Privacy Policy — Phantom Markdown
Phantom Markdown (“the App”) automates compare-at (“was/now”) pricing on your Shopify store. This policy explains what data the App accesses, why, how we protect it, and how it is deleted. It applies to you, the merchant who installs the App.
1. Information we access and store
When you install the App and use its features, we access and store the following from your Shopify store:
Store & authentication data
- Your shop domain (e.g.
your-store.myshopify.com) - Your store's default currency and timezone
- Shopify API access tokens, stored encrypted at rest, used solely to call the Shopify Admin API on your behalf
Product & pricing data
- Product variant identifiers and SKUs
- Selling price and current compare-at price for variants the App manages
- An audit log of compare-at price changes the App makes (previous value, new value, timestamp)
Order pricing data
- For orders within the App's lookback window: order identifier, order
name (e.g.
#1050), line-item identifier, variant identifier, line-item price (including/excluding tax) and currency
We use this order pricing data only to calculate correct compare-at reference prices.
We do not sell your data or use it for advertising.
2. How we use the information
- To set and update compare-at prices on your products, manually and on your configured schedule
- To enforce your subscription plan's limits and entitlements
- To maintain an audit log so you can review changes the App made
- To operate, secure, debug, and improve the App
3. How information is shared
We share data only with infrastructure sub-processors that run the App on our behalf:
- Shopify — the source and destination of all product/order/pricing data
- Amazon Web Services (AWS) — application hosting, database, and background job processing
We do not share your data with any other third parties except where required by law.
4. Data retention and deletion
- We retain the data above only while the App is installed and as needed to provide the service.
- When you uninstall the App, your Shopify access tokens are immediately invalidated and removed.
- Shopify sends a shop redaction request approximately 48 hours after uninstall; on receipt we permanently delete all data associated with your shop, including the store record.
- We honor Shopify's mandatory privacy requests:
- Customer data request — we report any order line-item pricing we hold for the specified orders (we hold no customer identity to disclose).
- Customer redaction — we delete any order line-item pricing rows for the specified orders.
- Shop redaction — we delete all data for your shop.
5. Data security
Access tokens are encrypted at rest. Data is transmitted over encrypted (HTTPS/TLS) connections. We restrict access to production data to authorized personnel only.
6. Your rights
Depending on your jurisdiction (including GDPR and CCPA/CPRA), you may have rights to access, correct, or delete data we hold, or to request it be exported. To exercise these rights, contact us at anchal@seventhtriangle.com. Because we hold no end-customer personal data, most requests are fulfilled directly through Shopify's data request and redaction flows described above.
7. International data transfers
Your data may be processed in the United States. Where required, we rely on appropriate safeguards for international transfers.
8. Children's privacy
The App is a business tool for Shopify merchants and is not directed to children.
9. Changes to this policy
We may update this policy from time to time. Material changes will be reflected by updating the effective date above and, where appropriate, notifying you within the App or by email.
10. Contact us
Seventh Triangle Consulting
[ADD REGISTERED BUSINESS ADDRESS]
Email: anchal@seventhtriangle.com