Privacy Policy

Growly Discounts: Last updated: February 22, 2026

Growly Discounts ("the App") is operated by Growly Oy ("we", "us", "our"). This privacy policy explains how we collect, use, and protect information when you install and use the App on your Shopify store.

1. Information We Collect

1.1 Via Shopify APIs

When you install the App, we access the following data through Shopify's APIs:

• Customer tags: to determine discount eligibility based on customer groups (e.g., "vip", "wholesale"). We do not access customer names, emails, phone numbers, or addresses.
• Product data: product names, prices, and variants to apply price-based discounts and preview pricing
• Location data: POS store location names and IDs to enable store-specific discounts
• Store locale settings: to provide multilingual discount labels
• Theme information: to check whether required theme blocks are installed
• Discount configurations: to create and manage automatic discounts

1.2 Stored in Our Database

We store the following data on our servers:

• Shopify session tokens (for API authentication)
• Discount campaign configurations (name, type, value, targeting rules, schedule)
• Customer group definitions (group name and associated customer tags)
• Price sync logs (product/variant IDs, original and discounted prices)
• App settings (language preference, default values)

1.3 What We Do NOT Collect

• We do not collect customer names, email addresses, phone numbers, or physical addresses
• We do not collect payment or financial information
• We do not use cookies or tracking technologies on your storefront
• We do not collect data from your customers' browsers

2. How We Use the Data

We use the collected data solely to provide the App's functionality:

• Apply automatic discounts at checkout based on customer tags
• Sync discounted prices to product listings
• Enable store-specific POS discounts based on location
• Display member price previews on your storefront
• Manage discount campaign schedules and rules

We do not sell, rent, or share your data with third parties for marketing or advertising purposes.

3. Data Storage and Security

• Data is stored in a PostgreSQL database hosted on Render (Frankfurt, EU)
• All data in transit is encrypted via TLS/HTTPS
• API access is authenticated through Shopify's OAuth and session tokens
• Database access is restricted to the application only

4. Data Retention

• Campaign data and settings are retained for the duration of your subscription
• When you uninstall the App, all your data (campaigns, customer groups, settings, sessions) is automatically deleted within 48 hours
• Price sync logs are retained only while the associated campaign is active

5. Data Sharing

The App uses the following third-party services:

• Shopify: platform provider and data processor
• Render: application and database hosting (EU region)

We do not share data with any other third-party services.

6. Your Rights

We comply with GDPR, CCPA/CPRA, and other applicable privacy regulations. You and your customers have the right to:

• Access: request a copy of stored data
• Correction: request correction of inaccurate data
• Deletion: request deletion of stored data
• Portability: request data in a portable format
• Uninstall: removing the App triggers automatic deletion of all stored data

Customer data requests are handled through Shopify's mandatory compliance webhooks (customers/data_request, customers/redact). We respond to all requests within 30 days.

7. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes through the App or via Shopify's notification system.