Enterprise procurement teams have one question before they sign off on any new vendor: how do you handle our data? For a swag platform, that question covers employee addresses, payment information, HR integrations, and order history. Merchloop was built with these concerns in mind, and this article walks through exactly how data is collected, stored, and protected across every part of the platform.
Does Merchloop Store Employee Addresses and Personal Information?
Merchloop collects only the minimum personal data required to fulfill an order and ship it to the correct recipient. Employee names, shipping addresses, and size preferences are captured at the point of redemption and used solely for order fulfillment.
Critically, Merchloop's on-demand swag model means there is no warehouse of pre-packaged kits sitting on a shelf with employee names attached. Every item is printed or embroidered after an order is placed, so personal data is never linked to idle physical inventory.
Address data entered through Merchloop's redemption links and address capture workflow is never shared with third-party advertisers or sold. It exists for one purpose: getting the right item to the right person.
How Does the Zero-Inventory Model Reduce Data Risk?
The zero-inventory model is a genuine security advantage, not just a cost benefit. Because Merchloop prints on demand, there is no bulk employee data file sitting in a warehouse management system cross-referencing thousands of home addresses to pre-built welcome kits.
Traditional swag platforms require admins to upload large employee rosters in advance so inventory can be pre-allocated. That roster — containing names, addresses, job titles, and sometimes hire dates — lives in a third-party system indefinitely. Merchloop eliminates this exposure entirely.
Each redemption event is transactional: a recipient clicks a link, enters their address, and the order is created. The data lifecycle is short, purposeful, and contained.
What Platform Infrastructure Does Merchloop Run On?
Merchloop's on-demand platform is built on Shopify's enterprise-grade infrastructure, which means it inherits Shopify's SOC 2 Type II compliance, PCI DSS Level 1 certification for payment processing, and 256-bit SSL encryption across all storefronts.
This matters for enterprise IT reviews. Rather than asking Merchloop to produce a custom security audit from scratch, IT teams can reference Shopify's publicly available compliance documentation, which covers data residency, encryption at rest and in transit, and incident response procedures.
Payment card data is never stored on Merchloop's servers. All transactions are tokenized and processed through Shopify Payments or other PCI-compliant payment gateways, depending on the store configuration.
How Does Merchloop Handle HR and CRM Integration Data?
When Merchloop connects to HR systems, CRMs, or Slack, data flows are scoped to the minimum permissions required for the integration to function. A connection to an HRIS, for example, might pull new hire start dates to trigger a welcome kit — nothing more.
Integration credentials are stored using OAuth 2.0 tokens, not hardcoded passwords. Admin users control which data sources are connected, and those connections can be revoked at any time from the Merchloop admin dashboard.
For teams building custom workflows, Merchloop's API access follows role-based permission scoping, so developer tokens can be limited to read-only or specific endpoints. You can review the technical details in our guide to building custom swag workflows with Merchloop's API.
Does Merchloop Sign Data Processing Agreements (DPAs)?
Yes. Enterprise customers operating under GDPR, CCPA, or similar data protection regulations can request a Data Processing Agreement (DPA) with Merchloop. A DPA formally defines the roles of data controller (your company) and data processor (Merchloop), establishes lawful bases for processing, and outlines breach notification timelines.
If your legal or compliance team requires a DPA before onboarding, reach out to Merchloop's enterprise support team. This is a standard part of enterprise vendor onboarding and does not require a minimum spend or long-term contract to initiate.
How Are Company Store Admin Accounts Secured?
Admin accounts on Merchloop's free company store are protected by password authentication and can be configured with role-based access controls so different team members have appropriate permission levels. A marketing coordinator managing a redemption campaign does not need — and should not have — access to billing or full order history exports.
Merchloop supports multi-admin configurations, which is essential for enterprise teams where HR, finance, and marketing may all interact with the same store for different purposes. Budget controls and approval workflows add another layer of governance on top of access controls. You can explore how those work in our guide to budget controls and approval workflows for enterprise swag programs.
How Does Merchloop's US-Based Production Affect Data Residency?
