CareCreator respects your privacy. This policy describes how we collect, use, and protect your data.
When you install CareCreator, we store your shop domain and an access token to communicate with the Shopify Admin API. We also store care package templates you create, redemption link records (including recipient email addresses), and basic usage metrics.
Your data is used solely to operate the CareCreator application: creating templates, generating redemption links, and facilitating draft order creation through the Shopify API. We do not sell, share, or use your data for advertising purposes.
When you uninstall CareCreator, we process the shop/redact webhook from Shopify and delete all data associated with your shop, including templates, links, sessions, and installation records. We also comply with customers/data_request and customers/redact webhooks as required by Shopify.
Access tokens are stored securely. All communication with Shopify uses HTTPS. Session cookies are signed with HMAC-SHA256 and are httpOnly.
For privacy questions, contact us at [email protected].