Privacy Policy
Any translated version of this Privacy Policy is provided for convenience only. The English version controls in the event of any conflict.
Last updated and effective: March 26, 2026
This Privacy Policy describes how NextShelf, together with any affiliates or subsidiaries that may operate the platform now or in the future (collectively, “NextShelf,” “we,” “us,” or “our”), collects, uses, discloses, stores, and protects personal information in connection with our websites, applications, messaging tools, storefront services, checkout experiences, payment flows, analytics tools, and related offerings (collectively, the “Services”). This Privacy Policy also explains the choices available to you regarding your personal information, how you may access or update certain information, and how to contact us with questions, complaints, or requests.
NextShelf is a wholesale-first, business-to-business marketplace that also supports direct-to-consumer transactions. Our Services allow brands, suppliers, manufacturers, and other sellers to create storefronts, publish product listings, communicate with potential buyers, receive orders, receive payments through third-party payment infrastructure, manage fulfillment, and operate their presence on the platform. Our Services also allow retailers and other business buyers, as well as individual consumers where applicable, to browse products, favourite items, communicate with sellers, receive invoices, complete purchases, and manage orders.
For the purposes of applicable privacy laws, the entity operating NextShelf and determining the purposes and means of processing personal information in connection with the Services is:
NextShelf
Ontario, Canada
If we designate a Privacy Officer or similar privacy contact, that person or office may be contacted using the information in the Contact Information section below.
About This Privacy Policy
This Privacy Policy is intended to provide a detailed explanation of how personal information is handled when you interact with NextShelf online, including through our website and any related mobile or web-based experiences. We recognize that privacy laws increasingly require meaningful transparency. We therefore aim to explain not only what information we collect, but also why we collect it, how it is used, when it is shared, the risks that may arise from participating in a digital commerce platform, and the choices available to you.
Because NextShelf is a marketplace, some personal information is essential to the functioning of the platform. For example, if you are a seller, certain information is needed to establish your account, verify your identity or business, process payouts, publish your store, manage customer communications, and fulfill legal or tax requirements. If you are a buyer, certain information is needed to complete orders, provide invoices, arrange delivery, prevent fraud, and communicate order updates. Some information is optional. Other information is necessary if you want access to specific features. If you choose not to provide certain required information, we may not be able to provide some or all of the Services.
Scope of This Privacy Policy
This Privacy Policy applies to personal information we collect through the Services, including information collected when you browse the platform, create an account, create or manage a store, publish product listings, make or receive purchases, message another user, submit a review, contact support, sign up for communications, participate in promotions or surveys, or otherwise interact with NextShelf.
This Privacy Policy does not necessarily govern personal information handled entirely outside the Services by independent sellers in their own capacity. Sellers on NextShelf are independently responsible for the information they collect, use, or disclose outside of the platform or for their own separate business purposes. For example, if a seller independently collects customer information through its own website, social media page, point-of-sale system, or separate mailing list, those activities are governed by that seller’s own privacy practices, not this Privacy Policy. Likewise, payment processors, logistics providers, advertising partners, analytics vendors, and other third parties may maintain separate privacy policies that govern their own processing of data.
Information We Collect
We collect information about you in a variety of ways depending on how you interact with the Services. In general, we collect information directly from you, automatically through your use of the Services, from third-party service providers and partners, and in some cases from public or commercially available sources.
Information you provide directly
When you create an account, we may collect information such as your name, email address, password or authentication credentials, phone number, and account preferences. If you create a seller account or store profile, we may collect additional information such as your business or brand name, store name, slug, description, logo, website, product categories, business address, operating countries, business contact information, tax-related information, social media handles, and other profile information you choose to provide.
If you list or manage products, we may collect product descriptions, titles, pricing information, minimum order quantities, quantity pricing, variant pricing, shipping settings, photographs, videos, product specifications, fulfillment preferences, and similar listing content. If you use messaging features, invoices, or order tools, we may collect the content of messages, invoice details, customer notes, tracking information, fulfillment status updates, and other information you choose to create or submit through the platform.
