Legal
Privacy Policy
Last updated:
This document explains what information Notify Me, Back in Stock (the “App”) collects, why we collect it, and what we do with it. The App is a Shopify application that helps merchants offer back-in-stock and price-drop signup widgets on product pages, store subscriber requests, and send alert notifications when inventory or prices change. The App connects to your storefront through a theme app embed and an app proxy. Throughout this policy, “we,” “us,” and “our” refer to the legal entity that operates the App. “You” means the merchant who installs the App. Shoppers are people who visit your storefront and submit their contact details to receive alerts.
Shopify runs its own platform. When you use Shopify, Shopify’s terms and privacy policy apply to Shopify’s services. This policy only covers how we handle information in connection with Notify Me, Back in Stock.
If you are a shopper, the merchant is usually the one who decides why your data is collected. We process shopper information on the merchant’s instructions to deliver the features they enable. For most privacy requests, you should start with the store you signed up on; we describe how we help merchants and Shopify with compliance below.
1. Who is responsible for your information?
| Role | Value |
|---|---|
| Data controller (for merchant and App operational data) | SideHustleX |
| Privacy contact | contact@hustlepops.com |
Use the email above for questions about this policy or requests about personal data we hold in connection with the App.
2. What we collect
2.1 From Shopify when you install or use the App
Installing the App through Shopify allows us to receive and use the minimum data needed to sign you in, identify your store, and perform the functions you expect. That typically includes:
- Store identifiers (for example, shop domain and internal IDs).
- Account-related details Shopify provides in the install or admin context, such as contact email and plan signals where applicable.
- Access credentials Shopify issues for API use so the App can call Shopify on your behalf.
- Product and variant data (for example, titles, handles, prices, and inventory-related fields) when needed to power alerts and storefront widgets.
- Order information where you grant read orders scope, limited to attributing revenue from shoppers who were notified and later purchased the watched variant.
The permissions you approve at install define what we can request. As of the date above, the App may request scopes such as: read products, read themes, read and write metaobject definitions, read and write metaobjects, and read orders. The exact list shown in Shopify at installation applies to your store.
We use that access to publish widget configuration to your theme embed, process signups through the app proxy, react to inventory and product webhooks, and run the merchant admin experience. We do not use OAuth tokens for unrelated purposes.
2.2 Data you (the merchant) generate inside the App
We store configuration and operational records needed to run the service, which may include:
- Widget settings for back-in-stock and price-drop alerts (copy, styling, display rules, and email templates).
- Onboarding and embed status for your shop.
- Subscriber lists (emails, linked products/variants, widget type, and status such as waiting or notified).
- Notification and order-attribution records tied to alert delivery and dashboard metrics.
- Optional merchant email-sending domain configuration if you enable custom sending.
2.3 Data from shoppers on your store
If a shopper signs up for an alert through a widget, we may process:
- Information they submit (typically an email address, and optionally marketing opt-in if you enable it).
- Product and variant identifiers for the item they are watching.
- Technical metadata such as IP address, user agent, and timestamps, for security, abuse prevention, and reliability.
The merchant is responsible for having a lawful basis and a clear notice for that collection, where the law requires it.
2.4 Compliance and lifecycle signals from Shopify
We subscribe to webhooks required for app operations and privacy compliance, which may include app uninstall, variants in stock, variants out of stock, products update, orders paid, and mandatory privacy topics Shopify specifies (for example, customer data request, customer redact, and shop redact). We use payloads only to operate alerts, metrics, and meet our obligations under Shopify’s program rules and applicable law.
2.5 When you browse our site or the App’s web surfaces
When you or your staff use our pages or the embedded admin App, we and our infrastructure partners may process device and connection data, usage logs, and cookies or similar storage to run the service, keep it secure, and diagnose issues. A current list of material subprocessors (hosting, database, email, etc.) is available on request.
3. How we use information
We process personal data to:
- Provide, maintain, and secure the App, including authentication, app proxy routes, theme embed configuration, and alert delivery.
- Register and manage subscriber requests and send back-in-stock or price-drop notifications merchants configure.
- Show dashboard metrics (for example, subscriber growth and attributed revenue) to merchants.
- Communicate with you about the App, security, and support.
- Improve and troubleshoot the product, including fraud prevention and error diagnosis.
- Comply with law, enforce our terms, and respond to valid requests from public authorities, courts, or Shopify’s compliance program.
We do not sell your personal information in the sense used by many U.S. state privacy laws. We do not use shoppers’ contact details for our own unrelated marketing unless that is a separate, clearly disclosed practice.
4. Legal bases (EEA, UK, Switzerland, and similar)
Where GDPR-style laws apply to our own processing, we may rely on:
- Contract — to provide the App you asked us to run.
- Legitimate interests — to keep our systems secure, fix bugs, and protect users, balanced against your rights.
- Legal obligation — where the law compels retention or disclosure.
- For shoppers’ data, we usually act as a processor on the merchant’s instructions.
5. Retention and uninstall
We keep merchant and configuration data for as long as you use the App and for a limited period afterward where needed for legal, accounting, or security reasons.
Subscriber and notification data is kept for as long as the feature requires or until deletion is triggered by you, a redaction request, or uninstall procedures.
When the App is uninstalled, we follow Shopify’s requirements to stop processing for that shop and to delete or de-identify personal data, except where a narrow legal or security need requires minimal records.
7. Your rights
Merchants: Depending on your location, you may have the right to access, correct, delete, object, restrict processing, or port your data. Contact contact@hustlepops.com.
Shoppers: Contact the merchant first. We will work with the merchant and Shopify when a valid privacy webhook or other lawful process applies.
8. Children
The App is not intended for use by children, and we do not knowingly collect personal data from children. If you believe a child’s data was collected, contact us and we will take appropriate steps.
9. Changes
We may update this policy. We will change the “Last updated” date and, if the change is material, provide additional notice when practical.