Privacy Policy
Last updated: July 1, 2026
ShopFlowTools ("we", "us", or "our") provides the **301 Redirects & 404 Manager** application for Shopify merchants. This Privacy Policy describes how information is collected, used, and shared when you install or use this application (the "App").
1. Information We Access and Collect
To provide redirect management, 404 error tracking, and storefront broken link scanning, we access and store the following data:
- Shopify Access Tokens: Upon installation, we receive an API access token from Shopify to authenticate requests (such as creating and deleting redirects on your store). This is securely stored in our encrypted Cloudflare databases.
- Notification Email: We collect and store the notification recipient email address provided by the merchant to send daily digests, peak traffic spike alerts, and broken link scan reports.
- 404 Log Data: When a visitor hits a 404 page on your storefront, the App logs the missing path, referrer URL (if available), and timestamp. To protect customer privacy, we do not log or store individual visitor IP addresses or any other personally identifiable customer information.
- Automatic 90-Day Retention: All storefront 404 logs are automatically and permanently deleted from our databases after 90 days.
2. How We Use Your Information
We use the collected information solely for the following purposes:
- To enable creating, deleting, and managing URL redirects inside your Shopify store.
- To present storefront 404 logs and calculate traffic statistics inside the App dashboard.
- To send automated notifications (daily digests, spike alerts, scan summaries) to your configured email.
- To verify billing plan limits and prevent service abuse.
3. Data Sharing and Third Parties
We do not sell, rent, or trade any merchant or visitor data. We only share information with third-party service providers to the extent necessary to perform app services:
- Mailgun: We use Mailgun as our third-party email provider to dispatch alert emails to the recipient address you configure.
- Cloudflare: Our App infrastructure and databases run on Cloudflare's secure serverless network.
4. Your Rights and Data Deletion
Under GDPR and other privacy regulations, you have full rights to access or request deletion of your store metadata and logs. If you uninstall the App, all associated access tokens and configurations are automatically deleted. Any remaining logged data is fully removed within Shopify's mandatory data deletion timelines.