If you place an order, request an invoice, pay for goods, or otherwise transact through the Services, we may collect shipping information, billing details, contact information, payment-related metadata, order history, transaction records, refund history, and information needed to facilitate the transaction. Full payment card details are generally processed by third-party payment providers rather than stored directly by us. If you are a seller receiving payouts, we or our payment partners may collect information necessary to verify your identity, assess eligibility, prevent fraud, and route funds, including legal business name, bank account details, government-issued identification information, tax identifiers, and related information required by law or by our payment processor.
If you contact customer support, respond to surveys, enter a contest or promotion, submit feedback, apply for a position, or otherwise communicate with us, we may collect your contact information and the contents of your communication, together with any attachments or supporting documents you provide.
Information collected automatically
When you browse or use the Services, we may automatically receive and record information from your browser, device, and interactions with the platform. This may include your IP address, browser type, operating system, device identifiers, approximate geographic location inferred from IP address, preferred language, referral URLs, dates and times of access, the pages and features you viewed, search queries, products viewed, clicks, cart activity, wish list or favorites activity, store visits, order flow activity, and similar usage information.
We may also collect technical information through cookies, pixels, local storage, SDKs, log files, and other similar technologies. These tools help us operate the Services, keep users signed in, maintain preferences, understand traffic and engagement, remember settings, measure the effectiveness of content and campaigns, and improve performance and reliability.
Information from third parties and other sources
We may receive information from service providers, payment processors, fulfillment and logistics partners, analytics vendors, authentication providers, advertising and marketing partners, fraud-prevention vendors, social media platforms, publicly available sources, and other third parties. For example, our payment processor may tell us whether a payment attempt succeeded or failed, whether an account has completed onboarding requirements, whether additional verification is needed, or whether a refund or dispute has been initiated. Delivery or shipping partners may tell us whether a shipment has been delivered, delayed, or undeliverable. Authentication or sign-in providers may make limited profile or login information available where you choose to use them.
We may also receive information about prospective sellers, brands, or business customers from referrals, public websites, or other lawful sources where relevant to business verification, fraud prevention, outreach, or account setup.
Information we infer or derive
From the information described above, we may generate or infer information about user interests, store activity, transaction history, purchasing behavior, engagement patterns, product preferences, or account risk indicators. For example, we may infer that a buyer is interested in a certain product category based on products viewed or favorited, or that a seller is operating in a certain segment based on its listings and settings. We may also generate internal analytics, fraud indicators, operational metrics, or ranking and recommendation signals based on platform activity.
Specific contexts in which information may be collected
Because NextShelf includes a variety of marketplace features, personal information may be collected in a number of distinct contexts.
Account registration and profile creation
When you register for an account, we collect information necessary to create and administer that account. Buyers may provide name, email address, phone number, shipping information, and account preferences. Sellers may provide additional store or business information such as store name, business address, brand description, product categories, operating countries, and public storefront information. We use this information to establish your account, authenticate access, allow you to use platform features, communicate with you about your account, and provide the Services.
Seller onboarding, business verification, and payout setup
If you create a store or wish to receive funds through the platform, we or our payment infrastructure providers may request additional information to verify your identity or business and to comply with legal, tax, payment network, anti-fraud, anti-money laundering, and other regulatory obligations. This may include legal entity information, beneficial ownership information, bank details, tax numbers, identification documents, proof of address, and in some cases documents or records demonstrating business activity. We use this information to verify the seller, enable payments and payouts, reduce fraud risk, comply with law, and assess eligibility for certain features.
Product listings and storefronts
If you publish product listings or build a public storefront, we collect the content you choose to provide, such as store descriptions, logos, product images, pricing, shipping settings, categories, and other public-facing information. Some of this information may be visible to other users or to the public, depending on the design of the relevant feature. We use this information to display your products and store, allow others to discover your offerings, facilitate communications, and operate marketplace functions.
Orders, checkout, payments, and fulfillment
If you make or receive an order, we collect information required to process the transaction and support order lifecycle management. This may include shipping name and address, contact details, order contents, pricing, payment status, transaction identifiers, order notes, invoices, fulfillment updates, tracking details, and refund activity. We use this information to complete the transaction, send confirmations, facilitate shipping and delivery, support returns or refunds, manage disputes, maintain records, and comply with accounting and legal obligations.
