Zubby AI
  • Pricing
Sign inStart free trial
  • Welcome
  • Settings overview
  • AI provider & model
  • AI budget & cost caps
  • Brand voice
  • Canned replies
  • Team & roles
  • SLA & business hours
  • API keys
  • Legal & compliance documents
  • Notifications
  • Audit log
  1. Docs
  2. Settings overview
  3. Legal & compliance documents

Legal & compliance documents

The Legal tab gives you two ready-made compliance documents, pre-filled with your store and merchant details: a Data Processing Addendum (DPA) and a privacy policy. They’re the kind of paperwork EU regulators and larger B2B prospects ask for. Find the tab under Settings → Brand → Legal, or go to /app/<storeId>/settings/legal. The page header reads Legal documentswith the kicker “Compliance.”

Pre-filled with your details

Both templates are populated server-side with your current store and merchant metadata, so the names and identifiers in the document match your account — you don’t start from a blank form.

Data Processing Addendum

A GDPR and UK GDPR–compliant DPA describing how Zubby processes shopper data on your behalf as your data processor. It’s the contract you give a customer (or that a B2B buyer’s legal team requests) to document the data-processing relationship.

Click Download DPA to fetch it. The intended workflow is simple: download, sign, and counter-sign with your customer.

Privacy policy

A plain-text privacy policy describing how Zubby handles shopper data on your behalf. It’s written to drop into your store footer alongside your own policies. Click Download privacy policy to get it.

How downloads work

Each button links to a dedicated export endpoint that generates the document for your store on the fly — the DPA and privacy policy are served from /api/v1/exports/legal/<storeId>/dpa and /api/v1/exports/legal/<storeId>/privacyrespectively. Because they’re generated from live data, re-downloading after you update store details gives you a refreshed copy.

A starting point, not legal advice

The page is explicit: these templates are a starting point and not a substitute for legal review. Have your own counsel sign off before you publish or sign anything. Zubby provides the scaffolding; the legal responsibility for what you publish is yours.

When you’ll need these

  • Closing B2B deals— enterprise buyers routinely require a signed DPA before they’ll let a vendor process data.
  • Selling into the EU/UK— GDPR expects a clear processor agreement and a published privacy policy.
  • Responding to a data-protection questionnaire— having a pre-filled DPA on hand shortens vendor review cycles.

Related

For the account-protection controls that sit alongside compliance, see Security. Data-subject requests and shopper privacy controls connect to the broader privacy tooling — review your Settings overview for where those live, and the pricing page for plan availability.

Was this page helpful?

Still stuck? Contact support with the URL of this page (/docs/settings/legal).

PreviousAPI keysNextNotifications

Footer

Zubby AI

The AI sales agent for Shopify and WooCommerce. Learns your store, guides shoppers in real time, and recovers the revenue you would have otherwise lost.

System status

Product

  • All Features
  • AI Sales Agent
  • Cart Rescue
  • Widget Designer
  • Multi-Language
  • Pricing
  • Changelog

Solutions

  • Solutions Hub
  • Cart Recovery
  • Product Discovery
  • 24/7 Support
  • Upsell + Cross-sell
  • Conversion Optimization

Industries

  • Fashion & Apparel
  • Beauty & Cosmetics
  • Electronics
  • Jewelry & Accessories
  • Food & Beverage
  • Health & Wellness

Integrations

  • Shopify
  • WooCommerce
  • All integrations
  • vs Rep AI
  • vs Tidio
  • vs Klaviyo
  • vs Gorgias

Resources

  • Documentation
  • Guides
  • ROI Calculator
  • Glossary
  • Answers (AI Q&A)
  • Blog
  • Case Studies

Company

  • About
  • Careers
  • Contact
  • Trust
  • Security
  • Status
  • Privacy
  • Terms

© 2026 Zubby AI, Inc. All rights reserved.

Built for merchants.Made with care.