Rekit (“we”, “our”, “us”) provides a Shopify application for subscription and selling-plan workflows. This policy describes how we collect, use, store, and share information when you install and use the app. By using the app, you agree to this policy alongside our Terms of Service.
1. Information we collect
We process data needed to run the app and integrate with Shopify:
Shop & merchant data
- Shop domain, shop name, and merchant contact details available from Shopify
- OAuth access tokens and identifiers required to call the Shopify Admin API
- App billing and plan status where Shopify Billing or related flows apply
Product & subscription data
- Product, variant, and selling plan information you configure through the app
- Subscription contract summaries and statuses needed to display and manage subscriptions in admin
- Order and customer references where required for subscription operations permitted by your scopes
Technical & operational data
- Server logs, error reports, and diagnostic metadata to maintain reliability and security
- Webhook payloads sent by Shopify that the app is subscribed to receive
2. How we use information
- Provide core app features (selling plans, subscription management, dashboards, storefront or portal experiences you enable)
- Authenticate requests, enforce authorization, and protect against abuse
- Process billing and comply with Shopify Partner and platform requirements
- Improve stability, fix bugs, and develop features consistent with merchant expectations
- Meet legal obligations and respond to valid requests from authorities where applicable
We do not sell personal information. We do not use merchant data for third-party advertising unrelated to operating the app.
4. Retention
We retain data while your shop uses the app and as needed afterward for security, accounting, and legal compliance. When you uninstall, Shopify-related tokens and shop-scoped data are handled according to Shopify’s processes and our obligations, including GDPR webhooks described below.
5. Your rights
Depending on your jurisdiction, you may have rights to access, correct, delete, or export personal data, and to object to or restrict certain processing. To exercise these rights, contact us using the options on our Shopify App Store listing or your merchant support channel.
6. GDPR & Shopify mandatory webhooks
Where applicable, we comply with Shopify’s mandatory privacy webhooks, including:
- Customer data request — provide information we hold as instructed by Shopify
- Customer redact — delete or anonymize customer data when Shopify requests redaction
- Shop redact — delete shop-associated data after uninstall when Shopify sends shop redaction
7. Security
We use industry-standard measures such as encryption in transit (HTTPS), access controls, and secure handling of secrets. No system is perfectly secure; if we become aware of an incident affecting your data in a way that requires notice, we will follow applicable law.
8. Changes
We may update this policy from time to time. We will revise the “Last updated” date above and, where changes are material, provide notice through the app or other reasonable means.
Questions?
Contact us through the support or contact options on our Shopify App Store listing.