Privacy Policy

Last updated: April 1, 2026

This Privacy Policy describes how Shopify Connector by Reka Consulting ("we", "us", "our") collects, uses, and protects information when you use our application.

1. What Data We Collect

Our application synchronizes data between your external source systems and your Shopify store. In the course of this synchronization, we may process the following types of data:

• Product data: titles, descriptions, prices, images, variants, inventory levels, and categories
• Customer data: names, email addresses, phone numbers, and shipping addresses (only when customer sync is configured)
• Order data: order details, line items, and fulfillment information (only when order sync is configured)
• Inventory data: stock levels and location information
• Store configuration: your Shopify store domain, API credentials (encrypted), and sync preferences

2. How We Use Your Data

We use the collected data solely for the following purposes:

• Synchronizing data between your external source systems and your Shopify store
• Mapping and transforming fields according to your configured rules
• Logging sync operations for troubleshooting and audit purposes
• Detecting and resolving data conflicts between systems

We do not sell, rent, or share your data with any third parties. Your data is only transmitted between your configured source system and your Shopify store.

3. Data Storage and Security

• All API credentials and access tokens are encrypted at rest using AES-256 encryption
• Data is stored on secure servers with restricted access
• All communication with Shopify and source APIs uses HTTPS/TLS encryption
• Webhook payloads are verified using HMAC-SHA256 signatures

4. Data Retention

• Sync logs and API logs are retained for operational purposes and automatically cleaned up periodically
• Upon app uninstallation, all store data (connections, sync configurations, entity mappings, and logs) is permanently deleted within 48 hours
• You may request immediate deletion of your data at any time by contacting us

5. Your Rights (GDPR)

If you are located in the European Economic Area, you have the following rights:

• Right of access: request a copy of all personal data we hold about your customers
• Right to erasure: request deletion of customer data from our systems
• Right to rectification: request correction of inaccurate data
• Right to data portability: receive your data in a structured, machine-readable format

We process GDPR data requests received through Shopify's mandatory webhooks automatically. Customer data deletion requests are fulfilled promptly upon receipt.

6. Contact Information

For any privacy-related questions, data requests, or concerns, please contact us:

• Email: [email protected]
• Company: Reka Consulting

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page.