Privacy Policy - BackorderPro
Last Updated: January 12, 2026
This Privacy Policy describes how SnoekByte ("we", "us", or "our") collects, uses, and shares information when you use the BackorderPro application ("App") available through the Shopify App Store.
1. Introduction
BackorderPro is a Shopify application that helps merchants automatically manage their inventory backorder policies based on supplier feed data. We are committed to protecting your privacy and handling your data in an open and transparent manner.
This Privacy Policy applies to merchants ("you" or "Merchant") who install and use BackorderPro, as well as to the customers of those merchants ("End Customers").
2. Information We Collect
2.1 Merchant Information
When you install BackorderPro, we collect and store:
| Data Type | Purpose | Retention |
|---|---|---|
| Shop domain | Identify your store | Until app uninstall + 48 hours |
| Access tokens | API authentication | Until app uninstall |
| Timezone settings | Schedule synchronizations | Until app uninstall |
| Feed configurations | Process supplier data | Until app uninstall |
| App preferences | Personalize your experience | Until app uninstall |
2.2 Product & Order Information
To provide our services, we process:
| Data Type | Purpose | Retention |
|---|---|---|
| Product IDs & Variant IDs | Match products with supplier feeds | Until app uninstall |
| Product titles & SKUs | Display in logs and analytics | Configurable (default 24 months) |
| EAN/Barcodes | Product matching | Duration of sync process only |
| Order IDs & Order names (#1234) | Track backorder sales | Configurable (default 24 months) |
| Order quantities & prices | Calculate backorder revenue | Configurable (default 24 months) |
| Inventory levels | Determine backorder status | Duration of sync process only |
2.3 Supplier Feed Data
When you configure supplier feeds, we temporarily process:
- Feed URLs or FTP paths
- Authentication credentials (stored encrypted)
- CSV/Excel/XML file contents (processed, not permanently stored)
- Column mappings and rules you configure
2.4 What We Do NOT Collect
We explicitly do NOT collect or store:
- ❌ Customer names
- ❌ Customer email addresses
- ❌ Customer shipping or billing addresses
- ❌ Customer phone numbers
- ❌ Payment information or credit card details
- ❌ Customer IP addresses
- ❌ Any other personally identifiable information (PII) of your customers
3. How We Use Your Information
We use the collected information solely to:
- Provide the Service - Synchronize supplier feeds with your Shopify store and update inventory policies
- Display Analytics - Show you backorder sales statistics and performance metrics
- Maintain Logs - Record execution history for troubleshooting and transparency
- Schedule Tasks - Run automated synchronizations at your configured times
- Improve the App - Analyze aggregate usage patterns to improve functionality
We do NOT:
- Sell your data to third parties
- Use your data for advertising
- Share your data with other merchants
- Access your store for any purpose other than providing the service
4. Data Storage & Security
4.1 Where Data is Stored
Your data is stored on secure servers hosted by:
- Fly.io (Cloud hosting provider) - Data centers in compliance with GDPR
- SQLite database - Encrypted at rest
4.2 Security Measures
We implement industry-standard security measures:
| Measure | Description |
|---|---|
| Encryption at rest | Database and sensitive credentials are encrypted |
| Encrypted credentials | FTP/OAuth passwords are encrypted using AES-256 |
| Secure transmission | All data transmitted via HTTPS/TLS |
| Access control | Only authorized systems can access your data |
| Webhook verification | HMAC signature verification for all Shopify webhooks |
4.3 Credential Storage
When you provide FTP or OAuth credentials for supplier feeds:
- Credentials are encrypted before storage using industry-standard encryption
- We cannot view your plain-text passwords
- Credentials are only decrypted momentarily during feed synchronization
5. Data Retention
5.1 Default Retention Period
By default, we retain your data for 24 months after creation. This includes:
- Backorder sales records
- Execution logs
- Analytics data
5.2 Configurable Retention
You can configure your data retention period in the App Settings:
- Minimum: 6 months
- Maximum: 36 months
- Changes apply to future cleanup cycles
5.3 Automatic Cleanup
Our data retention service automatically removes data older than your configured retention period. This runs periodically to ensure compliance.
