Privacy Policy
Last updated: April 1, 2026  • Effective: April 1, 2026
On This Page
1. Introduction
BundleIQ ("we", "us", or "our") is a Shopify app that provides bundle performance analytics to Shopify merchants. This Privacy Policy explains how we collect, use, store, and protect information when you install and use BundleIQ in your Shopify store.
By installing BundleIQ, you ("the merchant") agree to the practices described in this policy. If you do not agree, please uninstall the app.
2. Our Role Under GDPR
Under the General Data Protection Regulation (GDPR) and applicable privacy laws:
- BundleIQ is a data processor. We process data strictly on behalf of the merchant (you) and only as instructed by your use of the app.
- The merchant is the data controller. You determine the purposes and means of processing your store's data.
- Shopify Inc. is a data controller for the underlying platform and the Shopify APIs we use to access your store data.
We may only use data accessed through the Shopify API to operate and improve BundleIQ for your store. We will never use your data or your customers' data for any other purpose, and we will never sell it to third parties.
3. What We Collect
BundleIQ collects the minimum data necessary to provide bundle analytics. We access your store using Shopify's OAuth with the following scopes: read_products, read_orders, read_inventory.
Merchant & App Operation Data
| Data | Purpose | Deleted When |
|---|---|---|
| Shop domain (e.g. mystore.myshopify.com) | Identify which store data belongs to | App uninstalled + 48 days |
| Shopify OAuth access token | Make authenticated Shopify API calls on your behalf (stored encrypted, server-side only) | App uninstalled |
| Staff user name & email | Standard Shopify OAuth session — identifies the logged-in staff member for the active session | App uninstalled |
| Billing plan & Shopify charge ID | Track subscription tier for feature gating | App uninstalled + 48 days |
| Store currency & default margin preference | Display analytics in correct currency; apply defaults | App uninstalled + 48 days |
Store & Order Analytics Data
| Data | Purpose | Deleted When |
|---|---|---|
| Shopify product IDs, variant IDs, and product titles | Identify and track bundles and their components | App uninstalled + 48 days |
| Shopify Order IDs | Reference which orders contain bundle purchases | App uninstalled + 48 days |
| Order line item quantities, unit prices, total prices, currency | Calculate revenue, profit, and gross margin for each bundle | App uninstalled + 48 days |
| Order fulfillment status | Exclude cancelled or restocked orders from revenue totals | App uninstalled + 48 days |
| COGS (cost per unit) values | Merchant-entered cost figures used to calculate gross profit and profitability grades | App uninstalled + 48 days |
4. What We Do NOT Collect
- Customer names — not stored in any database
- Customer email addresses — not stored in any database
- Customer phone numbers — not collected or stored
- Customer postal addresses or shipping addresses — not collected or stored
- Customer payment or financial account details — never accessed; handled entirely by Shopify Payments
- Customer browsing or storefront behaviour — we have no presence on your storefront; no tracking scripts are injected
- Customer identifiers or profiles — we do not build customer profiles or link orders to individual customers
- Third-party analytics or tracking — BundleIQ uses no Google Analytics, Meta Pixel, Segment, Mixpanel, or any other third-party tracking service
- Third-party cookies — no tracking cookies are set on any page
Our analytics are aggregated at the product and bundle level — we analyze which products sell together, not who bought them.
5. How We Use Your Data
We use the data we collect solely to provide the BundleIQ service to your store. Specifically:
- Calculate bundle revenue, gross profit, gross margin, and profitability grades (A–F)
- Detect product bundles using your product catalogue (titles, tags, SKU patterns, Shopify Bundles metafields)
- Identify stockout risk for bundle components based on inventory levels and recent sales velocity
- Display aggregated analytics on your BundleIQ dashboard
- Maintain your subscription and billing plan status via the Shopify Billing API
We will never:
- Sell your data or your customers' data to any third party
- Use your store data to train machine learning models for other merchants
- Share data across merchant accounts (all data is scoped per-shop-domain)
- Use data for advertising or marketing purposes
6. Legal Basis for Processing
Under GDPR Article 6, our legal basis for processing data is:
| Data Category | Legal Basis | Explanation |
|---|---|---|
| Shop domain, OAuth token, billing plan | Contractual necessity (Art. 6(1)(b)) | Required to operate the app under the merchant-app agreement |
| Staff name & email (OAuth session) | Contractual necessity (Art. 6(1)(b)) | Provided by Shopify OAuth to identify the authenticated user; required for session management |
| Order & product analytics data | Contractual necessity (Art. 6(1)(b)) | Core purpose of the app — without this data, bundle analytics cannot be provided |
7. GDPR Compliance & Mandatory Webhooks
As required by Shopify's Partner Program and GDPR, BundleIQ implements all three mandatory GDPR webhooks:
customers/data_request
When a customer requests a copy of their data from a merchant, Shopify sends this webhook to all installed apps. Upon receiving it, BundleIQ responds that no customer personal data is held by BundleIQ for this customer. We do not store customer names, emails, or any personally identifiable information linked to individual customers. Merchants are notified in their app logs and must fulfil the data subject request themselves through Shopify within 30 days.
