Privacy Policy — StockSafe Bundles

Last updated: 20 June 2026

StockSafe Bundles ("the App", "we", "us") is a Shopify app operated by Shivam Gupta (India). This policy explains what data the App accesses, why, how long we keep it, and your choices. By installing the App you agree to this policy.

Contact: stocksafebundle@gmail.com.

1. What the App does

StockSafe Bundles helps merchants keep fixed product bundles inventory-accurate across multiple locations. It reads inventory and product data from your Shopify store, computes each bundle's true availability, diagnoses why a bundle is out of stock, and keeps an audit log of changes. It does not sell, market to, or contact your customers.

2. Data we access and store

We access your store's data only through Shopify's Admin API, using the minimum permissions ("scopes") the App requests at install: read_inventory, read_locations, read_products, write_inventory, write_products.

We store, in our own database, only what is needed to run the service:

• Store identity — your shop domain, install date, and plan/billing status, to identify your store and apply your subscription tier.
• Shopify session & access token (managed by Shopify's official library), to authenticate API calls on your behalf.
• Bundle configuration — bundle products, component variants, quantities, and which locations count, to run the bundle availability math you set up.
• Inventory snapshots — computed availability, the parent count Shopify reported, and a drift flag, per bundle/location over time, to power the "why is this bundle 0?" diagnostics and drift detection.
• Audit log — a record of inventory/availability changes and any writes the App makes, for the audit-trail feature and troubleshooting.

We do NOT collect, store, or process any of your customers' personal data. The App does not request order or customer scopes and holds no customer names, emails, addresses, or order details. Inventory and product data are store operational data, not personal data.

3. How we use the data

Strictly to provide the App's features: computing bundle availability, diagnostics, drift alerts, the audit log, and — only when you explicitly trigger it — guarded inventory writes (e.g. the "Restock a component" tool). We do not sell, rent, or share your data, and we do not use it for advertising or to train machine-learning models.

4. When the App writes to your store

The App writes to Shopify only for actions you take in the App: creating or editing a bundle (creating/updating the bundle's product and component links), or running a guarded component restock. Every write is recorded in the audit log. The App never silently changes inventory in the background.

5. Sub-processors

We rely on these service providers to operate the App. They process data only to provide infrastructure to us:

• Shopify — the platform the App runs on and the source of store data.
• Render (render.com) — application hosting.
• Neon (neon.tech) — managed PostgreSQL database where the data in §2 is stored.

6. Data retention and deletion

• While the App is installed, we retain the data in §2 for as long as you use the service.
• When you uninstall, we immediately delete your store's data (bundles, components, locations, snapshots, audit logs) and session tokens. As a backstop, Shopify also sends us a shop/redact request ~48 hours after uninstall, on which we purge any remaining records for your store.
• Because we store no customer personal data, Shopify's customers/data_request and customers/redact requests have nothing to export or erase; we acknowledge them as required.
• You can request deletion of your store's data at any time by emailing stocksafebundle@gmail.com; we will action it within 30 days.

7. Data security

Data is transmitted over HTTPS/TLS and stored with our hosting and database providers. Access tokens are stored only to call Shopify's API on your behalf. We request the minimum scopes needed and never request customer or order data.

8. International transfers

Your data may be processed in the United States, where our hosting (Render) and database (Neon, us-east-1) providers operate. By using the App you consent to this processing.

9. Your rights

Depending on your jurisdiction (e.g. GDPR, CCPA) you may have rights to access, correct, or delete your data. As the merchant, you control the store data the App processes; contact stocksafebundle@gmail.com to exercise any rights.

10. Changes to this policy

We may update this policy as the App evolves. Material changes will be reflected by the "Last updated" date above and, where appropriate, communicated in-app or by email.

11. Contact

Questions about this policy or your data: stocksafebundle@gmail.com.