Messaging, invoices, and communications between users
If you use our messaging tools, we collect the content of messages, attachments, invoice content, timestamps, and related metadata. Messages may be stored, processed, reviewed, or monitored for security, fraud prevention, abuse detection, customer support, dispute handling, policy enforcement, or platform improvement purposes. Because messaging is an important platform feature, we may also use message-related information to facilitate communication between buyers and sellers, surface relevant order records, and support invoicing or transaction workflows.
Reviews, ratings, favorites, and user activity
If you submit a review, rating, or favorite an item, we collect and store that information and associate it with your account and platform activity where necessary. Reviews and ratings may be displayed publicly or to other users in connection with products or stores. Favorites and browsing behavior may be used to improve the relevance of the marketplace experience, personalize product discovery, and support analytics or recommendation features.
Analytics and marketing activity
We may collect information about how users arrive at and engage with the Services, including through cookies, analytics tools, referral mechanisms, and campaign measurement tools. This may include page views, link clicks, session activity, device information, campaign identifiers, and similar information. We use this information to understand traffic, improve user experience, evaluate product and marketing performance, and where permitted by law, support advertising and remarketing activities.
Customer support, surveys, and outreach
When you contact us, respond to support inquiries, complete a survey, or interact with promotional communications, we collect the information you provide and may combine it with account or transaction history in order to respond appropriately. We may use this information to provide support, troubleshoot issues, improve products and services, evaluate satisfaction, and where permitted, communicate with you about features, updates, or opportunities relevant to your account.
How We Use Information
We use personal information for the purposes described in this Privacy Policy and otherwise as permitted or required by law. In many cases, a single use of personal information serves multiple purposes at the same time.
We use personal information to provide, maintain, operate, support, secure, and improve the Services. This includes creating and administering accounts, enabling store creation, publishing listings, processing transactions, routing communications, managing checkouts, facilitating payouts through third-party payment processors, enabling refund workflows, operating analytics features, and supporting the functionality users expect from a commerce marketplace.
We use personal information to communicate with you. This includes sending service-related messages, account notifications, transaction confirmations, security alerts, product or order updates, support replies, and administrative notices. Subject to applicable law and your preferences, we may also send marketing communications, newsletters, promotional content, feature announcements, or invitations to participate in surveys, events, or referral programs.
We use personal information to personalize, optimize, and improve the Services. For example, we may use activity data, search behavior, favorites, product interactions, and order history to improve search results, product recommendations, ranking systems, storefront discovery, fraud prevention tools, internal reporting, and product design decisions.
We use personal information to verify identity, assess eligibility, prevent fraud, detect abuse, enforce our terms and policies, investigate suspicious activity, maintain platform integrity, and protect the safety, rights, and property of NextShelf, users, and third parties. This may include reviewing account activity, transaction patterns, message content, device signals, and verification records.
We use personal information to comply with legal, regulatory, financial, tax, accounting, security, and contractual obligations. For example, we may retain certain records to comply with tax reporting requirements, payment network rules, audit obligations, dispute handling, lawful requests, or obligations imposed by courts, regulators, or law enforcement.
We may use personal information to create de-identified, aggregated, or anonymized information that no longer reasonably identifies an individual. We may use such information for analytics, reporting, marketplace insights, operational improvements, product development, and other lawful purposes. Where we maintain information in de-identified form, we will not attempt to re-identify it except as permitted by law or as necessary to verify the effectiveness of our de-identification practices.
Legal Bases for Processing
Where applicable law requires a legal basis for processing personal information, we rely on one or more of the following grounds.
We process information where necessary to perform a contract with you or to take steps at your request before entering into a contract. This includes creating accounts, facilitating transactions, processing orders, enabling storefronts, sending service communications, supporting payments and refunds, and operating core marketplace features.
We process information where necessary to comply with legal obligations. This includes obligations related to payment processing, tax compliance, record retention, responding to lawful requests, preventing unlawful activity, and fulfilling other duties imposed by law.
