Privacy Policy
Effective July 9, 2026
This policy explains how PackLedger collects, uses, stores, and deletes information when merchants use the PackLedger Shopify app and related support services.
Information we process
- Shopify account and store information needed to authenticate the app, including shop domain, session details, and the authorized staff member's name and email address.
- Merchant-entered compliance data, including brands, products, SKUs, packaging materials, calculations, deadlines, and evidence.
- Files and order data a merchant uploads by CSV. Importers use order identifiers, dates, SKU and quantity data, commercial totals, and ship-to country, region, and optional postal code. Customer names, email addresses, street addresses, and phone numbers are not imported.
- Operational records such as audit events, import errors, and support correspondence.
The CSV-first release does not request Shopify product or order API access and does not ingest Shopify customer data through the Admin API.
How we use information
We use information only to provide, secure, support, and improve PackLedger; calculate packaging EPR estimates; create merchant- requested exports and evidence packs; maintain an audit trail; and comply with legal obligations. We do not sell personal information or use merchant data for advertising.
Service providers
PackLedger is delivered through Shopify. Production application hosting and persistent file storage use Render, and application data is stored in Neon Postgres. These providers process data only to deliver their contracted infrastructure services and are subject to their own security and privacy terms.
Retention and deletion
We keep merchant data while the app is installed and as needed to provide the service. An uninstall stops app access. Shopify's mandatory customers/redact and shop/redactwebhooks are authenticated before processing. PackLedger's CSV-first data is merchant-controlled rather than customer-profile data. Customer compliance requests are recorded without retaining the webhook's customer or order identifiers. A verified shop redaction request deletes the shop organization and its associated application records. Infrastructure backups may remain for a limited period under provider backup and disaster-recovery cycles before they are overwritten.
Security and access
We use Shopify authentication, encrypted network connections, access controls, audit logging, and managed infrastructure. No internet service can guarantee absolute security. Merchants should limit CSV uploads to the fields PackLedger documents and avoid including customer identity fields.
Your choices and rights
Merchants can correct or remove data in the app, uninstall the app, or ask us for access, correction, export, or deletion assistance. Depending on where you live, applicable law may provide additional privacy rights. We may verify the requester's identity and authority before acting on a request.
Changes and contact
We may update this policy as PackLedger changes. The effective date above identifies the current version. Questions or privacy requests can be sent to support@packledger.app.