Privacy Policy

1. Introduction

This Privacy Policy describes how the PriceSync application ("PriceSync", "the app", "we", "us", or "our") collects, uses, and protects information when merchants install and use the app on their Shopify stores.

By installing or using PriceSync, you agree to the collection and use of information as described in this policy. If you do not agree, please uninstall the app and stop using the service.

2. Information we collect

2.1 From Shopify (merchant data)

• Shop identifier: your Shopify domain (e.g. your-store.myshopify.com).
• Shop owner contact: name and email as provided by Shopify during installation.
• Session tokens: OAuth access tokens issued by Shopify, used to call the Shopify Admin API on your behalf.
• Product data: product titles, handles, prices, inventory cost, and variants that you choose to monitor within the app.

2.2 Provided by you

• Competitor product URLs that you add to any tracked product.
• Pricing rules you configure (cost basis, minimum profit margin, pricing strategy).
• Support tickets you submit from within the app (subject and description).

2.3 Collected from public sources

• Publicly available pricing, product titles, and images from the competitor URLs that you configure. The app only fetches pages you explicitly add; it does not discover or crawl other URLs on its own.

2.4 Information we do NOT collect

• Your customers' personal data (names, emails, addresses, phone numbers).
• Order details or transaction data.
• Payment card or banking information (all billing is handled by Shopify).
• Cookies for advertising or cross-site tracking.

3. How we use information

• To authenticate you with Shopify and keep your session active.
• To fetch product information and update product prices in your Shopify store according to the rules you set.
• To scrape public pricing information from the competitor URLs you configure.
• To run scheduled background jobs that keep your competitor prices up to date.
• To provide support when you submit a ticket from within the app.
• To notify you of critical service issues, material changes to the app, or subscription-related events.

4. Data sharing

We do not sell or rent your data. We share it only with service providers that help operate the app:

• Shopify — for authentication, product updates, and billing (subject to Shopify's own privacy policy).
• PriceSync backend infrastructure — our internal API and database, hosted on servers we operate at Jalpi. Used to store tracked products, competitor URLs, scraped prices, and subscription state.
• Support system (support.jalpi.com) — when you submit a support ticket from the app, your subject, description, shop name, and contact email are forwarded to our ticket system.

We may also disclose information if required by law, to comply with a legal process, or to protect the rights, property, or safety of PriceSync, our users, or others.

5. Data retention

We retain your data for as long as your app installation is active. Specifically:

• Active installations: data is retained to provide the service.
• Uninstallation: when you uninstall the app, Shopify notifies us via the app/uninstalled webhook. We immediately delete your OAuth session tokens and stop all background jobs for your shop.
• Shop-level deletion (GDPR): approximately 48 hours after uninstallation, Shopify sends a shop/redact webhook. At that point we purge all remaining shop-associated data from our systems.
• Backups: residual data may exist in encrypted backups for up to 30 days before being overwritten.

6. Security

We take reasonable steps to protect your information, including:

• HTTPS/TLS encryption for all communications.
• Encrypted storage of OAuth tokens.
• Access controls restricting internal access to data on a need-to-know basis.
• HMAC validation on all inbound Shopify webhooks.

No method of transmission over the internet or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your rights

You have the following rights regarding your data:

• Access: request a copy of the data we hold about your shop.
• Correction: request correction of inaccurate information.
• Deletion: uninstall the app to trigger automatic deletion, or contact us directly.
• Portability: request an export of your configuration data in a machine-readable format.

To exercise these rights, contact us at the email address in section 10.

GDPR compliance webhooks

We support Shopify's mandatory GDPR webhooks: customers/data_request, customers/redact, and shop/redact. Since PriceSync does not collect end-customer personal data, customer-specific requests are acknowledged and no customer PII exists to compile or delete.

8. Competitor URLs and public data

PriceSync fetches pricing and product information from competitor URLs that merchants voluntarily provide. Only publicly accessible content is retrieved. We do not bypass authentication, access private data, or store personal data about competitor-site customers. If you believe PriceSync is fetching a URL that should not be fetched, please contact us and we will investigate.

9. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top reflects the date of the latest revision. Material changes will be communicated in-app or via email to the shop owner. Continued use of the app after changes constitutes acceptance.

10. Contact us

If you have any questions, concerns, or requests regarding this policy, contact us:

• Email: mayur@smsidea.co.in
• In-app support: use the Support page inside PriceSync.
• Company: Konceptwise Digital Media Pvt Ltd