This policy describes how the Thank You Page Suite App ("the App") processes personal data of:

- Merchants — Wix users who install the App. The App reads minimal identifying information about the merchant's site and installation (Wix instance ID, site ID, plan tier, owner email if exposed by Wix).

- End-customers — visitors to the merchant's Wix store who reach the Thank-You page after a purchase. The App reads order data and collects feedback submissions from this group.

The App is published by Karpo Studio but all personal data the App reads or writes is stored inside the merchant's own Wix Data collections, hosted on Wix's infrastructure. Karpo Studio operates no separate database, no analytics warehouse, no email pipeline, and no customer-relationship system into which this data is copied. The App's backend code (Wix web methods) executes inside the merchant's Wix tenant and reads and writes within that tenant only.

Concretely:

- Order data is read on demand via the Wix Ecom SDK from the merchant's own order store.

- Feedback (rating, text, click events) is written to the `customer-feedback` data collection inside the merchant's own Wix instance.

- App settings (which sections are enabled, design choices, personal-note rules) are written to the `app-settings` data collection inside the merchant's own Wix instance.

Karpo Studio personnel do not have routine access to this data. Access is technically possible only when a merchant grants explicit support access via Wix's standard merchant-support flow, and only for the duration of that support session.

For personal data of end-customers processed via the App:

- The merchant is the controller (Art. 4(7) GDPR). The merchant decides whether to install the App, which sections to enable, what content their customers see, and how long to retain feedback.

- Karpo Studio is a processor (Art. 4(8) GDPR) acting on the merchant's documented instructions, with the App's documented behaviour and the merchant's configuration choices serving as those instructions.

- Wix.com Ltd and Wix Online Platforms Limited are the platform sub-processor (they host the merchant's instance, store the data, and operate the SDKs the App uses).

For personal data of merchants themselves (Wix instance metadata, support correspondence): Karpo Studio acts as controller for the narrow purposes of providing support, fixing bugs, and complying with Wix's developer agreement.

4.1 Website Hosting (Wix.com)

​

This website is hosted by Wix.com Ltd. (40 Namal Tel Aviv St., Tel Aviv 6350671, Israel). When you visit our website, Wix automatically collects and stores technical data in server log files, including your IP address, browser type and version, operating system, referrer URL, date and time of access, and pages visited.

​

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in stable and secure website operation).

​

Wix acts as our data processor under a Data Processing Agreement (DPA) in accordance with Art. 28 GDPR. Transfers to Israel are covered by the EU Commission's adequacy decision (Art. 45 GDPR). Transfers to the United States are covered by the EU-US Data Privacy Framework and Standard Contractual Clauses (Art. 46(2)(c) GDPR).

​

4.2 Customer Account and Order Processing

​

When you place an order, we collect and process: name, email address, billing and shipping address, phone number (if provided), order details, and payment information.

Legal basis: Art. 6(1)(b) GDPR (contract performance). Retention period: Order data is retained for 8 years from the end of the calendar year in which the transaction occurred, as required by German tax and commercial law (§ 147 AO, § 257 HGB).

​

4.3 Payment Processing

​

We use the following payment service providers:

• PayPal (Europe) S.à r.l. et Cie, S.C.A. — acts as an independent data controller for payment data. Legal basis: Art. 6(1)(b) GDPR.

• Stripe Payments Europe, Limited — acts as our data processor for credit card payments. Legal basis: Art. 6(1)(b) GDPR.

• Wix Payments — payment processing integrated into the Wix platform. Legal basis: Art. 6(1)(b) GDPR.

• SEPA bank transfer — processed by N26 Bank GmbH, Voltairestr. 8, 10179 Berlin. Legal basis: Art. 6(1)(b) GDPR.

​

4.4 Shipping and Delivery

​

To fulfill your order, we share your name, delivery address, and (if provided) phone number and email address with our shipping providers, primarily Deutsche Post / DHL Paket GmbH.

Legal basis: Art. 6(1)(b) GDPR (contract performance); Art. 6(1)(c) GDPR (legal obligation for customs declarations).

