This page explains specifically how CraftBridge handles Shopify merchant data. It is intended for Shopify merchants evaluating the CraftBridge app, and for Shopify's app review process.
Summary: CraftBridge requests minimal Shopify permissions. We only use your store connection to import products you explicitly select. We never read orders, customers, or financials. Your access token is encrypted and deleted immediately when you uninstall.
1. What Shopify Permissions We Request and Why
CraftBridge requests the following Shopify API scopes during OAuth installation:
| Scope | What It Allows | Why We Need It |
|---|---|---|
| write_products | Create and update products in your store | Required to import CraftBridge artisan products into your Shopify catalog when you click "Import to Shopify" |
| read_products | Read your existing products | Required to check if a product has already been imported (prevent duplicates) |
We do NOT request access to: orders, customers, financials, inventory beyond products, fulfillment, or any other store data. Only the scopes listed above are requested.
2. What We Do With Your Shopify Data
When you connect your Shopify store:
- We store your shop domain (e.g.,
your-store.myshopify.com) in our database to identify your connection - We store your OAuth access token, encrypted with AES-256-GCM, to make API calls on your behalf
- When you click "Import to Shopify" on a product, we create that product in your Shopify store using your access token
- We track which products you have already imported (to show "Already Imported" status)
That's it. We do not read your existing products, orders, customers, or any other store data. We do not perform any background syncing or automatic operations on your store.
3. Data Storage and Security
Where data is stored: All data is stored in a PostgreSQL database hosted by Neon, a managed cloud database provider. Data is stored in the United States.
Encryption: Your Shopify OAuth access token is encrypted at rest using AES-256-GCM before being stored in the database. The encryption key is stored separately from the database in environment variables managed by Render (our hosting provider).
Transmission: All communication between CraftBridge and Shopify uses HTTPS/TLS. All communication between CraftBridge and your browser uses HTTPS/TLS.
Access controls: Only CraftBridge application code accesses your access token. It is never exposed in logs, APIs, or user interfaces.
4. Data Retention Policy
We retain data only as long as needed:
- Active connection: While your app is installed, we retain your shop domain, encrypted access token, and import history
- After uninstall: Your access token is deleted immediately when we receive the uninstall webhook. Shop domain and import history are deleted within 48 hours.
- Order records: Order records connected to your account are retained for 7 years for financial compliance, then deleted
- Account deletion: If you request account deletion, all personal data is removed within 7 business days (except legally required financial records, which are anonymized)
5. What Happens When You Uninstall
CraftBridge implements Shopify's mandatory uninstall webhook (app/uninstalled).
Immediate: Access token deleted
When Shopify sends the uninstall webhook, we immediately delete your encrypted access token from our database. We can no longer make API calls to your store.
Immediate: Connection marked inactive
Your Shopify connection record is marked as inactive and your shop domain is flagged for deletion.
Within 48 hours: Remaining store data deleted
Your shop domain and product import history are deleted from our database.
Your CraftBridge account remains
Uninstalling the Shopify app does not automatically delete your CraftBridge merchant account. To delete your account, email craftbridge@polsia.app.
Per Shopify's requirements, once the uninstall webhook is processed, CraftBridge has no access to your store and cannot make any API calls to Shopify on your behalf.
6. GDPR Mandatory Webhooks
CraftBridge implements all three Shopify GDPR webhooks:
- customers/data_request: If a Shopify customer requests their data, we can provide any CraftBridge records associated with their email (typically none, as we don't process end-customer data)
- customers/redact: Redact any customer personal data from CraftBridge systems upon request
- shop/redact: Delete all shop data 48 hours after uninstall (as described above)
To submit a data request, contact craftbridge@polsia.app.
7. Third-Party Services
CraftBridge uses the following third-party services that may process data:
- Render (render.com) — Application hosting. Processes all web requests.
- Neon (neon.tech) — PostgreSQL database hosting. Stores all application data.
- Stripe (stripe.com) — Payment processing. Handles payment card data; we never store card numbers.
We do not use advertising networks, analytics services that track users across sites, or any other data brokers.
8. Contact for Data Requests
For any data-related requests — access, deletion, correction, or portability — contact us:
- Email: craftbridge@polsia.app
- Subject line: "Data Request — [your store domain or email]"
- We respond within 30 days (typically faster)
Related pages: Privacy Policy · Terms of Service · Help & FAQ