Back in stock — Shopify application
This policy explains how Back in stock ("the app", "we", "our") collects, uses, stores, and discloses personal information when merchants install and use the app in Shopify. It is intended to satisfy Shopify App Store privacy requirements and improve transparency for merchants and their customers. Use this public URL as the Privacy policy URL in your Shopify Partner Dashboard listing.
This policy applies to: (a) merchants and store staff who use the app, and (b) store customers who opt in to back-in-stock alerts through email and/or browser push notifications.
For customer data processed on behalf of a merchant store, the merchant is typically the data controller/business and we act as a processor/service provider. For data needed to run our own service operations (for example, app security, abuse prevention, and support), we may act as an independent controller.
We use data to operate core app features (inventory tracking, waitlists, notifications, analytics), secure and maintain the service, provide support, prevent abuse, comply with legal obligations, and process uninstall and privacy redaction requests received through Shopify mandatory compliance webhooks.
Depending on jurisdiction, we rely on one or more legal bases: performance of contract (providing the app to merchants), legitimate interests (security, service reliability, product improvement), consent (where required, including shopper opt-in for alerts), and legal obligations.
Depending on your configuration, data may be processed by infrastructure and service providers such as: your app hosting provider, your database provider, Amazon SES (transactional email), Google Firebase (web push), and Shopify APIs. We do not sell personal information. We disclose information only as needed to provide app functionality, satisfy legal requests, enforce our terms, or protect rights and security.
Data is kept while the app is installed and as needed for the features above. When the app is uninstalled or Shopify sends a mandatory redaction webhook, we delete or anonymize data as described in our technical implementation (for example, shop and customer-related records tied to that request).
Data may be processed in countries other than the merchant's or customer's country. Where required by law, we use appropriate safeguards for cross- border transfers (for example, contractual safeguards with subprocessors).
We use reasonable technical and organizational measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. No internet transmission or storage system is fully secure, so we cannot guarantee absolute security.
End-customer privacy requests may be routed through the merchant (the store). Where Shopify sends mandatory compliance webhooks, we acknowledge and process them. Merchants may contact us for assistance with data subject requests relating to data processed by the app. Shoppers can also use unsubscribe links included in app emails where available.
The app is intended for merchants and is not directed to children. We do not knowingly collect personal information directly from children.
We may update this policy from time to time to reflect legal, technical, or business changes. Updated versions will be posted at this URL with a revised effective date.
Questions about this policy: support@predicmart.com
Effective date: 2026-04-25