customers/redact
When a customer requests deletion of their data, Shopify sends this webhook. BundleIQ confirms receipt and responds that there is no customer personal data to delete. We do not store any data that is linked to or identifies individual customers, so there is nothing to redact on our side.
shop/redact
Shopify sends this webhook 48 days after a merchant uninstalls BundleIQ. Upon receipt, we permanently and irreversibly delete all data stored for that shop, including:
- All bundle records and component data
- All order line records
- All bundle metrics and COGS data
- All shop settings and billing records
This deletion is performed within 48 days of uninstallation, in compliance with Shopify's requirements.
8. Data Retention
| Data | Retention Period |
|---|---|
| Staff OAuth session data (name, email, token) | Deleted immediately on app uninstall |
| All shop analytics data (bundles, orders, metrics, COGS, settings) | Deleted within 48 days of uninstall (triggered by shop/redact webhook from Shopify) |
| Order line history (while app is installed) | Scoped to your billing plan: 30 days (Free), 90 days (Growth), 365 days (Pro) |
We do not retain data indefinitely. Once an app is uninstalled, a complete data purge is guaranteed within 48 days.
9. Your Rights
As a merchant (data controller), you have the right to:
- Access: Request a summary of data we hold for your shop
- Correction: Update incorrect COGS values or shop settings directly within the app
- Deletion: Uninstall BundleIQ at any time — all data is deleted within 48 days. For immediate deletion, contact us directly
- Portability: Contact us to request an export of your bundle analytics data
- Restriction: Contact us to restrict processing while we investigate a dispute
To exercise any of these rights, contact us at the email address in the Contact section below.
10. Sub-processors
BundleIQ uses the following sub-processors to operate the service:
| Sub-processor | Role | Location |
|---|---|---|
| Shopify Inc. | Platform provider; source of all store data via Shopify APIs | Canada / Global |
| App hosting provider | Server infrastructure on which BundleIQ runs (e.g. cloud hosting) | Disclosed on request |
| Database provider | Persistent storage for bundle and order analytics data (PostgreSQL in production) | Disclosed on request |
We do not use any marketing, analytics, advertising, or data broker sub-processors. All sub-processors are contractually bound to process data only as instructed by us.
11. Security
We implement the following technical and organisational measures to protect your data:
- HTTPS enforced: All data in transit is encrypted using TLS
- Server-side only access: OAuth tokens and store data are never exposed to the client browser
- Per-shop data isolation: All database queries are scoped by shop domain — one merchant cannot access another merchant's data
- Webhook signature verification: All Shopify webhooks are verified using HMAC-SHA256 before processing
- Minimal OAuth scopes: We request only
read_products,read_orders, andread_inventory— the minimum required to provide bundle analytics
In the event of a data breach that affects your store's data, we will notify you promptly and take all necessary remediation steps.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in the app, applicable law, or Shopify Partner Program requirements. When we do:
- The "Last updated" date at the top of this page will change
- Significant changes will be communicated via the BundleIQ app interface in your Shopify admin
- Continued use of BundleIQ after the effective date constitutes acceptance of the revised policy
14. Contact Us
If you have questions about this Privacy Policy, wish to exercise your data rights, or need to report a privacy concern, please contact us:
- Email: support@geny.it.com
- App: Via the BundleIQ support link in your Shopify Partner Dashboard
We aim to respond to all privacy-related enquiries within 5 business days.