BonsaiStudio

Legal

Privacy Policy

Last updated 11 June 2026

The short version: we collect what's needed to run your warehouse and nothing more, we never sell data, and when you leave, your data leaves with you.

Who we are

Bonsai Studio ("we", "us") is an independent software studio based in the United Kingdom. We operate this website (bonsaistudio.dev) and Bonsai WMS, a cloud-based warehouse management system for e-commerce fulfilment. For anything in this policy, contact hello@bonsaistudio.dev.

For data processed in Bonsai WMS we generally act as a processor on behalf of our customers (the merchants who subscribe), who remain the controllers of their operational data. For website enquiries and account administration we act as the controller.

What we collect

  • Account data — your name and email address, managed through our authentication provider (Auth0), plus the organisation you belong to.
  • Operational data — the warehouse data your team puts into Bonsai WMS: products, stock levels, locations, purchase orders, and the orders you fulfil, including your customers' names, shipping and billing addresses, and contact details where your sales channel provides them.
  • Connected store data — when you connect a Shopify store, we receive products, orders, inventory levels and fulfilment status over Shopify's API and webhooks, strictly to operate your warehouse. Access tokens are encrypted at rest.
  • Website enquiries — if you use the contact form we receive what you send us, delivered by our email provider (Resend).
  • Technical data — server logs and, where enabled, error reports (Sentry) that may include request metadata. We do not run advertising trackers.

Why we process it

  • To provide the service — syncing orders, running pick/pack/ship workflows, generating shipping labels and pushing fulfilment status back to your sales channel (performance of contract).
  • To operate and secure our systems — monitoring, debugging and preventing abuse (legitimate interest).
  • To respond when you contact us (legitimate interest).
  • To bill subscriptions — payment details are handled by Stripe; we never see or store card numbers.

Shopify merchants and their customers

If you connect a Shopify store, end-customer data (names, addresses, order contents) enters Bonsai WMS solely so your warehouse can fulfil those orders. We do not sell it, enrich it, advertise with it, or use it for any purpose beyond fulfilment.

We honour Shopify's mandatory privacy webhooks. When a customer asks their store to erase their data (customers/redact), we automatically erase their name, addresses and order notes from the affected orders while keeping the anonymous operational record (items, quantities, stock movements). When a store is uninstalled and Shopify issues shop/redact, we delete the store's connection and its marketplace data. When a customer requests a copy of their data (customers/data_request), we compile what we hold from your order history and provide it to you, the merchant, within 30 days.

Who we share data with

We use a small set of service providers to run the product, each receiving only what their role requires. The current list is also published on our sub-processors page.

  • Railway — application hosting (backend services)
  • Neon — managed Postgres databases
  • Netlify — public marketing website hosting
  • Auth0 — authentication and login
  • Sendcloud — shipping labels (receives recipient name and address so a carrier can deliver the parcel)
  • Stripe — subscription billing
  • Resend — transactional email for the contact form
  • Sentry — error monitoring (where enabled)

Retention and leaving

Operational data is retained while your organisation has an active account, because warehouses need their history. If you cancel, we will provide a full export on request, then delete or anonymise your organisation's live operational data within 90 days of account closure. Shopify privacy redactions are handled through compliance webhooks. Residual copies may remain in encrypted provider backups until those backups expire. More detail is published in our data retention policy.

Security

All traffic is encrypted in transit (TLS). Marketplace access tokens and carrier credentials are encrypted at rest. Each organisation's data is isolated by tenant throughout the system, and every inventory movement is recorded in an audit trail.

Your rights

Under UK and EU data protection law you can ask us for access to, correction of, or deletion of your personal data, and you can object to or restrict processing. Email hello@bonsaistudio.dev and we'll respond within a month. If your data reached us through a merchant using Bonsai WMS, we may direct the request to them as the controller, or assist them in fulfilling it. You can also complain to the ICO (ico.org.uk) or your local supervisory authority.

International transfers

Our infrastructure runs in the UK/EU where available. Where a provider processes data outside the UK/EEA, transfers are covered by adequacy decisions or standard contractual clauses.

Changes

If this policy changes materially we will update this page and note the date above. Continued use of the service after a change constitutes acceptance.