Privacy Policy

DeltaSync is built to touch the minimum data required to keep inventory in sync. We request only these Shopify access scopes: read_products, read_inventory, write_inventory, and read_locations.

Through these scopes the app processes:

• Your store domain and the offline access token Shopify issues at installation (used to call the Shopify Admin API on your behalf).
• Product, variant, and SKU identifiers used to match items between your source and target stores.
• Inventory quantities and location identifiers, which we read from the source store and write to the matching item in the target store.
• App configuration you set, such as which stores are linked and any safety-stock buffer, plus operational logs of sync attempts and failures.

DeltaSync does not request access to, collect, or store your customers' personal information. We do not read orders, customer records, payment details, or storefront browsing data.

Data is used solely to operate the synchronization service: detecting inventory changes (via Shopify webhooks), matching products by SKU across your linked stores, applying updates to the target store, retrying failed updates, and showing you sync status and error logs inside the app. We do not sell your data, and we do not use it for advertising or profiling.

DeltaSync subscribes to Shopify webhooks to function and to comply with Shopify requirements, including inventory level updates, app uninstallation, subscription changes, and the mandatory GDPR compliance topics (customers/data_request, customers/redact, shop/redact). Because the app does not store customer personal data, customer data-request and redaction webhooks have no customer records to return or erase; the shop redaction webhook removes your store's data as described below.

Data is stored in a PostgreSQL database on infrastructure we operate, with a Redis-backed queue used transiently to process sync jobs. Access tokens are stored to call the Shopify API on your behalf and are transmitted only over encrypted (TLS) connections.

When you uninstall DeltaSync, Shopify sends an app-uninstalled webhook and we revoke the stored access token and stop processing for your store. We delete your store's data upon uninstallation and on receipt of a shop-redaction request, retaining only what is required to comply with legal obligations.

We share data only with providers that help us run the service: Shopify (the platform and APIs the app integrates with), our hosting provider (where the database and application run), and, where enabled, an email-delivery provider used to send support correspondence. Each processes data only as needed to provide their service to us.

Depending on your jurisdiction, you may have rights to access, correct, export, or delete the data we hold about your store. The most direct way to exercise deletion is to uninstall the app, which triggers removal of your store's data. For any other request, contact us at the address below.

We may update this policy as the app evolves. Material changes will be reflected by updating the “Last updated” date above.

Questions about this policy or your data? Email us at support@promptoptimizer.app.