We process information where necessary for our legitimate interests or the legitimate interests of others, provided those interests are not overridden by your rights and freedoms. These legitimate interests include operating and improving the Services, protecting the platform and its users, preventing fraud, conducting analytics, securing systems, understanding product performance, supporting internal administration, communicating with users, and growing the business responsibly.
Where required by law, we process information on the basis of your consent. This may include certain marketing communications, certain cookie or advertising technologies, or the processing of optional categories of information where consent is required. Where consent is the basis for processing, you may withdraw that consent, although doing so will not affect the lawfulness of processing that occurred before withdrawal.
How We Disclose Information
We may disclose personal information in the situations described below and otherwise as permitted or required by law.
Other users of the platform
Because NextShelf is a marketplace, certain information is shared between users as necessary to facilitate transactions and communications. If you place an order, the seller may receive information needed to fulfill that order, such as your name, shipping details, contact information, order contents, and relevant communications. If you are a seller, buyers may see your storefront information, product content, store contact details you choose to publish, and other business information associated with your listings or transactions. Messages, invoice content, order status updates, tracking information, and review content may also be made available to the relevant counterparty to the transaction or communication.
Service providers
We may share personal information with service providers that perform services on our behalf. These may include providers of cloud hosting, infrastructure, database management, authentication, analytics, communications, email delivery, customer support tools, payment processing, fraud detection, content moderation, file storage, search, logging, error monitoring, marketing services, and shipping or fulfillment support. These service providers are generally authorized to use the information only as needed to provide services to us or as otherwise permitted by law.
Payment processors and financial partners
We may disclose personal information to payment processors, payout providers, financial institutions, and related partners in connection with payments, payouts, refunds, disputes, verification, compliance, and fraud prevention. In your use of the Services, you may also be subject to the privacy practices and terms of those third parties. For example, if payments or seller payouts are handled through Stripe or a Stripe Connect account, information relevant to onboarding, verification, transaction processing, payout routing, or dispute handling may be collected or processed by Stripe in accordance with its own policies.
Affiliates and corporate transactions
We may disclose information to current or future affiliates, subsidiaries, parent entities, or related companies for purposes consistent with this Privacy Policy. We may also disclose or transfer personal information in connection with evaluating, negotiating, or completing a merger, acquisition, financing, corporate reorganization, sale of assets, insolvency proceeding, bankruptcy, or other transaction in which all or part of our business or assets are transferred. If such a transaction occurs, personal information may be among the assets transferred, subject to applicable law.
Professional advisors and legal compliance
We may disclose personal information to lawyers, accountants, auditors, insurers, regulators, courts, government agencies, law enforcement, or other third parties where necessary to comply with law, respond to legal process, protect rights, investigate wrongdoing, enforce agreements or policies, or respond to emergencies or safety issues. We may also disclose information where we believe in good faith that such disclosure is necessary to detect, prevent, investigate, or address fraud, misuse, illegal activity, security incidents, or threats to the rights, safety, or property of any person.
Advertising, analytics, and business measurement partners
Subject to applicable law and your settings or consent where required, we may disclose information or allow third parties to collect information through cookies, pixels, or similar technologies in order to help us understand the effectiveness of campaigns, measure engagement, provide analytics, or deliver more relevant advertising. This may include hashed identifiers, device or browser information, usage signals, campaign data, and related information. Even where we do this, we do not sell personal information for money. However, certain privacy laws may treat some targeted advertising or cross-context behavioral advertising practices as a “sale,” “sharing,” or similar regulated activity, and where required we provide applicable rights and controls.
Messaging, Storefronts, Reviews, and User-Generated Content
Certain aspects of the Services are designed to enable user interaction and public-facing commerce. If you create a store, publish a storefront, upload a logo or images, submit a review, post content associated with a public-facing profile, or otherwise use features intended to be visible to others, the information you submit may be visible to other users or to the public. This can include your store name, store description, product images, public business details, review content, product ratings, and certain order or fulfillment-related information where shown through platform features.
If you use messaging features, the recipient of your message will necessarily be able to see the message content and associated information. In addition, messages may be stored and reviewed by us for fraud prevention, abuse monitoring, dispute resolution, platform support, and policy enforcement. You should therefore avoid including highly sensitive information in messages unless it is clearly necessary and appropriate for the transaction or communication.
