Privacy Policy

Effective date: April 2, 2026  ·  Last updated: April 2, 2026

Plain-language summary
  • We don't store customer personal data. TierFlow processes order data in-flight to apply pricing; we don't retain customer names, emails, or addresses.
  • We store merchant data. Your Shopify shop domain, product/variant configuration, and aggregate analytics are stored so the app works.
  • We use three sub-processors. Shopify (platform), Railway (hosting), and Supabase (database). All are contractually bound to handle data appropriately.
  • You can delete everything. Uninstalling TierFlow triggers deletion of your shop's data within 30 days.
  • We comply with GDPR, CCPA/CPRA, LGPD, PIPEDA, and the Australian Privacy Act.
Contents
  1. Who we are
  2. Scope
  3. Data we collect from merchants
  4. Data we process about end-customers
  5. How we use the data
  6. Legal bases (GDPR)
  7. Sub-processors & third-party sharing
  8. Data retention
  9. International transfers
  1. Security
  2. Your rights
  3. Cookies & tracking
  4. Children's privacy
  5. CCPA / CPRA (California)
  6. LGPD (Brazil)
  7. PIPEDA (Canada)
  8. Changes to this policy

1. Who we are

TierFlow is operated by TierFlow LLC, a limited liability company registered in California, USA.

TierFlow LLC
4033 Broadway
Oakland, CA 94611
United States

Email: care@tierflow.app

TierFlow LLC is the data controller for merchant data and, where applicable under GDPR, acts as a data processor on behalf of merchants for any end-customer data that flows through the app.

2. Scope

This policy applies to:

  • The TierFlow Shopify app (the "App")
  • The marketing website at tierflow.app
  • Any related support or communication channels

It covers data collected from merchants (Shopify store owners who install TierFlow) and data processed about their end-customers during checkout.

3. Data we collect from merchants

Category Examples Purpose
Shop identity Shop domain (mystore.myshopify.com), Shopify store ID App installation, authentication
OAuth tokens Shopify access token, scopes granted Read/write product & variant data on your behalf
Configuration Tier rules, pricing tables, widget settings Core app functionality
Usage analytics Aggregate tier-selection counts, widget impressions Feature improvement, dashboard reporting to you
Support communications Emails or messages you send us Customer support
Note: We request only the Shopify API scopes required to operate the app (read_products, write_products, read_orders, write_orders, read_themes, read_discounts, write_validations). We do not request access to customer personal data scopes.

§3.6 — Marketing & Communications Data

When you install TierFlow, we receive your shop owner email address via Shopify. We may use this to send:

  • Product updates and new feature announcements
  • Promotional offers and plan upgrade suggestions
  • TierFlow newsletter and tips

This is separate from transactional emails (billing alerts, policy updates, GDPR notices) which are required for the service and cannot be opted out of.

Your choices:

  • US merchants (CAN-SPAM): Every marketing email includes an unsubscribe link. Opt-outs are honored within 10 business days.
  • EU/UK merchants (GDPR): We rely on consent for marketing emails. You will be given an explicit opt-in opportunity at first login. You may withdraw consent at any time via the unsubscribe link or by emailing care@tierflow.app.
  • Canadian merchants (CASL): We rely on implied consent arising from the install relationship for 24 months. You may unsubscribe at any time.
To opt out of all marketing communications: email care@tierflow.app with subject line "Unsubscribe" or use the link in any marketing email we send.

4. Data we process about end-customers

TierFlow applies tier pricing at the time of cart/checkout. During this process, order-level data (quantity, variant selected, discount applied) may pass through our servers.

Important: We do not store customer names, email addresses, postal addresses, payment information, or any other personal data about your store's shoppers. Order-level data is processed ephemerally and discarded.

If you use the analytics dashboard, we store aggregate, non-identifiable order statistics (e.g., "tier 3 was selected 47 times on product X this month"). No row-level customer records are retained.

5. How we use the data

Purpose Data used Legal basis
Provide the service — authenticate your shop, apply tier pricing, render the widget, sync variant prices Shop identity, OAuth tokens, configuration Performance of a contract
Improve the service — aggregate analytics to understand feature usage Usage analytics Legitimate interests
Transactional communications — install confirmation, billing alerts, policy updates, GDPR notices Shop owner email Performance of a contract · Legal obligation
Send product updates and promotional offers Shop owner email Consent (EU/UK) · Legitimate interests (US) · Implied consent (Canada)
Comply with legal obligations — retain records as required by applicable law All categories as applicable Legal obligation

We do not sell your data, use it for advertising targeting, or share it with third parties beyond the sub-processors listed in Section 7.

6. Legal bases (GDPR)

If you are located in the European Economic Area (EEA), UK, or Switzerland, we process personal data under the following legal bases:

Processing activity Legal basis
Installing and operating the app Performance of a contract (Art. 6(1)(b))
Aggregate analytics Legitimate interests (Art. 6(1)(f)) — improving the service
Marketing emails Consent (Art. 6(1)(a))
Legal compliance Legal obligation (Art. 6(1)(c))

Where we act as a data processor on your behalf (e.g., ephemerally processing your customers' order data), we rely on your instructions as the data controller.

7. Sub-processors & third-party sharing

We use the following sub-processors. All are contractually bound to process data only on our instructions and to maintain appropriate security measures.

