Privacy Policy
Plain Points is operated by Mario Rodríguez (Spain) ("we", "us"). This policy explains what data the Plain Points app for Shopify and the plainpoints.app website collect, how we use it, and the choices available to merchants and their customers.
Contact: support@plainpoints.app
Who this policy covers
- Merchants: Shopify store owners and staff who install Plain Points.
- Customers: the merchant's end customers who earn and redeem loyalty points.
For customer data, the merchant is the data controller and Plain Points acts as a data processor on the merchant's behalf. For merchant account data, Plain Points is the controller.
Data we collect and why
From merchants
- Store domain, the admin user's name and email, and a Shopify access token, collected during installation to operate the app.
- Loyalty program settings (earning rate, reward threshold) and subscription plan status. Billing is handled entirely by Shopify; we never see payment details.
About the merchant's customers
Stored in our database:
- Shopify customer ID
- Point balance and point history (event type, points, related order ID, order subtotal, and optional note on manual adjustments)
- Discount codes generated when points are redeemed
We do not store customer names, email addresses, physical addresses, or payment information.
Accessed but never stored:
- Customer name and email are fetched live from the Shopify API each time a merchant opens their members dashboard, solely to display and search members. No copy is kept by us.
- A customer's email address is passed to our email provider only at the moment a reward notification is sent (see Subprocessors).
How we receive order data
We process the orders/paid and refunds/create webhooks from Shopify (order ID, subtotal, customer ID) to award and deduct points. This is the app's core function.
What we never do
We do not sell or rent personal data, use it for advertising, profiling or automated decision-making with legal effects, or share it with anyone other than the subprocessors listed below.
Subprocessors
- Railway (hosting and managed PostgreSQL database). All app data is hosted in the European Union (Amsterdam, Netherlands). Data is encrypted in transit (TLS) and at rest, including backups. See Railway's privacy policy and DPA at railway.com.
- Resend (transactional email delivery). When a customer earns a reward, we send a notification email through Resend. Resend receives only: the recipient's email address, the store's domain (shown in the message), and the generic message content (no purchase data or customer name). Resend retains delivery logs under its own retention policy and acts under its Data Processing Agreement. See resend.com.
Data retention and deletion
- Uninstall: when a merchant uninstalls Plain Points, Shopify notifies us 48 hours later (
shop/redact) and we delete all of that store's data immediately upon receiving the notification. - Customer erasure requests: when a customer asks the merchant to erase their data, Shopify forwards the request to us (
customers/redact) and we anonymize that customer's loyalty record immediately. Shopify sends this request 10 days after it is made, or, if the customer purchased in the last 6 months, once that period has elapsed. - Customer data requests: when a customer requests a copy of their data (
customers/data_request), we provide the merchant with an export of everything we hold about that customer. - Otherwise, loyalty data is retained while the merchant uses the app. Points do not expire.
Data export
Merchants can export their loyalty data as CSV at any time from the dashboard. Exports contain customer ID, point balance, lifetime points and join date only.
Security
All connections use TLS. The database and its backups are encrypted at rest. Every point movement is recorded in an immutable audit log. Infrastructure access is limited to a single developer, protected with strong passwords and two-factor authentication on all service accounts.
Legal bases (GDPR)
We process merchant data to perform our contract with the merchant, and customer data on the merchant's documented instructions as their processor. Where applicable, our legitimate interest covers app security and fraud prevention.
Your rights
Customers can exercise their privacy rights (access, correction, erasure) directly with the merchant whose store they shop at; Shopify relays these requests to us automatically as described above. Merchants can contact us at support@plainpoints.app for any privacy request. EU residents also have the right to lodge a complaint with their local supervisory authority.
Children
Plain Points is a business tool and is not directed at children.
Changes
We will post any changes to this policy on this page and update the effective date. Material changes will be announced to merchants by email or in-app.
Contact
Questions about this policy or your data: support@plainpoints.app