​

4.5 Email Communication

​

We use your email address to send order confirmations, shipping notifications, and responses to inquiries. If you subscribe to our newsletter, we process your email address based on your consent. Legal basis: Art. 6(1)(b) GDPR (transactional emails); Art. 6(1)(a) GDPR (newsletter).

​

4.6 Contact Form and Email Inquiries

​

When you contact us, we process the data you provide (name, email, message content) to respond to your inquiry.

​

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries).

​

Retention: Inquiry data is retained for 3 years from the last contact, unless longer retention is required by law.

Order ID

Read from the URL of the merchant's Thank-You page. Used to match each feedback submission to the order it belongs to. Legal basis: Art. 6(1)(b) GDPR — necessary to perform the post-purchase experience the customer initiated.

Buyer first name and last name

Read from the Wix Ecom order (`recipientInfo.contactDetails`). Used to render personalised thank-you notes and to populate the recent-feedback table the merchant sees. Legal basis: Art. 6(1)(f) GDPR — legitimate interest of the merchant in post-purchase engagement.

Buyer email

Read from the Wix Ecom order (`buyerInfo.email`). Used to identify repeat buyers for personal-note targeting rules and stored on the feedback row for the merchant's own reference. Legal basis: Art. 6(1)(f) GDPR legitimate interest.

Order number, total price, currency

Read from the Wix Ecom order. Used to display order context in the recent-feedback table and to aggregate analytics for the merchant. Legal basis: Art. 6(1)(f) GDPR legitimate interest.

Shipping country and shipping method

Read from the Wix Ecom order. Used to compute the delivery ETA window shown to the customer on the Thank-You page. Legal basis: Art. 6(1)(b) GDPR — necessary for the post-purchase experience.

Product IDs on the order

Read from the Wix Ecom order. Used to match Product Care rules and Personal Note rules against the specific items in the customer's basket. Legal basis: Art. 6(1)(b) GDPR.

1–10 satisfaction rating

Submitted voluntarily by the end-customer through the feedback widget. Used to collect customer feedback for the merchant. Legal basis: Art. 6(1)(f) GDPR legitimate interest; consent under Art. 6(1)(a) is inferred from the customer's voluntary submission.

Free-text feedback

Submitted voluntarily by the end-customer. Used to collect open-ended customer feedback for the merchant. Legal basis: Art. 6(1)(f) GDPR; voluntary submission.

Click events on review, loyalty, and social CTAs

Captured when the end-customer interacts with the relevant button or link on the Thank-You page. Used to give the merchant engagement analytics about which calls-to-action customers respond to. Legal basis: Art. 6(1)(f) GDPR legitimate interest.

Form factor (mobile, desktop, tablet)

Inferred from the customer's browser at the moment of interaction. Used as part of the merchant's engagement analytics. Legal basis: Art. 6(1)(f) GDPR legitimate interest.

---

The App does not process special-category data (Art. 9 GDPR) by design. End-customers are advised in the feedback widget not to include sensitive personal information in free-text. If such information is nonetheless submitted, the merchant as controller is responsible for handling it appropriately.

End-customers have the rights of access, rectification, erasure, restriction, portability, and objection regarding their personal data. Because the merchant is the controller, end-customer rights requests should be addressed to the merchant who operates the Wix store where the feedback was submitted. That merchant retains direct control over the data via the Wix CMS and can fulfil access, deletion, and portability requests without Karpo Studio's involvement.

If the merchant requires technical assistance to fulfil a rights request — for example, to identify all feedback rows tied to a specific buyer email — Karpo Studio will assist within a reasonable time, in line with its processor duties under Art. 28(3)(e) GDPR. Contact: info@karpo.studio

End-customers may also complain to a supervisory authority. In Berlin: Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstr. 219, 10969 Berlin, mailbox@datenschutz-berlin.de

The App does not set non-essential cookies, does not use behavioural tracking, and does not embed third-party analytics, marketing pixels, or fingerprinting scripts on the merchant's Thank-You page. The only client-side state the App relies on is the order ID present in the Thank-You page URL — which is generated and managed by Wix Stores, not the App.

