Profit Pilot — Privacy Policy

Last updated: June 2026

This Privacy Policy explains how Profit Pilot ("Profit Pilot", "we", "us") handles information when you install and use the Profit Pilot app ("the App") on your Shopify store. Profit Pilot is operated by Nordic Apps, based in Sweden.

1. Information we access and store

When you install Profit Pilot, we access certain data from your Shopify store through Shopify's official APIs, only to calculate and display your store's profit:

• Store information: your store's domain and an access token, stored securely to keep the App connected and authenticated.
• Order, product, and inventory data: read through Shopify's Admin API to calculate revenue, costs, and net profit. This data is processed to show you results and is not sold or shared.
• Your settings: cost values you enter in the App (payment fee rate, shipping, packaging, returns, ad spend), stored to calculate your profit.

We do not collect, store, or sell your customers' personal information (such as names, emails, or addresses). Order data is read to compute totals and costs; we do not build customer profiles.

2. How we use information

We use the data solely to:

• Provide the profit analytics shown inside the App.
• Keep the App connected to your store and functioning.

We do not use your data for advertising, and we do not sell it to anyone.

3. Where your data is stored

The App and its database are hosted on Railway, a cloud hosting provider, on servers located in the United States. Data is transmitted over encrypted connections (HTTPS). Railway acts as our data processor.

4. Data sharing

We do not sell or rent your data. We share data only with the infrastructure providers that help us run the App (such as our hosting and database provider), and only as needed to operate the service.

5. Data retention and deletion

• We keep your store settings and session data only while the App is installed.
• When you uninstall the App, Shopify notifies us and we delete the data we hold for your store (within the timeframe required by Shopify, currently 48 hours, via the shop data-erasure webhook).
• We honor Shopify's mandatory privacy webhooks: customer data request, customer data erasure, and shop data erasure.

6. Your rights (GDPR and similar laws)

If you are in the EU/EEA, the UK, or a region with similar laws, you have the right to access, correct, or delete your data. Because we hold store-level data (not your customers' personal data), most requests are handled automatically through Shopify's privacy webhooks. For any privacy request, contact us at turkersayar@gmail.com.

7. Cookies

The App is embedded in your Shopify admin and uses only the cookies/session tokens necessary to keep you securely signed in. We do not use tracking or advertising cookies.

8. Children

The App is a business tool and is not directed at children under 16.

9. Changes to this policy

We may update this policy. We will post the updated version here with a new "Last updated" date.

10. Contact

Questions about this policy or your data: turkersayar@gmail.com, Nordic Apps, Sweden.