5.4 Data Deletion on Uninstall
When you uninstall BackorderPro:
- Your session data is immediately deleted
- Within 48 hours, Shopify sends a
shop/redactwebhook - Upon receiving this webhook, we permanently delete ALL your data including:
- All backorder sales records
- All feed configurations and rules
- All execution logs
- All app settings
6. Data Sharing
6.1 Third-Party Services
We use the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Shopify | Platform & API | Product/order data as needed for functionality |
| Fly.io | Hosting | All app data (encrypted) |
| Your configured suppliers | Feed retrieval | Only the credentials you provide |
6.2 We Do Not Share
- We do not sell your data
- We do not share data with advertisers
- We do not provide data to other merchants
- We do not use your data for purposes unrelated to the App
6.3 Legal Requirements
We may disclose your information if required by law, such as:
- To comply with legal process
- To protect our rights or property
- To prevent fraud or security issues
7. Your Rights (GDPR)
Under the General Data Protection Regulation (GDPR) and similar laws, you have the right to:
| Right | Description | How to Exercise |
|---|---|---|
| Access | Request a copy of your data | Contact us at privacy@snoekbyte.nl |
| Rectification | Correct inaccurate data | Update in App Settings or contact us |
| Erasure | Delete your data | Uninstall the app or contact us |
| Portability | Export your data | Contact us for a data export |
| Restriction | Limit processing | Contact us |
| Objection | Object to processing | Contact us |
To exercise any of these rights, please contact us at privacy@snoekbyte.nl.
8. End Customer Privacy
8.1 Customer Data
BackorderPro does NOT process personal data of your customers. We only process:
- Order IDs (e.g.,
gid://shopify/Order/12345) - Order names (e.g.,
#1001) - Product quantities and prices
This data cannot be used to identify individual customers.
8.2 GDPR Compliance for Customer Requests
When your customers exercise their GDPR rights:
- Customer Data Request: We report that no personal customer data is stored
- Customer Redact Request: We confirm no personal data needs deletion
You remain the data controller for your customer data. BackorderPro acts as a data processor only for the limited, non-personal order metadata described above.
9. Cookies & Tracking
BackorderPro does NOT:
- Set any cookies on your customers' browsers
- Use any tracking pixels or analytics on your storefront
- Collect any data from your customers directly
The App operates entirely within the Shopify Admin and does not interact with your storefront or customers.
10. Children's Privacy
BackorderPro is a business application intended for use by merchants. We do not knowingly collect information from children under 16. If you believe we have collected information from a child, please contact us immediately.
11. International Data Transfers
Your data may be processed in countries outside your own. We ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) with service providers
- Compliance with GDPR requirements for international transfers
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do:
- We will update the "Last Updated" date at the top
- For significant changes, we will notify you via the App or email
- Continued use of the App after changes constitutes acceptance
13. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
SnoekByte
- Email: privacy@snoekbyte.nl
- Website: https://snoekbyte.nl
For Shopify-specific privacy concerns, you may also refer to Shopify's Privacy Policy.
14. Legal Basis for Processing (GDPR)
We process your data based on the following legal grounds:
| Data Type | Legal Basis |
|---|---|
| Merchant account data | Contract performance (providing the App service) |
| Product/Order metadata | Legitimate interest (App functionality) |
| Analytics data | Legitimate interest (improving the service) |
| Execution logs | Legitimate interest (troubleshooting & transparency) |
15. Data Protection Officer
For data protection inquiries, contact our Data Protection Officer:
- Email: dpo@snoekbyte.nl
This Privacy Policy is effective as of January 12, 2026.
Summary
BackorderPro is designed with privacy in mind:
- ✅ No customer PII collected
- ✅ GDPR compliant
- ✅ Automatic data deletion on uninstall
- ✅ Configurable data retention
- ✅ Encrypted credential storage
- ✅ Transparent data practices