Privacy Policy

Last updated: 18 June 2026

Brightrix ("we", "us", "the app") is a Shopify app that shows fulfillment analytics by reading order data from your Shopify store via the Shopify Admin API. This Privacy Policy explains what data we access, how we use it, and how we protect it.

1. Data we receive from Shopify

When a merchant installs our app, Shopify shares limited information with us via the Admin API:

Shop information: shop domain, plan, primary email, currency, and timezone — used to format figures and set date boundaries.
Order metadata (via the read_orders scope): for each order we read only its order number, date created, cancellation date, sales channel/source, fulfillment status, first fulfillment date, order total, and currency.

Order objects are classified by Shopify as protected customer data, so we access them under Shopify's Protected Customer Data requirements. However, we read only the non-personal metadata fields above. We do not request, receive, or store any customer (shopper) personal data — no customer names, emails, addresses, phone numbers, or payment details ever reach Brightrix.

2. How we read it

We read order metadata live from the Shopify Admin API each time you open a dashboard, aggregate the figures in memory, and cache only the aggregated, non-personal results briefly to keep the app responsive. The underlying orders are not stored.

3. Data we store

Shop and billing records: your shop domain, selected plan, subscription status, and your fulfillment settings (such as your on-time target).

We do not store order data, line items, or any customer information.

4. How we use data

Solely to provide the service: reading your Shopify order metadata to render fulfillment-analytics dashboards, and managing your plan. We do not sell or share your data with third parties for marketing.

5. GDPR & data deletion

We implement Shopify's mandatory privacy webhooks. Because we hold no customer data, customer data requests and customer redaction requests are acknowledged with nothing to export or delete.
When you uninstall the app, Shopify sends a shop redaction request 48 hours later and we permanently delete all stored data for your shop — your shop, settings, and billing records.
You may also request deletion at any time at the contact below.

6. Security

Data is stored in a managed PostgreSQL database with encryption at rest and TLS in transit. Access is restricted to the app itself.

7. Contact

Questions or deletion requests: mvenkat1177@gmail.com