ShoppyInc

Privacy policy

Last updated: 2026-05-27

This policy explains what data ShoppyInc collects from merchants who use the platform, why we collect it, how we store it, and how we share it. ShoppyInc is the commerce platform operated at shoppyinc.com. The platform handles checkout, order management, payouts, and the related infrastructure for the merchants who run their stores on it.

This policy describes the ShoppyInc–merchant relationship. Shoppers on a merchant's storefront are subject to that merchant's own privacy policy in addition to ours.

What we collect

Account and identity

  • Email address and name you provide at sign-up, plus any optional profile data you add (business address, tax identifiers, phone number).
  • Authentication data — password hash (we never see your password in plaintext) or the Google account identifier you sign in with.
  • Two-factor authentication enrolment data (TOTP secret), if you turn it on.

Business and operational

  • Store configuration — products, prices, inventory, themes, the content you publish on your storefront, the orders that flow through it.
  • Customer contact + shipping data you receive through your storefront. This data belongs to the shopper; we process it on your behalf.
  • Operational logs — request timing, error reports, and audit logs of privileged actions you take inside the admin.

Financial and bank-connection data

  • When you connect a bank account for payouts, we use Stripe Financial Connections to verify it. Stripe handles the bank login on its own infrastructure; ShoppyInc never sees your online-banking credentials.
  • What we receive back from Stripe Financial Connections is a tokenized representation of the account and routing numbers, plus the institution name and (when you grant the optional permission) the current balance. We store the token, the institution name, and the last 4 digits of the account number. We do not store the raw account or routing number.
  • Transaction-level financial data is held by Stripe, our payments processor. We hold the order ledger that mirrors it inside the platform so you have a complete record independent of Stripe.

Why we collect it

  • To run the platform you signed up to use (accounts, stores, orders, payouts).
  • To meet our contractual and legal obligations — tax reporting (1099-K and similar jurisdictional equivalents), anti-fraud controls, sanctions screening.
  • To verify your bank account so we can send you the money your customers paid you. This is the only purpose for the data we receive via Stripe Financial Connections.
  • To investigate and respond to incidents — chargebacks, fraud, abuse, security events.
  • To improve the product. Aggregate, de-identified usage data informs which features we build next. Individual data is not used for ML training without your explicit consent.

Who we share it with

We share data only with sub-processors necessary to run the platform. The current list:

  • Stripe — payment processing, Connect accounts for merchant identity, Financial Connections for bank verification. Stripe is the licensed money-transmitter of record; we direct the flow.
  • Supabase — managed Postgres database hosting + authentication.
  • Cloudflare — DNS, CDN, R2 object storage for media (product images, theme assets, digital downloads), Cloudflare Images for delivery.
  • Vercel — application hosting for the admin, marketing, and storefront apps.
  • Fly.io — application hosting for backend services (webhook ingestion, checkout API).
  • Resend — transactional email delivery (order receipts, notifications, account emails).
  • Upstash — managed Redis for rate-limiting and session caching.
  • Sentry — error monitoring.
  • Doppler — secrets management for our own infrastructure (does not process merchant data).

We do not sell your data. We do not share it with advertisers. We do not allow third-party trackers on the ShoppyInc admin or marketing site.

We disclose data when compelled by valid legal process. We push back on overbroad requests and notify you when we are legally permitted to.

How long we keep it

  • Account data — kept for the lifetime of your account. We retain a 30-day soft-delete window after you close your account so you can recover from an accidental closure; after that, your account data is removed except where retention is legally required (financial records: 7 years; tax records per jurisdiction).
  • Order and payment data — retained for the period required by financial and tax regulations (in the US, generally 7 years).
  • Bank-connection tokens — retained while the connection is active. Removed immediately when you disconnect the bank, except for any token reference required to reconcile in-flight payouts.
  • Logs — operational logs are retained for 90 days; security audit logs for 1 year.

Your rights

You can export, correct, or delete your account data at any time from the admin dashboard, or by emailing help@shoppyinc.com. We respond to verifiable data-subject requests within 30 days. If you are in a jurisdiction with applicable privacy law (GDPR, CCPA, PIPEDA, etc.), the rights granted to you under that law apply.

Security

We store secrets encrypted at rest, transit data over TLS, isolate per-merchant data with row-level security in the database, and gate every privileged action behind authenticated session checks. Two-factor authentication is available and recommended.

We will notify you of any security incident that affects your data, without unreasonable delay and as required by applicable law.

Changes to this policy

If we change this policy, we update the "last updated" date above. Material changes will be notified in the admin and by email.

Contact

Email: help@shoppyinc.com