the
customers/data_requestandcustomers/redactwebhooks; because we store no customer personal data, these are acknowledged with nothing to return or erase. - On the Compliance plan you can set an automatic retention window that prunes older log entries.
Your rights
You can uninstall the app at any time to stop all data collection and trigger deletion. For any data request, contact us.
Contact
Wigley Studios LLC — support@wigleystudios.com