ResReturn
Legal

Privacy Policy

Last updated June 1, 2026

Your customers' data is a responsibility, not an asset. This policy explains exactly what we process, why, and how you stay in control.

1. Overview

This Privacy Policy explains how ResReturn collects, uses, and protects personal data when you use our platform. We act as a data processor on behalf of the merchants who use our Services, and as a controller for our own account and website data.

We are committed to GDPR and KVKK compliance, and to data minimization by design.

2. Data we process

On behalf of merchants, we process order, product, and return data necessary to operate the returns flow. This may include a shopper's name, contact details, order history, and return reasons.

Where the optional fit-intelligence layer is enabled, body-measurement data may be processed. This is treated as a special category requiring explicit consent, with a defined retention period and deletion path. The fit-graph stores only aggregates — individual measurements are never written to a model node.

3. How we use data

We use data solely to provide and improve the Services: to process returns, to resolve them via the outcome ladder, to detect fraud, and to produce analytics for the merchant.

Aggregated, de-identified data may be used to improve our models. We never sell personal data.

4. Retention and deletion

Each personal-data field has a defined retention policy. Measurement data carries a shorter retention window and an explicit right-to-erasure endpoint.

Merchants and their customers may request deletion at any time. We honor verified erasure requests promptly, subject to legal retention obligations.

5. Security

Data is encrypted in transit and at rest. Sensitive measurement data is additionally encrypted at the column level. Access is tenant-scoped and defended in depth.

We maintain audited backups and run regular restore drills so that recovery objectives are met.

6. Your rights

Depending on your jurisdiction, you have rights to access, correct, delete, and port your data, and to object to or restrict certain processing.

To exercise these rights, contact us or use the in-product controls. Merchants can fulfill their customers' requests through the platform.

7. Contact

For privacy questions or to exercise your rights, contact our data protection team via the contact page. We respond within the timeframes required by applicable law.

Questions about this document? Contact us.