ZyncPrivacy Policy
This Privacy Policy explains how Zync Syncing Solutions ("Zync", "we", "us", or "our") collects, uses, stores, shares, and protects information in connection with the Zync — Multi Store Sync application ("the App") for Shopify.
Zync keeps connected Shopify stores in sync — mirroring products and inventory from a source store to a destination store, and forwarding orders from the destination store back to the source store for fulfillment. We process only the data needed to provide that functionality.
1. Our role
For most data we process, the merchant who installs the App is the data controller and Zync acts as a data processor, processing data on the merchant's behalf and on their instructions to provide the sync service. Each merchant is responsible for having a lawful basis to collect and share the data they sync through the App, and for their own customer-facing privacy notices.
2. Information we collect
We collect the minimum personal data required to provide value to merchants:
- Merchant account information — the name and email address of the store owner/staff who installs or signs in, and your store's
myshopify.comdomain. - Authentication data — OAuth access tokens issued by Shopify and the App's own session tokens, used to access the Shopify APIs and authenticate you.
- Store catalog data — products, variants, images, inventory levels, collections, locations, tags, and product metafields (including SEO fields), read from the source store and written to the destination store.
- Connection data — your store's connection key and the per-connection sync, sharing, and order-forwarding settings you configure.
- Order and customer data (order forwarding only) — when order forwarding is enabled, an order placed in the destination store for a synced product is forwarded to the source store. This can include order details, line items, and customer personal data such as name and shipping address. Merchants can choose to forward the real customer details or substitute fixed customer details.
We do not collect payment card details, and we do not ask buyers to enter information directly through the App.
3. How we use information
We tell merchants what personal data we process and our purposes for processing it, and we limit our use of personal data to those purposes:
- To install, authenticate, and operate the App.
- To match catalogs and mirror products and inventory between connected stores.
- To forward orders from a destination store to a source store for fulfillment.
- To apply the sync, sharing, and forwarding settings a merchant configures.
- To provide support, maintain security, prevent abuse, and debug errors.
- To comply with legal obligations.
We do not sell personal data, and we do not use personal data for advertising or for automated decision-making that produces legal or similarly significant effects on individuals.
4. Consent
By installing and using the App, merchants accept this Privacy Policy, which governs how we process personal data on their behalf. Because Zync acts as a processor on the merchant's instructions and does not have a direct relationship with the merchant's end customers, end-customer consent, data-sale opt-out, and automated-decision opt-out are handled by the merchant as the controller and are not applicable to Zync's own processing.
5. How we share information
We share information only as needed to run the service:
- Shopify — we exchange data with the Shopify Admin API to read and write the store data described above.
- Service providers (sub-processors) — we use trusted infrastructure providers to host and operate the App, including Amazon Web Services (AWS) for hosting, database, cache, and messaging, and Sentry for error monitoring. These providers process data on our behalf under contractual confidentiality and security obligations.
- Legal and safety — we may disclose information if required by law or to protect our rights, users, or the public.
We do not sell or rent personal data to third parties.
6. Data storage and security
We apply administrative, technical, and physical safeguards designed to protect personal data:
- Encryption — data is encrypted in transit (TLS) and at rest, and our backups are encrypted.
- Environment separation — we keep test and production data separate.
- Access control — we limit staff access to customers' personal data on a least-privilege basis, enforce strong password requirements for staff, and log access to personal data.
- Resilience — we maintain a data loss prevention strategy and a security incident response policy.
Data is hosted in the United States (AWS). No method of transmission or storage is completely secure, but we work to protect personal data using industry practices.
7. Data retention and deletion
We keep personal data only for as long as needed to provide the App, and we maintain retention periods so data isn't kept longer than necessary:
- When a merchant uninstalls the App, we stop processing and delete or de-identify the store's data within our retention window (we retain limited installation-state data needed to handle a future reinstall).
- We delete or de-identify personal data in response to a valid deletion request from a merchant or, where applicable, an individual, and we can provide a copy of the personal data we hold about an individual on request.
- We may retain limited data longer where required for legal, accounting, or security purposes.
8. Your rights
Depending on your location, you (or, for end customers, the merchant on your behalf) may have rights to access, correct, delete, port, or restrict the processing of personal data, and to object to certain processing under laws such as the GDPR and CCPA/CPRA. Because Zync typically acts as a processor, end customers should direct requests to the merchant (the controller); we will assist merchants in responding to such requests. Merchants may contact us using the details below.
9. International data transfers
We are based in the United States, where personal data is processed. Where personal data is transferred across borders, we rely on appropriate safeguards (such as standard contractual clauses) where required by law.
10. Children's privacy
The App is intended for use by merchants and is not directed to children. We do not knowingly collect personal data from children.
11. Changes to this policy
We may update this Privacy Policy from time to time. For material changes we will provide reasonable notice (for example, at least 30 days where practicable) by updating the effective date and, where appropriate, notifying merchants.
12. Contact us
Questions, requests, or complaints about this policy or our data practices:
- Zync Syncing Solutions
- Email: support@storezync.com
- Address: 285 W Wieuca Rd NE, Atlanta, GA 30342
If you believe we have not addressed your concern, you may have the right to lodge a complaint with your local data protection authority.