Appearance
Data Protection on a Marketplace
Running a marketplace means you are not just a retailer: you are a data controller. Every order placed on your platform generates customer data that you are legally responsible for, regardless of which vendor fulfilled it.
This article covers 2 distinct challenges that every marketplace operator faces. First, the legal one: how to ensure customer and order data is stored and processed in compliance with local regulations. Second, the operational one: how to prevent vendors from collecting customer data in ways that circumvent your platform.
1. Data Management for Legal Compliance
Why it matters
As a marketplace operator, you sit between your customers and your vendors. As customers provide private data to your marketplace such as their names, addresses, and contact details, you have legal obligations on data storage and processing.
Local regulations differ in their specifics, but they converge on the same principle: the platform operator is accountable. Under GDPR in Europe, CCPA in California, or PDPA in Southeast Asia.
How this is handled
Data processing: Garnet handles everything, securely. As a Shopify app, Garnet processes the full range of data that flows through your marketplace: customer details, orders, products, commissions, and fulfilment statuses. This is necessary to operate core features such as order splitting, commission computation, and delivery synchronisation.
All of this data is processed under strict security measures: encrypted at rest and in transit, transmitted over HTTPS through secure APIs and a secured VPC, with webhook checksums to ensure integrity, access controls scoped by role, and real-time monitoring with full activity logging. For the complete list, see the security policy.
Data storage: only vendor data is stored in Garnet. Processing data is not the same as storing it. Customer, order, and product data remain in Shopify, which is SOC 2 Type II certified and GDPR-compliant.
Garnet stores only the vendor data strictly needed to operate the marketplace: email address, brand name, delivery address (only when using live shipping rates), and any additional fields the marketplace operator chooses to collect, such as phone number, logo, or business description, all configurable via vendor fields.
To be noted that financial and legal data (bank details, KYC documents, payout records) are never stored by Garnet: they live entirely within your payment provider (Stripe, Mollie, Airwallex, etc.).
Subprocessors and GDPR
Under GDPR, when you use third-party services to process personal data on your behalf, those services act as subprocessors. As the marketplace operator (data controller), you are responsible for ensuring each subprocessor meets GDPR standards.
In a typical Garnet marketplace, the chain of subprocessors looks like this:
| Subprocessor | Role | Data processed |
|---|---|---|
| Shopify | Hosting, checkout, customer records | Customer & order data |
| Garnet | Marketplace logic, order splitting, commissions | Vendor data, order routing |
| Payment provider (Stripe, Mollie, etc.) | Payments, payouts, KYC | Financial & legal data |
Each of these providers maintains its own GDPR compliance documentation and Data Processing Agreement (DPA). As the data controller, you should ensure that a DPA is in place with each subprocessor. Garnet's own data processing commitments are detailed in the privacy policy. If you need to sign a DPA with Garnet, contact us and we will provide one.
2. Data Management to Prevent Vendor Bypass
Why it matters
There is a second risk that operators often underestimate: vendors who use order data to work around your platform.
One of your vendors starts collecting customer data from their orders and uses it to engage those customers directly, outside of your marketplace. You lose visibility over those relationships, and potentially those customers, to a vendor who was supposed to be working with you, not around you.
Vendors who accumulate direct customer data can poach customers off-platform or simply mishandle sensitive information. This is both a business risk and a compliance risk: you lose control over where your customers' data ends up.
How Garnet handles it
The principle is data minimisation by design: vendors receive only what they need to fulfil an order, nothing more.
Vendors only see their own orders. Vendor access is scoped to the individual orders assigned to them. A vendor has no visibility into other vendors' orders, no access to platform-wide customer data, and no way to build a picture of customer behaviour across your marketplace.
You control exactly what vendors see. As the marketplace operator, you decide which customer fields are exposed to vendors on their own order via Admin Panel > Orders > Visible fields. Garnet's defaults work for most marketplaces, and you can adjust them based on your industry and business model. This configuration is fully documented in the order details section.
By default, here is what a vendor sees on an order:
| Field | Visible to vendor |
|---|---|
| Full name | Yes |
| Delivery address | Yes |
| Phone number | Yes |
| Obfuscated (a randomised alias) |
Customer emails are obfuscated by default. Rather than passing the real email address to vendors, Garnet replaces it with a randomised alias. Vendors receive enough information to fulfil and ship the order, but cannot build a contact list or re-engage your customers outside the platform. For more on how shipping works across vendors, see our guide on managing shipping on marketplaces.
Summary
Legal compliance
| Data type | Where it lives |
|---|---|
| Customer & order data | Shopify (SOC 2, GDPR-compliant) |
| Vendor profile data | Garnet (AWS, encrypted at rest and in transit) |
| Financial & legal data | Payment provider (Stripe, Mollie, etc.) |
Vendor data access
| Field | Visible to vendor |
|---|---|
| Full name | Yes |
| Delivery address | Yes |
| Phone number | Yes |
| Obfuscated (randomised alias) | |
| Other vendors' orders | Never |
The architecture described above ensures that customer data stays under your control, vendors get exactly what they need to operate, and nothing more passes through than necessary. If you're just getting started, check out our guide on how to start your marketplace.
For a full overview of Garnet's security commitments, see the security policy and privacy policy.