Cleverific Security

Cleverific handles order data for thousands of Shopify stores. Here's how we keep that data secure.

How Cleverific handles your data

Cleverific is a Shopify app that runs entirely within Shopify's ecosystem. We don't store your order data on separate servers or create copies of your customer information. When you or your customers make edits through Cleverific, those changes happen directly in Shopify.

What we access

Cleverific requests access to:

  • Orders: To display and modify order details

  • Products: To show product options during edits

  • Customers: To verify customer identity for self-service

  • Shipping: To display and update shipping methods

We only request the permissions needed to make Cleverific work. We don't access financial data like credit card numbers. Shopify handles all payment processing.

Shopify integration security

Cleverific integrates with Shopify through official APIs and checkout extensibility. This means:

  • All data transmission uses HTTPS encryption

  • Authentication happens through Shopify's OAuth system

  • Customer self-service uses Shopify's built-in customer authentication

  • We follow Shopify's app security requirements and undergo their review process

We've been in the Shopify App Store since 2015, maintaining compliance with their security standards throughout.

PCI compliance

Cleverific doesn't process, store, or transmit credit card data. All payment information stays within Shopify's PCI-compliant systems. When customers pay for order modifications, that transaction goes through Shopify's checkout, not through us.

Access controls for merchants

You control what your customers and staff can do with Cleverific:

  • Feature toggles: Enable or disable specific editing capabilities (address changes, cancellations, quantity updates)

  • Time windows: Set how long after purchase customers can make self-service changes (from 5 minutes to unlimited)

  • Order tags: Restrict editing to specific orders using Shopify tags

  • Product restrictions: Exclude certain products from self-service editing using product tags

  • Fraud protection: Configure how Cleverific handles medium and high-risk orders

Customer identity verification

When customers use the self-service portal, they authenticate through Shopify's customer account system. Customers can only view and edit their own orders. They can't access other customers' information. The portal uses single sign-on, so customers don't need separate login credentials for Cleverific.

Data retention

Order data lives in your Shopify store. Cleverific reads and writes to Shopify's systems but doesn't maintain separate copies of your order history. If you uninstall Cleverific, your order data remains in Shopify exactly as it was. We don't take anything with us.

  • Customers authenticate through Shopify's customer account system and can access orders tied to their email.

  • Yes. Cleverific doesn't store customer data independently. All information remains in your Shopify store. For details, see our Data Processing Agreement.

  • No. All payment processing goes through Shopify's PCI-compliant checkout. We never see or store payment data.