Privacy Policy

Last Updated: December 9, 2025

1. Introduction

This Privacy Policy describes how Reloflex Collection Automation ("App", "we", "us") collects, uses, and safeguards information when merchants install and use the app in their Shopify store. We are committed to protecting merchant data and only accessing what is necessary for the app to function.

2. Information We Collect

The app accesses certain store data through the Shopify API. We only request the minimum permissions required to create and maintain smart collections based on merchant-defined rules.

We may access:

  • Product data (titles, variants, tags, metafields, product IDs)
  • Collection data (to create and update smart collections)
  • Store information (store name, store domain, Shopify ID)
  • Automation settings (generator fields, naming patterns, quantity thresholds)

We do NOT access or store:

  • Customer personal data
  • Order details or payment information
  • Checkout or credit card information
  • Any data not explicitly required by the app's functionality

We do not use or share merchant data for advertising, analytics, profiling, or resale.

3. How We Use Your Information

The app uses the data accessed from Shopify solely to:

  • Read product data and metafields
  • Generate collections based on merchant settings
  • Update or remove collections when matching conditions change
  • Maintain the accuracy of automations over time
  • Provide support and respond to your inquiries
  • Send you notifications about new features and important updates (you may opt out at any time)

No data is processed for any purpose outside the functionality of the app.

4. Data Storage and Security

We store only the minimal configuration needed for your automations, such as:

  • Selected generator fields
  • Naming patterns
  • Quantity thresholds
  • Automation settings

No product data is stored permanently. All requests are processed through secure, encrypted connections using HTTPS. If any app data is stored, it is kept in secure databases with strict access control and is never shared with third parties.

5. Data Sharing and Disclosure

We do not sell, rent, or trade merchant information.

Data may be shared only in these limited situations:

  • With Shopify: As required to operate using the Shopify API
  • Legal Compliance: To comply with legal requirements, if requested

We do not share data with any external service providers unless explicitly stated and required for the core functionality (currently none).

6. Data Retention and Deletion

We retain automation settings only while the app is installed.

When a merchant uninstalls the app:

  • The app ceases all access to store data immediately
  • All user data is permanently deleted within 48 hours
  • This includes all stored settings, automation configurations, and any cached or temporary data

Merchants may request immediate deletion at any time by contacting us.

7. Merchant Rights

Merchants have the right to:

  • Access the data connected to their account
  • Request correction or deletion
  • Withdraw consent by uninstalling the app
  • Contact us for clarification about how data is handled

We respond to all privacy requests within 5 business days.

8. Cookies and Tracking

We use minimal cookies and local storage to maintain your session and preferences (such as dark mode settings). We do not use third-party tracking or advertising cookies.

8. GDPR and International Compliance

If you are located in the European Economic Area, the app processes data as a "Data Processor" under GDPR. We only process data that merchants provide through Shopify and only for the operational functioning of the app.

9. Webhooks From Shopify

As required by Shopify, the app subscribes to mandatory webhooks, including:

  • app/uninstalled → triggers automatic deletion of all merchant-related data

We do not store or use webhook data for any other purpose.

10. Children's Privacy

The app is intended for business use only and is not directed toward individuals under 18. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Updated versions will always be posted on this page with a revised "Last Updated" date.

12. Contact Us

If you have any questions about this Privacy Policy, or want to request data removal, please contact us:

  • Email: contact@reloflex.com
  • Website: reloflex.com
  • Company: SC Reloflex SRL
  • Jurisdiction: Romania