← Back to home

Privacy Policy

Last updated: May 23, 2026

1. About This Policy

My Profit App ("the App", "we", "us", or "our") is a Shopify application that helps merchants track net profit, revenue, cost of goods sold, and expenses. This Privacy Policy describes exactly what data we collect, why we collect it, how we protect it, and your rights regarding that data.

This policy applies to merchants who install the App through the Shopify App Store and to the end customers of those merchants, whose order data may be accessed through the Shopify Admin API. By installing the App, you agree to the practices described in this policy.

2. Data We Access and Why

We request only the Shopify API access scopes that are necessary for the App to function. Below is a complete list of what we access and the reason for each:

From the Shopify Admin API (Merchant Store Data)

  • read_orders — We read paid orders including order totals, line item prices, financial status, and creation timestamps. This data is used solely to calculate revenue, cost of goods sold, and net profit displayed in the dashboard. Access to order data is subject to Shopify's Protected Customer Data requirements; we do not request customer names, emails, or addresses in our API queries.
  • read_inventory — We read inventory cost data to calculate cost of goods sold per order line item.
  • read_products — We read product variant information on order line items (linked to inventory unit cost). We do not change products in your store.

Data You Enter Directly

  • Manual expense records (name, amount, date, category) that you add within the App.

What We Do Not Access

We do not read, store, or display customer names, email addresses, phone numbers, or physical addresses. We access only the financial fields of orders required to produce profit calculations.

3. How We Use Data

Data is used exclusively to provide the App's functionality:

  • Authenticate your Shopify store and maintain a secure session using Shopify session tokens.
  • Fetch paid orders and calculate revenue, COGS, and net profit for the selected date range.
  • Display profit dashboards, daily performance charts, and order-level breakdowns.
  • Store manual expenses and optional Google Ads connection data so they are available on your next visit.

We do not use your data for advertising, marketing, profiling, or any purpose beyond delivering the App's stated functionality to you.

4. Authentication and Cookies

The App is embedded within the Shopify Admin and authenticates using Shopify's session token mechanism via App Bridge. We do not use third-party cookies or rely on local storage for authentication. The App functions correctly in incognito mode and in browsers with strict cookie settings, in compliance with Shopify's platform requirements.

5. Data Storage and Security

All data transmitted between your browser, our server, and the Shopify API is encrypted using TLS (HTTPS). Our server holds a valid TLS/SSL certificate at all times.

We store the following data in our secured database:

  • Your store's OAuth session token (required to make authenticated API calls on your behalf).
  • Manual expense records you have entered.
  • Google Ads connection and synced daily ad spend (only if you connect Google Ads).

We do not store raw order data from Shopify. Orders are fetched from the Shopify API at the time you view the dashboard and are not persisted in our database.

6. Data Retention and Deletion

We retain your session and stored data for as long as the App remains installed on your store.

When you uninstall the App, Shopify sends an app/uninstalled webhook to our server. We immediately delete all data we hold for your store, including your OAuth session, manual expenses, and Google Ads connection data. Shopify may also send a shop/redact compliance webhook; we treat that the same way and remove any remaining shop data.

You may also request immediate deletion of all your data at any time by contacting us at the address in Section 11.

7. Data Sharing and Third Parties

We do not sell, trade, rent, or share your data with third parties for any commercial purpose. The App communicates only with the following services:

  • Shopify Admin API — to authenticate your store and retrieve order and product data. Governed by Shopify's own Privacy Policy and API Terms of Use.
  • Google Ads API (optional feature) — if you choose to connect a Google Ads account, we retrieve your ad spend data to display it alongside profit metrics and store synced daily totals in our database until you disconnect or uninstall.
  • tawk.to (optional) — a live-chat widget may load only on our public marketing pages (home, privacy policy, screencast). It is not loaded inside the embedded Shopify admin app. If enabled, tawk.to's privacy policy applies to chat interactions on those pages.

8. Your Rights as a Merchant

You have the right to:

  • Request a copy of the data we hold about your store.
  • Request correction of any inaccurate stored data.
  • Request deletion of your data at any time, either by uninstalling the App or by contacting us.
  • Withdraw consent by uninstalling the App from your Shopify admin at any time.

9. GDPR Compliance

We comply with Shopify's mandatory GDPR webhook requirements. Shopify may forward the following requests to us on behalf of your customers, and we will respond within the required timeframe:

  • Customer data request — we will provide a summary of any customer-related data we hold (in practice, we hold none, as we do not store customer PII).
  • Customer data erasure request — we will confirm deletion of any customer-related data upon request.
  • Shop data erasure request — triggered on uninstall; we delete all stored data as described in Section 6.

If you are based in the European Economic Area (EEA), we process your data on the lawful basis of contract performance — that is, to deliver the service you installed. We process only the minimum data required for the App to function.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect any changes. Continued use of the App after an update constitutes acceptance of the revised policy.

11. Contact

For questions about this policy or to exercise your data rights, contact us at:

AuslankaTechnologies@gmail.com