Privacy Policy

Last updated: June 16, 2026

This Privacy Policy explains how the Cart Forensics: Gift With Purchase app (the “App”) collects, uses, stores, and protects data when a Shopify merchant installs and uses it. We process data on behalf of the merchant solely to provide the App's gift-with-purchase functionality.

Merchant data we collect

• Shop domain — Your Shopify store URL, used to identify your account.
• Offer configuration — Threshold rules, gift product selections, scheduling, appearance, and settings you configure.
• Product metadata — Product titles, variant titles, image URLs, and prices for gift products you select, cached from your Shopify catalog to display in the admin UI.

Customer data we process

To enforce gift redemption limits and report offer performance to the merchant, the App records which free gift was claimed in a completed order. When an order is created, the App processes:

• Gift line items — product ID, variant ID, quantity, and price of order lines tagged with the App's gift property (_gwp_offer_id).
• Order identifier and order number — to attribute a claim to an order and prevent duplicate counting.
• Shopify customer ID — a numeric identifier (e.g. gid://shopify/Customer/123), used only where an offer limits claims per customer.

We practice data minimization. We do not collect or store customer names, email addresses, phone numbers, postal addresses, payment information, or browsing behavior. The only personal identifier we retain is the Shopify customer ID.

How data is used

Customer data is used only to:

• Operate the App — evaluate offer thresholds, render gift selection, apply the gift discount, and enforce per-offer and per-customer redemption limits.
• Provide merchant analytics — aggregate reporting on how the merchant's own offers perform.

We do not use this data for advertising, profiling, or personalized recommendations, and we do not make automated decisions that have legal or similarly significant effects on a customer.

How data is stored

All data is encrypted in transit (TLS/HTTPS) and at rest, stored in a managed PostgreSQL database. Access to production data is restricted and follows the principle of least privilege. The App requests only the Shopify API access scopes it requires.

Data sharing and sub-processors

We do not sell personal data and do not share it for cross-context behavioral advertising. We rely on the following sub-processors to operate the App:

• Shopify Inc. — provides the order and store data and hosts the merchant relationship.
• Render (Render Services, Inc.) — application hosting and managed PostgreSQL database.

Data retention and deletion

• Customer redaction — On a Shopify customers/redact request, we remove the Shopify customer ID from any associated claim records, leaving only anonymized, non-identifying data. After redaction, no personal data about that customer remains.
• Shop redaction / uninstall — On a shop/redact request (sent after a merchant uninstalls the App), we permanently delete all of that merchant's data, including all claim records, analytics, offers, and settings.
• Data access requests — On a customers/data_request, we return the claim records associated with that customer so the merchant can fulfil the request.

We retain data only for as long as the merchant uses the App or as needed to provide the service.

Customer rights

Customers should direct privacy requests (access, deletion, correction) to the merchant whose store they shopped at; the merchant is the data controller. Shopify routes such requests to us through the redaction and data-request webhooks described above, and we act on them.

Contact

For data requests or privacy questions, contact us at privacy@cartforensics.com.