Shopify Apps Privacy & Policies
Last updated: July 10, 2026
Clause 0 — Introduction

How we handle your data, in plain terms.

This policy explains what data our app collects inside your Shopify store, why we collect it, and what control you have over it. No legal jargon we wouldn't say to your face.

Applies to: — a Shopify application by Integriti
Your data's journey — tap a stage
01
Collected
Only what's needed to run the app: store details, product/order data, and basic usage events. Never passwords or payment card numbers.
02
Used
To power the app's features, keep it running smoothly, fix bugs, and tell you how it's performing on your store.
03
Stored
On secure, access-controlled servers, kept only as long as you use the app or as required by law.
04
Protected
Encrypted in transit and at rest, with access limited to the people who need it to support you.
05
Deleted
Removed automatically when you uninstall the app, per Shopify's mandatory 48-hour data erasure webhooks.

01 Information we collect

When you install [App Name] on your Shopify store, we collect the information necessary to provide our services. This falls into three categories:

CategoryExamplesSource
Store informationStore name, domain, email, currency, plan typeShopify API
Content dataProducts, collections, orders, customer records relevant to app featuresShopify API
Usage dataFeature interactions, error logs, performance metricsApp activity

We only request the Shopify API scopes strictly required for [App Name] to function, and you can review the exact permissions on the app's installation screen at any time.

02 How we use it

We use collected information solely to operate, maintain, and improve [App Name]. Specifically, to:

  • Deliver the core functionality you installed the app for
  • Provide customer support and troubleshoot issues you report
  • Monitor performance and fix bugs
  • Send essential service notices, such as billing or outage updates
  • Improve features based on aggregated, anonymized usage patterns

We do not use your store's customer data to train machine learning models, and we do not sell it to data brokers.

03 Sharing & disclosure

We don't sell your data. We only share information in the following limited circumstances:

  • Service providers — trusted infrastructure partners (e.g. hosting, error tracking, email delivery) bound by confidentiality agreements
  • Legal requirements — if required by law, subpoena, or to protect the rights and safety of our users
  • Business transfers — in the event of a merger, acquisition, or asset sale, with notice provided beforehand

04 Cookies & tracking

[App Name] may use cookies and similar technologies within the Shopify admin to keep you logged in, remember preferences, and understand how the app is used. These are strictly functional and analytics cookies — we do not use third-party advertising trackers.

05 Data retention

We retain your data only for as long as your store has [App Name] installed, or as needed to comply with legal obligations, resolve disputes, and enforce our agreements. Upon uninstallation, Shopify triggers mandatory compliance webhooks, and we permanently delete associated store data within 48 hours, unless a longer retention period is legally required.

06 Security

We apply industry-standard safeguards to protect your information, including encryption in transit (TLS) and at rest, access controls limited to authorized personnel, and regular security reviews. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security, but we work continuously to protect your data.

07 Your rights

Depending on your location, you may have the following rights over your data. Tap each to expand.

Request a copy of the personal data we hold that relates to your store or account.

Ask us to correct inaccurate or incomplete data we hold about you.

Request that we delete your data, subject to legal retention requirements.

Receive your data in a structured, commonly used, machine-readable format.

Object to certain types of processing, such as usage analytics, where applicable.

08 GDPR & CCPA compliance

For merchants and customers in the European Economic Area, we act as a data processor under the General Data Protection Regulation (GDPR), processing data only on the instructions of the merchant (data controller) who installed [App Name]. For California residents, we comply with the California Consumer Privacy Act (CCPA), including honoring requests to know, delete, or opt out of the sale of personal information — noting again that we do not sell personal data.

09 Children's privacy

[App Name] is intended for use by merchants operating a Shopify store and is not directed at children. We do not knowingly collect personal information from anyone under the age of 16. If we become aware that we have inadvertently collected such data, we will delete it promptly.

10 Changes to this policy

We may update this policy from time to time to reflect changes in our practices or for legal reasons. We'll update the "last updated" date at the top of this page and, for material changes, notify you via the app dashboard or email.

11 Contact us

If you have questions about this policy or how your data is handled, reach out any time.