Privacy Policy

Loyalty Program — Points & Rewards for Shopify

Last updated: June 1, 2026

1 Introduction

Loyalty Program ("we", "our", "us") operates the Loyalty Program application for Shopify — a points-based rewards program that lets your customers earn points for orders and redeem them for discounts at checkout. This Privacy Policy explains how we collect, use, store, and protect information when you install and use our app on your Shopify store.

2 Information We Collect

To run the loyalty program on your store we collect and store the following:

  • Shop Information: Store name, domain, email, timezone, currency, and plan — provided by Shopify during the OAuth process.
  • Loyalty Program Configuration: Your earn rules (e.g. "Place an order"), redeem rules (Amount discount, Percentage discount), point currency labels, point expiry policy, and program on/off status.
  • Branding Configuration: Appearance settings for the Rewards launcher, Rewards panel, and Product page badge (colors, icons, sizes, positions).
  • Customer Loyalty Records: For each enrolled customer we store their Shopify customer ID, current points balance, lifetime earned points, exclusion status, and a history of point transactions (earned from orders, deducted on refund/cancel, expired, spent on rewards, or manually adjusted by you).
  • Order Data: Order ID, order name, eligible subtotal, processed/cancelled dates, and customer ID — received via Shopify webhooks (orders/paid, orders/fulfilled, orders/cancelled, refunds/create) — used to award or withdraw points and recorded in the customer's point history.
  • Generated Discount Codes: Codes we create on Shopify when a customer redeems points; stored against that customer's history with expiry date and value.
We do not store customer payment information, browsing history, or marketing preferences. Customer names, emails, and phone numbers are fetched on demand from Shopify when you open a customer detail page in the admin — they are not persisted on our servers.

3 How We Use Your Information

  • To run the loyalty program: award points when customers place qualifying orders, withdraw points on cancellations or refunds, and process redemptions into Shopify discount codes.
  • To enforce point expiry: a scheduled job runs every 5 minutes to deduct points whose expiry date has passed, recording the deduction in the customer's history.
  • To publish branding settings to your storefront via Shopify shop metafields, so the Rewards launcher, panel, and product badge render with your chosen styling.
  • To respond to storefront requests via Shopify's App Proxy (e.g. customers viewing their balance, activity log, and available coupons through the Rewards panel).
  • To let you adjust points, spend points on behalf of customers, or exclude customers from the program from the admin Customers page.
  • To improve our app, troubleshoot issues, and maintain operational logs.

4 Data Storage & Security

All data is stored using Google Firebase (Cloud Firestore and Firebase Functions), hosted on Google Cloud Platform. Firebase provides enterprise-grade security including:

  • Data encryption in transit (TLS/SSL) and at rest.
  • Firestore security rules restricting access to authorized backend functions only.
  • Regular security audits and compliance with industry standards.

Your loyalty configuration is also published to Shopify shop metafields (namespace ja_loyalty, key widget_config) so the theme app extension can render the widget without an extra backend round-trip.

App Proxy requests from the storefront to our backend are signed by Shopify with HMAC-SHA256; we verify the signature before serving any data.

5 Data Sharing

We do not sell, rent, or share your data with any third parties. Your data is used only to operate the app. We rely on the following services:

  • Shopify API: To authenticate your store, fetch customer / order details, manage metafields, create discount codes for redemptions, and register webhooks.
  • Google Firebase: For secure data storage, scheduled functions (point expiry), and backend processing.

6 Shopify API Scopes

Our app requests the following Shopify permissions:

  • read_themes: To check whether the loyalty theme app embed is enabled on your storefront and surface the status on the Dashboard.
  • read_files / write_files: To upload custom icons and images you choose for the Rewards launcher, panel, and Product page badge.
  • read_customers: To look up customer name / email / phone on demand when you open a customer detail page.
  • read_orders: To read order details delivered via the orders webhooks so we can compute and award the correct number of points.
  • write_discounts: To create Shopify discount codes when a customer redeems points for a reward.
  • read_content: Reserved for future metafield-driven features (e.g. program announcements). Not currently used to read merchant content.

7 Webhooks We Subscribe To

Shopify pushes the following events to our backend so we can keep the program in sync:

  • app/uninstalled — clean up sessions and trigger data deletion.
  • orders/paid, orders/fulfilled — award points for the order (depending on your earn rule's reward trigger).
  • orders/cancelled — reverse points awarded for the order.
  • refunds/create — proportionally deduct points based on the refunded amount.
  • customers/data_request, customers/redact, shop/redact — Shopify-mandated GDPR compliance topics (see section 9).

8 Data Retention & Deletion

We retain your program configuration and customers' point history for as long as you have the app installed. When you uninstall the app:

  • Shopify sends an app/uninstalled webhook to our backend.
  • Your OAuth session data is removed immediately.
  • Program configuration, branding settings, and customer loyalty records are permanently deleted within 30 days of uninstallation.

You can request immediate data deletion by contacting us at the email listed below.

9 GDPR & Compliance

We comply with Shopify's mandatory privacy webhooks:

  • customers/data_request: We respond to merchant requests for the data we hold about a specific customer (their Shopify customer ID, points balance, and point history). We do not store the customer's name, email, phone, or address.
  • customers/redact: When a customer requests redaction, we delete the associated customer loyalty record and all point-history entries for that customer.
  • shop/redact: 48 hours after a shop uninstalls, Shopify sends this webhook and we erase all remaining shop data (configuration, customer records, history, generated discount codes references).

10 Your Rights

You have the right to:

  • Access the data we hold about your store and customers (viewable in the app's Customers and Customer detail pages).
  • Export, correct, or delete customer loyalty records on request.
  • Exclude any customer from the program at any time from the Customer detail page.
  • Uninstall the app at any time to stop all data collection.

11 Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

  • Email: janova048@gmail.com
  • App: Loyalty Program

© 2026 Loyalty Program. All rights reserved.

Back to App