Privacy Policy
Last updated: June 2025
1. What We Collect
PodProfit collects the minimum data necessary to provide its profit analytics service to Shopify merchants:
- Shopify store data: order numbers, order amounts, product variants, financial status, and timestamps — accessed via the Shopify API using the scopes you grant during installation.
- Provider credentials: Printful private tokens and Printify API keys that you voluntarily connect. These are encrypted at rest using AES-256-GCM before storage.
- Shop configuration: your Shopify plan type, subscription tier, and app settings (e.g., margin alert threshold).
2. How We Use Your Data
Your data is used exclusively to:
- Calculate true profit margins by combining Shopify revenue data with COGS from Printful/Printify.
- Display your profit dashboard and generate CSV exports.
- Deliver margin alerts when products fall below your configured threshold.
- Manage your subscription via Shopify Billing.
We do not sell, share, or license your data to third parties for any purpose, including advertising.
3. Data Storage
Your data is stored in a Supabase-hosted PostgreSQL database located in the EU. All API tokens (Shopify, Printful, Printify) are encrypted at rest before storage. Database access is restricted to server-side code using Supabase service-role credentials; no client-side direct access is possible.
4. Data Retention
We retain your order and product data for as long as your shop has an active PodProfit installation. When you uninstall the app, you may request full deletion of your data by contacting us at the email address below.
5. GDPR
If you are located in the European Economic Area, you have the right to access, correct, or delete your personal data. To exercise these rights, contact us at the address below. We will respond within 30 days.
6. Third-Party Services
PodProfit integrates with the following third-party platforms to provide its service:
- Shopify — for order data and billing. Governed by Shopify's privacy policy.
- Printful / Printify — for cost-of-goods data. Only accessed using credentials you provide.
- Supabase — for database hosting.
- Vercel — for application hosting.
7. Contact
For privacy inquiries, data deletion requests, or any other concerns, contact us at: privacy@podprofit.app