Legal
Privacy Policy
Last updated: March 2026
Oprofit ("we", "our", or "us") operates the Oprofit Shopify app and the website at oprofit.app and oprofit.io (collectively, the "Service"). This Privacy Policy explains how we collect, use, and protect information about you when you use the Service. By installing the Oprofit app or using our website, you agree to the practices described here.
1. Information We Collect
1.1 Shopify Store Data
When you install Oprofit on your Shopify store, we request the following OAuth scopes and collect the corresponding data:
read_productsProduct titles, variants, SKUs, prices, inventory quantities, and images.read_ordersOrder IDs, line items, financial and fulfilment status, pricing, discounts, shipping costs, taxes, and customer email addresses.read_inventoryInventory levels per variant and location.
1.2 Account Information
We store your Shopify store domain, shop name, and the email address associated with your Shopify account. This is used to identify your store and send you service-related communications such as weekly profit digests (if opted in).
1.3 Cost of Goods (COGS) Data
You manually enter cost-per-unit figures for your product variants. This data is stored exclusively in our database and is never shared with third parties.
1.4 Ad Spend Data
If you connect Meta (Facebook/Instagram) Ads or Google Ads integrations, we request read-only access to your advertising account data. We fetch and store daily campaign spend figures to calculate true profit attribution. We do not access ad creatives, audience data, or personally identifiable information about your ad audiences.
1.5 Usage Data
We may collect non-identifiable usage information such as page views, feature interactions, and error logs to improve the Service. This data does not include any customer or order data from your store.
2. How We Use Your Information
- Calculate and display true per-SKU profit, margins, and ad spend attribution for your store.
- Sync and refresh your order, product, and refund data on demand.
- Send weekly profit digest emails if you have opted in (you can opt out at any time in Settings).
- Send service-related transactional emails (e.g. margin alerts you have configured).
- Diagnose technical issues and improve the reliability and performance of the Service.
- Comply with legal obligations.
We do not use your data to train machine learning models, sell advertising, or share data with data brokers.
3. How We Store and Protect Your Data
Your data is stored in a PostgreSQL database hosted on Neon (a SOC 2-compliant cloud database provider). Session tokens are stored in Redis hosted on Upstash. The application is hosted on Vercel.
Shopify access tokens and third-party ad platform tokens are stored encrypted at rest. We use HTTPS for all data in transit. Access to production systems is restricted to authorised personnel only.
We retain your store data for as long as your account is active. If you uninstall the Oprofit app, your data is flagged as inactive. You may request full deletion by contacting us (see Section 8).
4. Data Sharing and Third Parties
We do not sell, rent, or trade your personal or store data. We share data only with the following categories of service providers strictly for operating the Service:
| Provider | Purpose | Data shared |
|---|---|---|
| Neon | Database hosting | All store data |
| Upstash | Redis / session storage | Session tokens |
| Vercel | Application hosting | Request logs (no store data) |
| Resend / SMTP provider | Transactional email | Store email address, digest metrics |
5. Cookies and Local Storage
Oprofit uses a single first-party cookie (shop) to identify your connected Shopify store domain across page loads. This cookie is strictly necessary for the Service to function and does not track you across other websites.
We do not use third-party tracking cookies, advertising pixels, or analytics services that profile individual users.
6. Your Rights
Depending on your location, you may have the following rights regarding your data:
- Access — request a copy of the data we hold about your store.
- Correction — request corrections to inaccurate data.
- Deletion — request that we delete your store data. Note: uninstalling the Oprofit Shopify app does not automatically delete your data from our database; you must contact us to request deletion.
- Portability — request an export of your store data in a machine-readable format.
- Objection — object to certain processing of your data.
To exercise any of these rights, contact us at privacy@oprofit.app. We will respond within 30 days.
7. Data Retention
We retain your store data for as long as your Oprofit account is active or as needed to provide the Service. If you uninstall the app and do not reinstall within 90 days, we will automatically delete your store's data from our production database. Backups may retain data for up to 30 additional days after deletion.
8. Contact Us
If you have questions, concerns, or requests related to this Privacy Policy, please contact us:
Oprofit
Email: privacy@oprofit.app
Website: oprofit.app
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. If the changes are material, we will notify active users by email or via an in-app notice. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.