Privacy Policy

Restock is an inventory forecasting and reorder-intelligence app for Shopify. This policy explains what data the app accesses, why, and how it is handled. We collect the minimum needed to compute reorder recommendations — and no customer personal information.

Data we access

With your authorization, Restock reads the following from your Shopify store through Shopify’s Admin API:

• Products and variants — titles and SKUs, to label reorder rows.
• Inventory levels and locations — on-hand quantities per location, to compute days of stock left.
• Orders — used only to count line-item quantities by date for sales-velocity forecasting. We do not access or store customer names, emails, addresses, payment details, or any other personal information attached to an order.

Data we store

Restock stores only what is required to run, all scoped to your shop:

• Authentication sessions — the access token and shop identifier Shopify issues at install, so the app can call the API on your behalf.
• Your reorder settings — shop-wide and per-variant lead time and safety-stock values you configure.
• Supplier records you enter — supplier names, contact details, default lead times, and notes you add or import. This is business contact information you choose to store; you can edit, export, or delete it at any time.

Sales data read from orders is aggregated to anonymous per-variant, per-day quantities for forecasting and is never keyed to an individual customer. We store no customer personal data.

How we use it

Store data is used solely to provide the app’s functionality — forecasting sales velocity, estimating days of stock left, and recommending what to reorder and when. We do not sell your data, and we do not use it for advertising.

Data retention and deletion

We honor Shopify’s mandatory compliance webhooks. When your store requests customer data or erasure, we respond accordingly — and because we store no customer personal data, there is nothing customer-specific to return or delete. When you uninstall Restock, Shopify notifies us and we purge your shop’s data — authentication sessions, reorder settings, supplier records, your notification email and preferences, and any cached AI suggestions — typically within 48 hours.

Security

Data is encrypted in transit (HTTPS/TLS) and at rest on encrypted storage. Access to store data is limited to what the app needs to compute forecasts, and authentication tokens are stored securely and scoped to your shop.

Subprocessors

Restock runs on standard cloud hosting and relies on Shopify’s APIs. We use a small number of subprocessors that handle data only on our behalf, to deliver features you turn on — never for their own purposes:

• Cloud hosting & database — stores your shop’s settings and the data above.
• Resend (email delivery) — used only if you enable reorder-alert emails; receives the email address you choose and the at-risk summary we send you.
• Anthropic (AI processing for the Pro-plan reorder copilot) — used only when you click to get an AI second opinion; receives the product, SKU, inventory, and sales-velocity figures for the at-risk items being reviewed. No customer personal data is sent, and the data is not used to train AI models.

Contact

Questions about this policy or your data? Email support@masmstudios.com.