Privacy Policy

Last updated: April 2026

What data we collect

PoolSync collects the minimum data necessary to provide inventory pool management. This includes:

• Your Shopify store domain and access token (encrypted at rest with AES-256-GCM)
• Product and variant IDs for inventory mapping
• Order IDs and line item quantities for inventory tracking
• Inventory quantities at specific locations

What we do NOT collect

• Customer names, emails, addresses, or phone numbers
• Payment or billing information (handled by Shopify)
• Browsing behavior or analytics about your customers

How we use your data

Data is used exclusively to synchronize inventory across product variants within your Shopify store. We do not sell, share, or use your data for any purpose other than providing the PoolSync service.

Data storage and security

• Access tokens are encrypted with AES-256-GCM before storage
• Data is stored in Supabase PostgreSQL with row-level security
• All communication uses HTTPS/TLS encryption in transit
• Database access is restricted to service-level credentials

Data retention

When you uninstall PoolSync, all your pool data, variant mappings, and event history are permanently deleted. Your encrypted access token is revoked and replaced with a redacted placeholder. Store records are retained only as anonymized metadata for analytics.

Third-party services

• Supabase — database hosting (PostgreSQL)
• Upstash — Redis caching and job queue (QStash)
• AWS Amplify — application hosting

Your rights

You can request a copy of your data or request deletion at any time by contacting us at support@poolsync.app. Uninstalling the app automatically deletes all your data.

Contact

For privacy questions, contact us at support@poolsync.app.

Terms of Service