Compliance
Data Processing
This page explains how data is processed within DPD, how responsibilities are divided, and how the platform is designed to support fraud prevention while limiting unnecessary exposure of personal information.
1. Overview
DPD processes operational and behavioral data to help e-commerce merchants identify potentially risky cash-on-delivery orders before they are processed or shipped.
The platform is designed to process risk-relevant information in a controlled way, with an emphasis on behavioral signals, limited exposure, and business-use restrictions.
2. Roles and Responsibilities
DPD acts as a fraud-intelligence and processing layer.
Merchants remain responsible for the data they collect, the legal basis for using it, and the decisions they make based on the platform’s outputs.
- Merchant: responsible for collecting and submitting data lawfully.
- DPD: responsible for processing submitted signals in line with the platform’s fraud-prevention purpose.
- Merchant: responsible for customer-facing decisions and operational actions.
3. Data Submitted by Merchants
Data submitted to DPD may include phone numbers, order-related events, delivery outcomes, and other fraud-relevant operational signals.
- Phone numbers used as operational identifiers
- Order behavior and transaction outcomes
- Merchant feedback related to fraud or abuse patterns
- Technical usage data associated with platform use
DPD is not designed to expose personal identity information or function as a public people-search service.
4. Purpose of Processing
Data is processed to support fraud detection, risk scoring, signal analysis, and operational decision support for merchants.
- Identify suspicious order patterns
- Generate risk scores and related indicators
- Improve fraud-detection quality over time
- Support secure platform operation and abuse prevention
Behavioral signals, not identity exposure
DPD is built around behavioral and transactional patterns. The platform’s purpose is to help merchants evaluate risk, not to expose private identity information.
5. Data Sharing and Exposure
DPD does not publicly expose personal data and does not provide unrestricted access to underlying submitted information.
- No public search interface for personal identities
- No resale of merchant-submitted data
- No disclosure of direct personal identity information as part of normal service use
Any outputs shown to merchants are limited to what is necessary for fraud-prevention use within the scope of the platform.
6. Retention and Minimization
DPD applies a data-minimization approach and aims to retain data only for as long as reasonably necessary to support platform operation, fraud detection, security, and compliance needs.
- Unnecessary personal exposure is avoided by design
- Processing is limited to risk-relevant data categories
- Retention is aligned with operational and compliance needs
7. Compliance Approach
DPD is designed to support responsible data processing by clearly separating the merchant’s role from the platform’s processing role.
Merchants must use the platform responsibly.
Merchants remain responsible for ensuring that the data they submit is collected and used in compliance with applicable laws, contractual obligations, and internal policies.
DPD’s role is to process risk-relevant signals in a controlled environment for fraud-prevention purposes. It does not remove the merchant’s legal or operational responsibilities.