Reprice Order Price Editor
菜单
English在 Shopify 安装Install on Shopify Configure NEXT_PUBLIC_APP_STORE_URL to enable this link.

当前页面正文为英文法律模板草案,依据本应用在 Shopify 上的集成方式撰写。正式对外前须由合规律师审定;如需发布中文隐私政策或服务条款,请在审定后替换正文或启用中文路由策略。

This page describes how Reprice Order Price Editor processes data when installed on a Shopify store. The body reflects the app’s documented integration (Shopify Admin embedded app, OAuth, API scopes in shopify.app.toml, webhooks routed via Gadget, order repricing, and related logs).

Privacy policy

Introduction

Reprice Order Price Editor (the App) is an embedded application for Shopify merchants. The App is published and operated by TOEE TIRE NORTH AMERICA INC. (we, us, our). When a merchant installs the App on their Shopify store, we process information as described in this policy to provide repricing, order correction, billing, and support features. This policy supplements (and does not replace) Shopify’s own terms and privacy materials. Merchants remain responsible for their store’s compliance with applicable laws and for configuring the App in line with their policies.

Roles

For personal data relating to a merchant’s customers that we process only on the merchant’s instructions to operate the App, the merchant is typically the data controller and we act as a processor. For account, billing, and product analytics data about how merchants use the App, we may act as a controller where we determine the purposes (for example fraud prevention, product improvement, and invoicing). Exact roles depend on jurisdiction and your deployment.

Data the App may process

To provide repricing, previews, commits, activity history, and in-app settings, the App may process categories including: - Shop and staff session data from Shopify OAuth and the embedded Admin session (for example shop identifier, staff identifiers as exposed by Shopify APIs, and tokens required to call Shopify on behalf of the installing store). - Order data including line items, quantities, prices, taxes, discounts, tags, fulfillment and payment status fields, and shipping and billing addresses associated with orders you open in the App. - Customer references where orders are linked to customers (for example to support address-book workflows and order search), within the scopes granted at install time. - Product and catalog references needed to resolve line items (for example titles, SKUs, variant identifiers) within granted scopes. - Draft order and order-edit payloads where the App’s workflow uses Shopify’s draft order or order edit surfaces to preview or apply changes. - App configuration stored in our backend (for example store-level repricing settings, void-and-recreate naming preferences, upward price method, and similar shop-scoped configuration). - Operational and audit records such as repricing run records, trace identifiers, error payloads, and soft-risk acknowledgement metadata used for support and integrity of the service. - Billing and subscription metadata obtained through Shopify’s app billing APIs (for example plan keys, usage counters, cap warnings), as required to charge and display usage. Webhook topics configured for this application (see shopify.app.toml) include, among others: shop/update, app/uninstalled, orders/create, orders/updated, orders/delete, orders/risk_assessment_changed, app_subscriptions/update, app_subscriptions/approaching_capped_amount, and mandatory compliance topics (customers/data_request, customers/redact, shop/redact). Processing tied to those webhooks is limited to operating and uninstalling the App, keeping order lists fresh, aligning subscription state, and meeting Shopify’s compliance program.

Purposes of processing

We use the above information to: - Provide the Service: authenticate merchants, load orders, compute previews, apply commits, record activity, and display in-app help and settings. - Secure the Service: detect abuse, protect integrity of requests, and investigate incidents with trace IDs you may supply to support. - Bill merchants: measure usage and manage subscriptions through Shopify where applicable. - Comply with law and Shopify policies: respond to mandatory compliance webhooks and lawful requests subject to our agreements with Shopify and merchants. We do not use personal data collected through the App to send unrelated third-party marketing emails.

Subprocessors / hosting

The App’s backend runs on Gadget (gadget.dev), a cloud application platform. Data at rest and in transit is handled according to Gadget’s infrastructure and security practices. Gadget publishes a Data Processing Addendum, including how merchants and developers may execute it with Gadget, at https://gadget.dev/data-processing-addendum . Shopify also processes merchant and customer data as an independent platform under Shopify’s own terms and privacy notices. Operational email for support or billing notices may be sent through our configured email provider when you contact us or when required to operate the Service.

Retention

We retain merchant configuration, repricing run records, and logs only as long as needed to provide the Service, comply with law, resolve disputes, and enforce agreements. After uninstall, we delete or anonymize store-scoped data in line with Shopify mandatory compliance topics and our hosting provider’s capabilities, subject to limited retention for backups, fraud prevention, and legal holds where permitted.

Merchant obligations

Merchants must: - Install and use the App only if they have authority to change orders and customer-related data for their store. - Provide any legally required notices and obtain any required consents from their own staff and customers. - Use notification, timeline comment, and restock options responsibly and in line with their policies.

GDPR / CCPA / regional addenda

If you access or use the App from the European Economic Area, Switzerland, or the United Kingdom, the following additional disclosures apply. Controller / processor. For personal data processed on behalf of your Shopify store to operate the App, you are typically the controller and we act as a processor, subject to our agreement with you and with Shopify. Where we determine the purposes and means of processing for our own account (for example aggregated service diagnostics strictly tied to security and reliability), we may act as a controller for those limited purposes. Lawful bases (high level). We process personal data described in this policy primarily to perform our contract with you (provide the App), for legitimate interests in securing and improving the Service (where not overridden by your rights), and where required to comply with law. Where we rely on consent for optional communications, we will obtain it separately. International transfers. Data may be processed in countries where our hosting providers operate, including outside your country of residence. Where required, we rely on appropriate safeguards such as the European Commission’s standard contractual clauses and, where applicable, the UK International Data Transfer Addendum, in each case as implemented with our processors (including under Gadget’s Data Processing Addendum at https://gadget.dev/data-processing-addendum ). Your rights. Depending on your jurisdiction, you may have the right to access, rectify, erase, restrict, or object to certain processing, and to data portability. You may also lodge a complaint with a supervisory authority. To exercise rights, use the Support form on this website and include enough information for us to verify your identity. We may need to coordinate with Shopify where the data is jointly controlled or originated in Shopify systems. — This section applies solely to California residents, to the extent the California Consumer Privacy Act as amended (“CCPA”) applies. Categories collected may include: identifiers (such as name, email, shop domain, account IDs); commercial information (records of orders you interact with through the App); internet or network activity (logs relating to App requests); and professional information (merchant business context as needed to support the Service). We do not use the App to collect sensitive personal information as defined in the CCPA for unrelated purposes. Purposes are described under Purposes of processing in this policy. Retention is described under Retention. We do not “sell” or “share” personal information as those terms are defined in the CCPA in connection with the core operation of the App, and we do not use the App to deliver cross-context behavioral advertising. Your rights. California residents may have the right to know, delete, correct, and opt out of certain processing, subject to exceptions. Submit requests through the Support form on this website. We will verify your request and respond within the timeframes required by law.

Changes to this policy

Last updated: 2026-04-14. We will post updates on this page and revise the “Last updated” date. Where required by law, we will provide additional notice or obtain consent.