Privacy Policy

Prime Redirect Pro ("we", "us", "the app") is a Shopify app that manages URL redirects and automatic 404 recovery for merchants. This policy explains what data we handle and how we protect it.

1. Data we receive from Shopify

When a merchant installs the app, Shopify shares:

• Shop information: shop domain, plan, primary email, country, currency, timezone — used to operate the app and provide support.
• We request only the write_online_store_navigation scope, which lets us read and write your storefront's URL redirects. We do not request access to orders, customers, or products.

2. Data we generate

• The redirect rules you create (source path, target, type).
• Path-only logs of storefront URLs that returned a 404, with a hit count — used to power the broken-links report. These contain no query strings, IP addresses, or any customer or personal data.

3. Data we send to third parties

• Shopify — we create/update/delete native URL redirects on your store via the Admin API.
• Sentry (optional error monitoring) — code stack traces and request metadata, with cookies and tokens redacted.

We do not sell or rent data, and do not share data with advertising platforms.

4. Data retention

• Your redirect rules and settings are retained while the app is installed.
• When a merchant uninstalls, Shopify fires the shop/redactwebhook; on delivery we delete all data associated with that shop.
• Because we store no customer personal data, the customers/data_request and customers/redactwebhooks have nothing to export or erase; we acknowledge them as required.

5. Security

• All data is transmitted over TLS.
• Webhook and App Proxy requests from Shopify are verified by HMAC signature before processing.
• Merchant access tokens are stored encrypted at rest at our database provider.

6. Changes to this policy

We may update this policy. Material changes will be notified to merchants at least 30 days before they take effect.

7. Contact

Privacy questions: support@redirectpro.app.