Privacy Policy
Effective date: July 8, 2026 · Applies to all Shopify apps published by PlusAnchor
PlusAnchor ("we", "us") builds apps for the Shopify platform. This policy explains what information our apps access, what little of it we actually store, and the choices available to merchants and their customers. It applies to every app we publish, currently:
- PlusAnchor: Auto Discounts — automatic discounts with storefront progress nudges (app-specific details in Appendix A).
1. Information we collect and store
Our apps are designed to store as little as possible. When you install one of our apps we store on our servers:
| Data | Purpose | Kept until |
|---|---|---|
Your shop domain (e.g. example.myshopify.com) and the API access token
Shopify issues to the app |
Operating the app: authenticating your admin session and making the Shopify API calls the app needs to function | Uninstall (see §4) |
| Billing/subscription status for paid plans | Knowing which plan features to enable. All payment processing is handled by Shopify — we never see or store payment card details | Uninstall |
| Standard server logs (IP address, user agent, requested URL, timestamp) | Security, abuse prevention and operational troubleshooting | Rotated automatically on a fixed small size budget (oldest entries are continuously discarded; typically days, not months) |
We do not store customer names, email addresses, phone numbers, physical addresses or payment details on our servers. We do not sell or rent any data, we run no advertising or third-party analytics trackers, and we do not profile buyers.
2. Information our apps access but do not store
To do their job, our apps read certain data through Shopify's APIs. This data is processed transiently and is not persisted on our servers:
- Store catalog data (products, collections, vendors, tags) — shown in the app's admin pickers so you can scope features to specific products.
- Configuration you create in the app — stored by Shopify itself as metafields attached to your own store's resources, not on our infrastructure.
- Limited customer attributes (customer tags, order count, total spent) — used only when a merchant configures customer-eligibility rules, to evaluate whether a logged-in customer qualifies. Where possible this evaluation runs inside Shopify's own infrastructure (Shopify Functions) and never reaches our servers at all; where our server performs the check it holds the values in memory only for the duration of the request.
- Theme settings — a single theme configuration file is read to detect whether the app's storefront widget is enabled, to show correct setup guidance. We never read other theme files and never write to your theme.
- Storefront requests from your customers — when a buyer views a page with our storefront widget, their cart contents and (if logged in) customer identifier are processed in real time to compute what the widget should display. These requests are served and forgotten; the content is not stored or used for any other purpose.
3. Where data lives & how it is protected
- All traffic between Shopify, buyers' browsers and our servers is encrypted in transit (HTTPS/TLS).
- Stored data (§1) lives in an access-controlled database on servers we operate with a hosting provider in the United States. Administrative access is restricted to key-based authentication.
- Encrypted daily backups of the database are kept for up to 12 months for disaster recovery, then deleted on rotation.
- We follow Shopify's Protected Customer Data requirements, including data minimization — we request only the API scopes each app actually needs.
4. Data retention & deletion
- Uninstalling an app immediately revokes its access token. Shopify then notifies us and we delete the store's session records. Configuration stored as metafields on your store's resources is removed by Shopify together with those resources.
- GDPR requests via Shopify: our apps implement Shopify's mandatory privacy webhooks. Because we hold no customer personal information, customer data requests and customer redaction requests complete with nothing to return or erase; a shop redaction request permanently deletes all remaining records for that shop from our systems.
- You may also contact us directly (§7) for any deletion or export request and we will respond within 30 days.
5. Sharing
We share data only with the infrastructure providers required to run the service — our hosting provider (server operations) and Cloudflare (DNS/network) — under their standard data protection terms. We never share, sell or disclose data to advertisers, data brokers or other third parties. We would disclose information if legally compelled to do so.
6. Your rights
Depending on your location (e.g. GDPR in the EEA/UK, CCPA in California), you may have rights to access, correct, export or erase personal information. Merchants can exercise these through the mechanisms in §4 or by contacting us. Buyers should direct requests to the merchant they shopped with, who can route them to us via Shopify's privacy webhooks — this is the flow Shopify prescribes for apps.
7. Contact
PlusAnchor · support@plusanchor.com
We answer privacy inquiries within 30 days.
8. Changes to this policy
If we make material changes we will update this page and revise the effective date above. Substantive changes affecting merchants will additionally be announced inside the affected app's admin.
Appendix A — PlusAnchor: Auto Discounts specifics
PlusAnchor: Auto Discounts creates automatic discounts and shows buyers progress toward unlocking them. In addition to everything above:
- API scopes used:
write_discounts,read_products,read_customers,read_themes,write_app_proxy— the minimum set for creating discounts, product/collection pickers, optional customer-eligibility rules, widget setup detection, and the storefront progress widget respectively. - Your discount configuration is stored by Shopify as metafields on the discounts themselves. Deleting a discount deletes its configuration; uninstalling the app deletes both.
- The storefront widget calls our server through Shopify's App Proxy with the current cart state to compute progress ("Add $12 more to save 10%"). These requests are signed by Shopify, processed in memory and not stored.
- The optional "You saved" banner on the thank-you page reads the order's applied discounts inside Shopify's checkout environment only; nothing is sent to our servers.