Contact information
Controller: Limoni Apps BV
Address: Grote Moortel 12, 9830 Sint-Martens-Latem, Belgium
Product: Discount Ninja (Shopify app)
Role: Data Controller (for merchant & app data) / Data Processor (for merchant customer data)
DPO: no DPO required, see DPO Assessment
Contact: [email protected]
Last updated: January 7 2026
Controller vs Processor Matrix
This matrix clarifies who determines the purpose and means of each processing activity.
Limoni Apps BV acts primarily as a data controller for merchant account, product usage, analytics, and billing data.
Limoni Apps BV acts as a data processor solely for end-customer personal data processed on behalf of merchants, limited to order-related and fraud-prevention purposes, and strictly under merchant instruction.
Processing Activity | Limoni Apps BV Role | Merchant Role | Notes |
Activity 1 App installation & authentication | Controller | — | Limoni Apps BV determines data needed to operate the app |
Activity 1 Merchant account management | Controller | — | Direct contractual relationship |
Activity 2 Promotion configuration | Controller | — | Merchant acts as user, not controller |
Activity 2 Promotion execution logic | Controller | — | Limoni Apps BV defines discount mechanics |
Activity 3 Order discount application | Processor | Controller | Processing end-customer order data on merchant’s behalf |
Activity 4 Fraud detection (coupon abuse) | Processor | Controller | Feature-gated, merchant-initiated |
Activity 4 End-customer identifiers (name, email, address) | Processor | Controller | No independent reuse or storage |
Activity 5 Analytics (merchant usage) | Controller | — | Legitimate interest |
Activity 5 Error monitoring & logs | Controller | — | Operational necessity |
Activity 6 Customer support (merchants) | Controller | — | Direct communications |
Activity 7 Billing & invoicing | Controller | — | Legal & contractual obligations |
Processing Activity 1 – App Installation & Merchant Account Management
Field | Description |
Purpose | Enable merchants to install, authenticate, configure, and manage the app |
Legal basis | Contract (Art. 6(1)(b)) |
Data subjects | Merchants (store owners, staff) |
Personal data | Name, email address, Shopify store domain, user role |
Source | Shopify OAuth / Shopify Admin API |
Recipients / subprocessors | Microsoft Azure (hosting, database), Shopify |
International transfers | Yes. Data may be processed and stored in the United States by infrastructure subprocessors (Microsoft Azure).
Transfers are protected by SCCs (as outlined in Appendix B of the DPA) and assessed via a documented TIA. |
Safeguards | Shopify DPA, Azure standard contractual terms |
Retention | Retained for the duration of the merchant account plus 30 days after uninstallation. |
Security measures | TLS in transit, encryption at rest, RBAC, access logging |
Processing Activity 2 – Promotion Configuration & Execution
Field | Description |
Purpose | Configure and apply promotions (discounts, price reductions, upsells) |
Legal basis | Contract (Art. 6(1)(b)) |
Data subjects | Merchants |
Personal data | None / limited to merchant account identifiers |
Source | Merchant input via app UI |
Recipients / subprocessors | Microsoft Azure |
International transfers | Yes. Infrastructure hosting is provided by Microsoft Azure with primary processing in the United States.
Transfers are protected by SCCs (as outlined in Appendix B of the DPA) and assessed via a documented TIA. |
Retention | Retained for the duration of the merchant account plus 24 hours after uninstallation. |
Security measures | Encrypted storage, access controls |
Processing Activity 3 – Order Discount Processing
Field | Description |
Purpose | Apply discounts to customer orders |
Legal basis | Contract (Art. 6(1)(b))
Processor processing on documented instructions of the controller under the Data Processing Agreement (DPA). Merchant is the data controller for end-customer data. |
Data subjects | End customers |
Personal data | Order ID, cart contents, prices (no direct identifiers) |
Source | Shopify Storefront / Checkout APIs |
Recipients / subprocessors | Shopify, Microsoft Azure |
International transfers | Yes. Data is processed via Shopify’s global infrastructure and by Microsoft Azure (US).
Transfers are protected by SCCs (as outlined in Appendix B of the DPA) and assessed via a documented TIA. |
Retention | Transient (processed in-memory or short-lived logs) |
Security measures | TLS, minimal data processing, no persistence |
Processing Activity 4 – Coupon Fraud Detection (Optional Feature)
Field | Description |
Purpose | Detect multiple uses of “one use per customer” promotions |
Legal basis | Legitimate interest (Art. 6(1)(f))
Processor processing on documented instructions of the controller under the Data Processing Agreement (DPA). Merchant is the data controller for end-customer data. |
Data subjects | End customers |
Personal data | First name, last name, email address, phone number, shipping address |
Source | Shopify Orders API |
Recipients / subprocessors | Microsoft Azure |
International transfers | Yes. Processing occurs on infrastructure hosted by Microsoft Azure in the United States. Customer data is processed transiently and not persisted.
Transfers are protected by SCCs (as outlined in Appendix B of the DPA) and assessed via a documented TIA. |
Retention | Not persisted; processed transiently |
Security measures | Feature-gated access, no storage, restricted API permissions |
Notes | Processing occurs only if merchant explicitly enables this feature |
Processing Activity 5 – Analytics & Product Usage Monitoring
Field | Description |
Purpose | Monitor feature usage, diagnose errors, improve product |
Legal basis | Legitimate interest (Art. 6(1)(f)) |
Data subjects | Merchants |
Personal data | Pseudonymous identifiers, event metadata |
Source | App interactions |
Recipients / subprocessors | Analytics & monitoring providers (e.g. error tracking) |
International transfers | Yes. Data may be processed and stored in the United States by support subprocessors (Bugsnag and Microsoft Azure).
Transfers are protected by SCCs (as outlined in Appendix B of the DPA) and assessed via a documented TIA. |
Safeguards | Vendor DPAs, data minimization |
Retention | 24 months |
Security measures | Pseudonymization, access controls |
Processing Activity 6 – Customer Support & Communications
Field | Description |
Purpose | Respond to support requests and inquiries |
Legal basis | Contract (Art. 6(1)(b)) |
Data subjects | Merchants |
Personal data | Name, email address, message content |
Source | Support tickets, email, chat |
Recipients / subprocessors | Support tools, email providers |
International transfers | Yes. Data may be processed and stored in the United States by support subprocessors (Intercom and ClickUp).
Transfers are protected by SCCs (as outlined in Appendix B of the DPA) and assessed via a documented TIA. |
Retention | 5 years (support history) |
Security measures | Access restrictions, encrypted storage |
Processing Activity 7 – Billing & Invoicing
Field | Description |
Purpose | Subscription management and invoicing |
Legal basis | Contract (Art. 6(1)(b)), Legal obligation (Art. 6(1)(c)) |
Data subjects | Merchants |
Personal data | Billing name, email, invoice details |
Source | Merchant input, Shopify billing |
Recipients / subprocessors | Accounting & payment providers |
International transfers | Yes. Data may be processed and stored in the United States and other regions by billing subprocessors (Shopify).
Transfers are protected by SCCs (as outlined in Appendix B of the DPA) and assessed via a documented TIA. |
Retention | 7–10 years (legal requirement) |
Security measures | Encrypted storage, limited access |