User-generated content that is made public or shared with other users may be copied, indexed, re-shared, or otherwise used by recipients or third parties. We are not responsible for the actions of others with respect to information you choose to make public or disclose to other users.
Cookies, Analytics, and Similar Technologies
We use cookies, local storage, pixels, log files, SDKs, and similar technologies to operate the Services and improve the user experience. These technologies may be used to remember login state, preserve settings, keep items in a cart, improve security, measure traffic, understand engagement, personalize certain aspects of the experience, and evaluate the performance of content, listings, storefronts, or campaigns.
Some cookies and similar technologies are necessary to the operation of the Services. Others help us analyze usage patterns, diagnose issues, understand how users interact with product discovery flows, and improve functionality. Subject to applicable law, we or our partners may also use these technologies to support advertising, remarketing, or audience measurement.
You may be able to control some cookie settings through your browser or device settings and, where available, through any cookie controls we provide on the site. If you disable certain cookies or storage technologies, parts of the Services may not function properly. For example, disabling certain technologies may interfere with login persistence, checkout flows, cart functionality, or preferences.
At this time, unless otherwise required by law, the Services may not respond to all browser-based “Do Not Track” signals in a uniform way.
Your Choices and Rights
Depending on where you live and the laws that apply to your information, you may have certain rights with respect to personal information. These rights may include the right to request access to personal information, to request correction of inaccurate information, to request deletion of information, to request a portable copy of certain information, to object to or restrict certain processing, to withdraw consent where processing is based on consent, or to opt out of certain marketing, targeted advertising, profiling, or similar uses where required by law.
You may be able to access, review, and update certain account information directly by logging into your account and visiting relevant settings pages. For example, you may be able to change account information, store details, shipping details, or some communication settings through the platform. In some cases, you may also be able to close your account or ask us to delete it. However, we may retain certain information for legal, accounting, fraud prevention, dispute resolution, tax, security, or recordkeeping reasons even after account closure or deletion request.
If you no longer wish to receive promotional emails, you may use the unsubscribe link in the message or adjust your communication preferences if those settings are available. Even if you opt out of promotional messages, we may still send you service-related communications, such as notices about your account, transactions, security, changes to policies, or support interactions.
If you would like to exercise privacy rights or make a request, you may contact us using the Contact Information section below. To protect privacy and security, we may take steps to verify your identity before responding to your request, including asking you to log into your account, confirm control of your email address, or provide additional information reasonably necessary to verify the request. In some circumstances, applicable law may permit or require us to limit, decline, or defer a request, including where we cannot adequately verify identity, where the request is manifestly unfounded or excessive, or where retention is required for legal or operational reasons.
We will not unlawfully discriminate against you for exercising rights granted by applicable privacy law.
How We Protect Information
We use reasonable administrative, technical, and organizational safeguards designed to protect personal information from unauthorized access, disclosure, misuse, alteration, and destruction. These safeguards may include encrypted connections, authentication controls, role-based access restrictions, database protections, environment segregation, logging, monitoring, backup systems, vendor due diligence, and internal processes designed to limit access to personal information to personnel who need it for legitimate business purposes.
Because no method of transmission over the internet and no method of electronic storage is completely secure, we cannot guarantee absolute security. There is always some residual risk that information may be accessed, disclosed, altered, or destroyed by unauthorized persons, whether through security incidents, system failure, human error, malicious attack, or other causes. You are responsible for maintaining the confidentiality of your account credentials and for notifying us promptly if you suspect unauthorized use of your account.
If we are required by law to notify individuals or regulators of a security incident involving personal information, we will do so in accordance with applicable law.
How Long We Retain Information
We generally retain personal information only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including to provide the Services, maintain business and financial records, comply with legal obligations, resolve disputes, enforce agreements, conduct audits, prevent fraud, and protect the integrity of the platform. The exact retention period depends on the nature of the information, the sensitivity of the information, the reasons it was collected, the purposes for which it is used, whether those purposes can be achieved through other means, applicable limitation periods, and any legal, tax, accounting, contractual, security, or compliance requirements.
