StockPilot

Privacy Policy

Last updated: June 23, 2026

Overview

StockPilot helps Shopify merchants monitor inventory risk, identify low-stock and overstock items, and review reorder suggestions. This policy explains what data StockPilot collects, how it is used, and how merchants can request deletion or ask privacy questions.

Information We Collect

  • Shop information needed to install and operate the app, such as the shop domain and app session data.
  • Product and variant data, including product titles, variant titles, SKUs, product status, and inventory item IDs.
  • Inventory data, including location references and available, on-hand, committed, and incoming quantities.
  • Sync job, risk score, alert, billing-plan, and webhook metadata used to operate and troubleshoot the app.
  • Optional recent order sales totals only if the merchant grants order access. StockPilot uses this to estimate sales velocity by variant and date.

StockPilot does not request `read_all_orders`, does not request inventory write access, and does not automatically modify Shopify inventory.

Customer Personal Data

StockPilot is designed to avoid storing customer-level personal data. The app does not store customer profiles, customer emails, addresses, phone numbers, payment details, full order payloads, or raw webhook payloads. If optional order access is enabled, StockPilot stores aggregated line-item sales facts by variant and date for inventory analysis.

How We Use Information

  • To sync product, variant, inventory, and optional recent sales data for the merchant store.
  • To calculate inventory risks, alerts, and reorder suggestions.
  • To enforce subscription plan limits and maintain billing status.
  • To secure the app, prevent abuse, debug failures, and provide merchant support.
  • To comply with Shopify platform requirements and applicable legal obligations.

Sharing and Processors

StockPilot does not sell merchant or customer data. Data is processed using Shopify APIs and Google Cloud services used to host the app, database, logs, and secrets. Data may be disclosed if required to comply with law, enforce agreements, protect rights, or respond to valid platform or legal requests.

Security

StockPilot uses shop-scoped tenant isolation, encrypted transport, encrypted Shopify session tokens, Secret Manager for production secrets, and sanitized logs that avoid access tokens, secrets, and full sensitive payloads.

Retention and Deletion

StockPilot keeps shop-scoped operational data while the app is installed and as needed for app operation, security, billing, and support. When Shopify sends an `app/uninstalled` webhook, StockPilot marks the shop as uninstalled and deletes Shopify sessions. When Shopify sends a `shop/redact` privacy webhook, StockPilot deletes shop-scoped app data and keeps only a minimal redacted audit record.

Because StockPilot does not store customer profiles or customer contact details, customer data request and customer redact webhooks are recorded as processed metadata only.

Merchant Choices

Merchants can uninstall StockPilot from Shopify Admin at any time. Merchants can also contact StockPilot to ask privacy questions or request deletion of shop-scoped app data.

Contact

For privacy questions or deletion requests, contact StockPilot at pamelanewman3748@hotmail.com.

Changes

StockPilot may update this policy from time to time. Material changes will be reflected by updating the date at the top of this page.