Merchloop's vertically integrated production facility is US-based, with printing and embroidery handled under one roof. This means order data associated with production — item specs, branding files, quantities — stays within US jurisdiction and is not routed through overseas fulfillment partners who may have different data handling standards.
For enterprise customers with data residency requirements, this is a meaningful distinction. Many swag platforms outsource production to international contract manufacturers, which creates additional data transfer complexity under GDPR Article 46 and similar cross-border transfer rules.
How Does Merchloop Compare to Other Swag Platforms on Security?
The table below summarizes how Merchloop's security and privacy architecture compares to common alternatives at a structural level.
| Platform | Inventory Model | Address Data Exposure | Production Location | PCI DSS Compliance | DPA Available |
|---|---|---|---|---|---|
| Merchloop | Zero inventory, on-demand | Low — captured per transaction only | US-based, in-house | Yes (via Shopify PCI Level 1) | Yes |
| SwagUp | Pre-packaged inventory warehoused | Higher — roster uploaded in advance | US warehouse + overseas production | Yes | Yes |
| Swag.com | Inventory-based with storage | Higher — bulk employee lists required | Mixed domestic/overseas | Yes | Yes |
| Sendoso | Gifting platform with warehouse | Higher — CRM sync with broad permissions | Fulfillment centers, mixed | Yes | Yes |
Note: All major swag platforms offer baseline compliance. The structural difference is how much personal data must be collected and stored in advance. Merchloop's on-demand model minimizes upfront data exposure by design.
What Should Enterprise IT Teams Ask Any Swag Vendor?
Before approving a swag platform, enterprise IT and procurement teams should ask these seven questions of any vendor:
- Do you store employee addresses beyond order fulfillment? Ask for a data retention policy.
- What certifications does your payment processing carry? PCI DSS Level 1 is the standard.
- Will you sign a Data Processing Agreement? Required for GDPR and CCPA compliance.
- How are admin access and permissions managed? Role-based controls are essential for enterprise teams.
- Where is production and fulfillment located? Cross-border data transfers create compliance complexity.
- How are API tokens and integration credentials stored? OAuth 2.0 tokens are the current standard.
- What is your breach notification timeline? GDPR requires 72-hour notification to supervisory authorities.
Build the Kit
Shop the welcome kit.
Every item below is on demand and unlocked at zero minimums in the Merchloop catalog. Combine them, edit colors, add your logo, and ship to one address or fifty.
Frequently Asked Questions
Does Merchloop sell or share employee data with third parties?
No. Employee names, addresses, and size preferences collected through Merchloop are used solely for order fulfillment. This data is never sold to or shared with third-party advertisers. Merchloop's parent company, Stoked On Printing, has operated since 2011 and maintains a straightforward data use policy tied entirely to production and delivery.
Is Merchloop compliant with GDPR and CCPA?
Merchloop's on-demand platform is built on Shopify infrastructure, which supports GDPR and CCPA compliance requirements. Enterprise customers who need a formal Data Processing Agreement to document controller and processor roles can request one through Merchloop's enterprise support team. Compliance obligations ultimately depend on how your organization configures and uses the platform.
How long does Merchloop retain order and address data?
Order data is retained for the purposes of order history, billing records, and customer support resolution. If your organization has specific data retention requirements — for example, automatic deletion of address records after 90 days — this can be discussed as part of an enterprise DPA negotiation. Contact Merchloop's enterprise team to document a custom retention schedule.
Can we restrict which employees can access the Merchloop admin portal?
Yes. Merchloop's free company store supports multi-admin configurations with different permission levels, so HR, finance, and marketing teams can each have access scoped to their function. Limiting access to billing and full order exports to senior administrators is a standard configuration for enterprise accounts.
Does Merchloop's rush order option affect how data is handled?
No. Whether an order is placed on the standard 7 to 10 business day timeline or as a rush order fulfilled in 3 to 5 business days (at a 30% surcharge), the same data handling practices apply. The rush option affects production priority within Merchloop's in-house US production facility, not the security or privacy model for the order.