Sub-processor Role Location Data shared
Shopify Inc. Platform / OAuth provider USA (global CDN) Shop tokens, product/variant data, order events
Railway Corp. App hosting, infrastructure & merchant database (PostgreSQL) USA Merchant configuration, aggregate analytics, sessions
Supabase Inc. Internal admin database (post-launch) USA Aggregate analytics mirror, merchant contact records

We do not share data with analytics platforms (e.g., Google Analytics), advertising networks, or data brokers.

We may disclose data if required by law, court order, or to protect the rights and safety of TierFlow LLC, our merchants, or others.

8. Data retention

Data type Retention period
Shop identity & OAuth tokens Until uninstall + 30 days
Tier configuration & widget settings Until uninstall + 30 days
Aggregate analytics 24 months rolling
Support communications 3 years from last contact
End-customer order data Not retained (ephemeral processing only)

When a merchant uninstalls TierFlow, we delete or anonymise their data within 30 days in accordance with Shopify's Partner requirements.

9. International transfers

TierFlow LLC is based in the United States. If you are accessing TierFlow from outside the USA, your data may be transferred to and processed in the USA.

For EEA/UK merchants, such transfers are covered by:

  • Standard Contractual Clauses (SCCs) with our sub-processors where required.
  • Shopify's Data Processing Addendum and Privacy Shield commitments.

We take reasonable steps to ensure your data receives the same level of protection as it would in your home jurisdiction.

10. Security

We implement industry-standard security measures including:

  • TLS encryption for all data in transit
  • Encryption at rest for stored data (Supabase AES-256)
  • OAuth 2.0 for Shopify authentication (no passwords stored)
  • Access controls limiting data access to authorised personnel only
  • Regular security reviews

No system is 100% secure. If you believe your data has been compromised, contact us immediately at care@tierflow.app.

11. Your rights

Depending on your location, you may have the following rights regarding your personal data:

Right What it means
Access Request a copy of the personal data we hold about you
Rectification Ask us to correct inaccurate data
Erasure Ask us to delete your data ("right to be forgotten")
Restriction Ask us to limit how we process your data
Portability Receive your data in a machine-readable format
Objection Object to processing based on legitimate interests
Withdraw consent Withdraw consent at any time where processing is consent-based

To exercise any of these rights, email care@tierflow.app with the subject line "Data Rights Request". We will respond within 30 days (or as required by applicable law).

If you are in the EEA, you also have the right to lodge a complaint with your local supervisory authority.

12. Cookies & tracking

Marketing website (tierflow.app)

The marketing website does not use analytics cookies or third-party tracking pixels. We do not use Google Analytics, Meta Pixel, or similar services.

Shopify admin (embedded app)

The TierFlow admin interface is embedded in the Shopify admin using an iframe. Shopify may set cookies necessary for their admin session. We do not set additional tracking cookies in the admin.

Storefront widget

The TierFlow JavaScript widget runs on your storefront. It uses sessionStorage to preserve tier selection during a browsing session. No cookies are set and no data is sent to TierFlow servers from the widget beyond the order-processing requests described in Section 4.

13. Children's privacy

TierFlow is a business-to-business (B2B) service intended for Shopify merchants. We do not knowingly collect personal data from individuals under the age of 13 (or 16 in the EEA).

If you believe we have inadvertently collected data from a child, please contact us at care@tierflow.app and we will delete it promptly.

14. CCPA / CPRA (California)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) grants you specific rights.

Categories of personal information collected

In the preceding 12 months, we have collected the following categories as defined by the CCPA:

  • Identifiers — Shop domain, Shopify store ID
  • Commercial information — Aggregate order analytics
  • Internet or network activity — App usage logs

We do not sell or share personal information

TierFlow LLC does not sell personal information and does not share personal information for cross-context behavioural advertising as defined by the CCPA/CPRA.

Your California rights

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to correct inaccurate personal information
  • Right to opt-out of sale/sharing (not applicable — we don't sell)
  • Right to non-discrimination for exercising your rights

To submit a CCPA request, email care@tierflow.app with subject "CCPA Request".

15. LGPD (Brazil)

If you are located in Brazil, the Lei Geral de Proteção de Dados (LGPD) may apply to your data.

The legal bases we rely on under the LGPD mirror those described in Section 6 (contract performance, legitimate interests, consent, legal compliance).

You have the right to confirmation of processing, access, correction, anonymisation, portability, deletion, and information about third-party sharing. To exercise these rights, contact care@tierflow.app.

16. PIPEDA (Canada)

If you are located in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws may apply.

We collect, use, and disclose personal information only for the purposes identified in this policy, with your knowledge and consent (express or implied). You may withdraw consent at any time, subject to legal or contractual restrictions.

To exercise your rights under PIPEDA, contact care@tierflow.app.

Note: This policy also addresses obligations under the Australian Privacy Act 1988 (Cth). Australian residents may contact the Office of the Australian Information Commissioner (OAIC) if they believe we have mishandled their personal information.

17. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will:

  • Update the "Last updated" date at the top of this page
  • Post a notice in the TierFlow admin dashboard for material changes
  • Email registered merchants for significant changes affecting their rights

Continued use of TierFlow after changes take effect constitutes acceptance of the updated policy.

Previous versions of this policy are available on request by emailing care@tierflow.app.

Contact & Data Requests

For any privacy-related questions, data rights requests, or concerns, contact us at:

TierFlow LLC — Privacy
4033 Broadway
Oakland, CA 94611
United States

Email: care@tierflow.app

We aim to respond to all privacy requests within 30 days.