01 Information we collect
When you install [App Name] on your Shopify store, we collect the information necessary to provide our services. This falls into three categories:
| Category | Examples | Source |
|---|---|---|
| Store information | Store name, domain, email, currency, plan type | Shopify API |
| Content data | Products, collections, orders, customer records relevant to app features | Shopify API |
| Usage data | Feature interactions, error logs, performance metrics | App activity |
We only request the Shopify API scopes strictly required for [App Name] to function, and you can review the exact permissions on the app's installation screen at any time.
02 How we use it
We use collected information solely to operate, maintain, and improve [App Name]. Specifically, to:
- Deliver the core functionality you installed the app for
- Provide customer support and troubleshoot issues you report
- Monitor performance and fix bugs
- Send essential service notices, such as billing or outage updates
- Improve features based on aggregated, anonymized usage patterns
We do not use your store's customer data to train machine learning models, and we do not sell it to data brokers.
05 Data retention
We retain your data only for as long as your store has [App Name] installed, or as needed to comply with legal obligations, resolve disputes, and enforce our agreements. Upon uninstallation, Shopify triggers mandatory compliance webhooks, and we permanently delete associated store data within 48 hours, unless a longer retention period is legally required.
06 Security
We apply industry-standard safeguards to protect your information, including encryption in transit (TLS) and at rest, access controls limited to authorized personnel, and regular security reviews. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security, but we work continuously to protect your data.
07 Your rights
Depending on your location, you may have the following rights over your data. Tap each to expand.
Request a copy of the personal data we hold that relates to your store or account.
Ask us to correct inaccurate or incomplete data we hold about you.
Request that we delete your data, subject to legal retention requirements.
Receive your data in a structured, commonly used, machine-readable format.
Object to certain types of processing, such as usage analytics, where applicable.
08 GDPR & CCPA compliance
For merchants and customers in the European Economic Area, we act as a data processor under the General Data Protection Regulation (GDPR), processing data only on the instructions of the merchant (data controller) who installed [App Name]. For California residents, we comply with the California Consumer Privacy Act (CCPA), including honoring requests to know, delete, or opt out of the sale of personal information — noting again that we do not sell personal data.
09 Children's privacy
[App Name] is intended for use by merchants operating a Shopify store and is not directed at children. We do not knowingly collect personal information from anyone under the age of 16. If we become aware that we have inadvertently collected such data, we will delete it promptly.
10 Changes to this policy
We may update this policy from time to time to reflect changes in our practices or for legal reasons. We'll update the "last updated" date at the top of this page and, for material changes, notify you via the app dashboard or email.
11 Contact us
If you have questions about this policy or how your data is handled, reach out any time.