Shopify App Privacy Policy

Last updated: December 10, 2025

ResponsiveWorks Integration Hub ("we", "our", or "the Service") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use our integration services.

1. Information We Collect
Store Information

When you connect your Shopify store to our Service, we collect:

  • Store domain and name
  • OAuth access tokens (encrypted)
  • Store configuration preferences
Order Data

To synchronize orders with your ERP system, we access:

  • Order numbers and details
  • Line items (product SKU, quantity, price)
  • Customer name and shipping address
  • Payment and fulfillment status
Product Data

To synchronize your product catalog, we access:

  • Product SKUs, titles, and descriptions
  • Pricing information
  • Inventory quantities and locations
  • Product images and variants
Fulfillment Data

To update order fulfillment status, we access:

  • Fulfillment status and tracking numbers
  • Shipping carrier information
  • Shipment dates
2. How We Use Your Information

We use the collected information solely for the following purposes:

  • Order Synchronization: Transmitting orders from your Shopify store to your configured ERP system (e.g., NetSuite)
  • Inventory Management: Updating inventory levels in your Shopify store based on your ERP data
  • Product Catalog Sync: Keeping product information synchronized between systems
  • Fulfillment Updates: Updating Shopify orders with shipment tracking from your ERP
  • Service Operation: Maintaining sync status, error logging, and service functionality
We do not: Sell your data, use it for advertising, or share it with third parties beyond your configured ERP system.
3. Data Storage and Security
Data Storage
  • OAuth access tokens are encrypted at rest
  • Sync cache data is stored temporarily to track synchronization status
  • Configuration data is stored in secure, access-controlled storage
Security Measures
  • HTTPS encryption for all data transmission
  • OAuth 2.0 authentication with Shopify
  • Token-Based Authentication (TBA) with NetSuite
  • Role-based access control within the application
  • Regular security reviews and updates
Data Retention
  • Sync cache data is retained only while your store is connected
  • Execution logs are retained for 90 days for troubleshooting
  • Upon disconnection or uninstallation, your data is deleted within 48 hours
4. Data Sharing

Your data is shared only with:

  • Your Configured ERP System: Order, product, inventory, and fulfillment data is transmitted to your NetSuite or other configured ERP system as part of the integration service you have requested.

We do not share your data with:

  • Advertisers or marketing companies
  • Data brokers or analytics firms
  • Any third parties for purposes unrelated to the integration service
5. Your Rights

You have the following rights regarding your data:

  • Access: Request a copy of the data we hold about your store
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data by uninstalling the app or contacting us
  • Portability: Request your data in a portable format
  • Restriction: Request restriction of processing in certain circumstances

To exercise any of these rights, please contact us at the address below.

6. GDPR Compliance (EU Users)

For users in the European Economic Area (EEA), we comply with GDPR requirements:

  • Legal Basis: We process your data based on your consent when you install the app and the necessity to perform the integration service you requested.
  • Data Processing: Your data is processed in accordance with this privacy policy and applicable data protection laws.
  • Data Subject Rights: You may exercise your GDPR rights by contacting us directly.
  • Data Protection Officer: Contact us for data protection inquiries.
7. CCPA Compliance (California Users)

For California residents, under the California Consumer Privacy Act (CCPA):

  • We do not sell personal information
  • You have the right to know what personal information we collect
  • You have the right to request deletion of your personal information
  • You will not be discriminated against for exercising your privacy rights
8. Data Deletion
Automatic Deletion

When you uninstall the ResponsiveWorks Integration Hub app from your Shopify store:

  • Your OAuth access tokens are immediately revoked and deleted
  • Sync cache data is purged within 48 hours
  • Store configuration is removed from our system
Manual Deletion Request

You may also request data deletion at any time by contacting us. We will process your request within 30 days.

9. Cookies and Tracking

Our Service uses minimal cookies necessary for operation:

  • Session Cookies: To maintain your login session
  • Security Cookies: For CSRF protection and secure form submissions

We do not use tracking cookies, analytics cookies, or advertising cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on this page
  • Updating the "Last updated" date
  • Sending an email notification for significant changes (if applicable)
11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

ResponsiveWorks Integration Hub
Email: [email protected]
Support: [email protected]

For data deletion or access requests, please include your store domain and the email address associated with your account.

Terms of Service How It Works