For example, account data may be retained while the account remains active and for a period afterward to support reactivation, recordkeeping, support, fraud prevention, and legal compliance. Transaction and payout records may be retained longer because of tax, payment network, accounting, and audit obligations. Messaging, support, and dispute-related records may also be retained for a reasonable period to support investigations, abuse monitoring, security, and enforcement. In some cases, information may be de-identified or anonymized and retained in a form that no longer reasonably identifies individuals.
International Transfers of Information
NextShelf is based in Ontario, Canada, but our service providers, payment partners, infrastructure providers, analytics tools, and other systems may operate in other jurisdictions. As a result, personal information may be transferred to, stored in, or processed in jurisdictions outside your province, territory, or country of residence, including jurisdictions that may not provide the same level of data protection as the laws in your home jurisdiction.
Where we transfer personal information across borders, we take reasonable steps to ensure appropriate safeguards are in place. These may include contractual protections, vendor diligence, technical and organizational measures, and other lawful transfer mechanisms where required. Nevertheless, when personal information is processed in another jurisdiction, it may be subject to the laws of that jurisdiction and may be accessible to courts, law enforcement, regulators, or national security authorities in accordance with those laws.
By using the Services or otherwise providing information to us, you acknowledge that your information may be transferred to and processed in jurisdictions outside your place of residence, subject to applicable law.
Third-Party Websites and Services
The Services may contain links to third-party websites, integrations, applications, storefronts, payment systems, logistics services, or other external content and services. We do not control these third parties and are not responsible for their privacy practices. Their collection, use, and disclosure of information are governed by their own privacy notices and terms. We encourage you to review those policies before providing personal information or using those services.
This includes third-party payment processors, authentication providers, social media platforms, analytics vendors, advertising partners, shipping providers, and external websites that may be linked from listings, storefronts, messages, or other areas of the platform.
Children and Minors
NextShelf is not directed to children, and we do not knowingly collect personal information from children. We do not permit persons under the age of 18 to create accounts, list products, sell through the platform, or complete purchases through the Services. If you are under 18, please do not use the Services or send us personal information. If we learn that we have collected personal information from a person under 18 in circumstances where such collection is not permitted, we will take reasonable steps to delete that information as required by law.
If you believe a child or minor has provided personal information to us in violation of this policy, please contact us using the information below.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our Services, data practices, legal obligations, business operations, technology, or other factors. When we do, we will update the “Last updated and effective” date at the top of the policy. Changes will become effective when the revised Privacy Policy is posted, unless a different effective date is stated. Where required by law, we may provide additional notice of material changes, such as by email, in-product notice, or other appropriate means.
Your continued use of the Services after the effective date of an updated Privacy Policy constitutes acknowledgment of the revised policy to the extent permitted by law.
Contact Information
If you have questions, concerns, requests, or complaints regarding this Privacy Policy or our privacy practices, or if you would like to exercise a privacy right available to you under applicable law, please contact us at:
Privacy Contact / Privacy Officer
NextShelf
Ontario, Canada
Email: info@nextshelf.ca
If you are not satisfied with our response, you may have the right to make a complaint to a privacy regulator or data protection authority with jurisdiction over your complaint.
Additional Information for Residents of Certain Jurisdictions
Residents of some jurisdictions may be entitled to additional disclosures or rights. Where applicable law requires us to provide more specific information about categories of personal information collected, sources, purposes, disclosures, retention, or rights, we will do so through supplemental notices, jurisdiction-specific disclosures, or platform features.
For example, depending on the jurisdiction, you may have the right to know the categories of personal information collected, the categories of sources from which personal information is collected, the business or commercial purposes for collection or disclosure, the categories of third parties to whom information is disclosed, and the categories of information shared for targeted advertising or similar activities. You may also have the right to request access to specific pieces of information, request deletion, request correction, or opt out of certain types of targeted advertising, profiling, or data sharing.
Where required by law, we will honour such rights in accordance with applicable legal requirements and subject to lawful exceptions. If you submit a request through an authorized agent where permitted by law, we may require proof of the agent’s authority and separate verification of your identity.