In the merchant Dashboard, the App uses `localStorage` to remember whether the merchant has dismissed certain in-app banners and which roadmap items they have voted on. This local state contains no personal data and is strictly necessary for the App's user-interface state per § 25 (2) Nr. 2 TDDDG (formerly TTDSG); no separate cookie-consent banner is therefore required for the App's own storage.

Wix

The App relies on a single sub-processor: Wix.com Ltd (Israel) and Wix Online Platforms Limited (Ireland). Wix provides the platform hosting, the Wix Data CMS where the App's collections live, the Wix Ecom SDK used to read order data, the Wix Pricing Plans service used to determine the merchant's tier, and the Wix billing that processes merchant payments.

International transfers within Wix

The European Commission confirmed Israel's adequate level of data protection (renewal published January 2024), so EU-to-Israel transfers within Wix's infrastructure are covered by an adequacy decision. Wix may use further sub-processors in additional regions; Wix maintains its own list and adequacy mechanisms at [support.wix.com/en/article/list-of-wixs-sub-processors](https://support.wix.com/en/article/list-of-wixs-sub-processors).

No other sub-processors

Karpo Studio uses no other sub-processors for App operation. If this changes — for example, if Karpo introduces server-side error monitoring — this list will be updated and merchants notified via the in-app "What's new" stream at least 30 days in advance.

Karpo Studio does not control retention because Karpo Studio does not host the data. Configuration and feedback rows persist in the merchant's Wix Data collections for as long as the merchant chooses. Specifically:

- Uninstalling the App does not delete feedback rows or settings. The merchant must delete them via the Wix CMS (or the Wix Data API) if they want them removed.

- Plan downgrade does not delete previously collected feedback; it only enforces forward-going section and rule limits.

- Karpo Studio recommends merchants document a retention period appropriate to their business and applicable law (often 6 years for tax-relevant records in Germany; shorter for pure marketing feedback).

- All communication between the merchant's browser, the App's backend, and the Wix data layer uses TLS-encrypted HTTPS connections operated by Wix.

- Data at rest is encrypted by Wix per Wix's security disclosures (see the Wix Trust Center). Karpo Studio does not operate the storage and therefore cannot make additional encryption claims about the underlying volumes.

- Backend endpoints follow least-privilege Wix permission rules. Public endpoints exposed to end-customers (rating submission, feedback text, engagement clicks) are rate-controlled at the application layer, deduplicated to prevent log-tampering, log only a hashed fingerprint of the order ID, and never echo personally identifying error details to the caller.

- Karpo Studio maintains no copy of merchant or end-customer data on its own systems. Support requests that share a Wix Data row do so only for the duration of the support investigation and the row is not retained.

Personal data is stored in Wix's infrastructure. EU↔Israel transfers within Wix are covered by the European Commission's adequacy decision. Any further transfers Wix makes are covered by Wix's own transfer mechanisms (Standard Contractual Clauses or successor mechanisms) as documented on Wix's sub-processor page. Karpo Studio makes no separate international transfers.

Karpo Studio may update this Privacy Policy to reflect changes in the App, in Wix's platform, or in applicable law. Material changes will be announced via the App's in-dashboard notification and the App Market listing. The "Last updated" date at the top of this document indicates the current version.

For privacy or data-protection questions about the App specifically (as distinct from the merchant's own privacy practices on their Wix site):

- Email: info@karpo.studio

- Postal: see the Imprint for Karpo Studio's registered address

Karpo Studio is not currently required to appoint a Data Protection Officer under Art. 37 GDPR. The contact above is the named point for privacy enquiries.

---

By installing or continuing to use the Thank You Page Suite App after the "Last updated" date above, the merchant acknowledges this Privacy Policy. End-customers acknowledge the App's processing of their data through their voluntary interaction with the feedback widgets on the merchant's site, in the context governed by the merchant's own privacy policy.

​

For Karpo Studio's business identification, see the Imprint. For the App's contractual terms, see the Terms and Conditions.