Privacy Policy

Last updated: 2026-04-24

This Privacy Policy describes how the Pilot Scheduled Discounts Shopify app ("the App", "we", "us") handles information when you, as a Shopify merchant, install or use the App on your Shopify store.

1. Information we access

When installed, the App accesses the following data from your Shopify store via Shopify's APIs:

• Shop information (shop domain, shop ID).
• An OAuth access token issued by Shopify for the App.
• Discount configurations and metafields owned by the App (the rule definitions you create).
• Cart data at checkout time — processed only inside a Shopify Function running on Shopify's own infrastructure. The cart contents never leave Shopify and are never visible to us.

The App does not access:

• Customer personal information (names, emails, addresses).
• Order history.
• Product or inventory data beyond what Shopify provides to the discount Function at runtime.

2. Information we store

On our infrastructure we store only the following:

• Your shop domain (e.g. example.myshopify.com).
• The Shopify-issued OAuth access token, used to call Shopify APIs on your behalf.
• Token scope and expiry timestamp.

We do not store any customer personal information. Discount rule definitions themselves live in Shopify metafields, not in our database.

3. How we use the data

• The OAuth token is used only to call Shopify's Admin API on your behalf when the App needs to read or write discount configuration.
• The Shopify Function executes on Shopify's servers and evaluates your rules against each cart at checkout time. Neither the rule evaluation nor the cart data is sent to us.
• We do not sell, rent, or share data with third parties.

4. Data retention and deletion

• When you uninstall the App, your stored session data is automatically deleted via the app/uninstalled webhook.
• 48 hours after uninstall, Shopify sends a shop/redact webhook; we re-confirm deletion of all data tied to your shop.
• Customer-related compliance webhooks (customers/data_request, customers/redact) are accepted; since we do not store customer data, no further action is required beyond a successful acknowledgement.

5. Hosting and subprocessors

• Application server: a virtual private server operated on infrastructure leased from a third-party provider. All data resides on a single server; no replication to additional regions.
• Database: SQLite running on the same server. Backups are encrypted and retained for 7 days, then deleted.
• Shopify: all primary data (rules, discounts, store info) lives in Shopify itself. Shopify's own privacy policy governs that data.

6. Cookies and tracking

The App does not set marketing or analytics cookies. Authentication cookies set by Shopify App Bridge are used solely to keep you signed in inside the embedded Shopify admin.

7. Security

• All traffic between your browser, Shopify, and our servers uses TLS (HTTPS).
• Server access is restricted to the application owner via SSH key authentication; password login is disabled.
• Webhook payloads from Shopify are verified with HMAC signatures before being processed.
• Operating-system security updates are installed automatically.

8. Your rights (GDPR / CCPA)

If you are subject to the GDPR, CCPA, or a similar regulation, you have the right to access, correct, or delete the personal data we hold about you. Because the only personal data we hold is the OAuth access token tied to your shop, the simplest way to exercise these rights is to uninstall the App: doing so deletes the token immediately, and a final redaction is performed 48 hours later when Shopify sends the shop/redact webhook.

You may also contact us directly using the address below.

9. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest version. Material changes will be highlighted in the App's changelog.

10. Contact

For privacy questions or to exercise your rights: maxkzboiko@gmail.com.