Privacy policy

Last updated: 30 April 2026 · Effective: 30 April 2026

Snaptare is operated by Petitgen Ltd (registered in New Zealand). We're committed to protecting the privacy of merchants who install our Shopify app and the customers of those merchants. This policy explains what data we receive, what we store, what we don't store, and how to reach us with questions.

1. What Snaptare is

Snaptare is a point-of-sale application for Shopify merchants who sell products by weight. It runs on a tablet (iPad or Android), keeps the merchant's product catalog on the device for fast offline operation, and writes draft orders back to the merchant's Shopify store.

2. Data we collect from merchants

When a Shopify merchant installs Snaptare, we receive:

• Shop identity: the merchant's .myshopify.com domain, primary domain, locale, currency, and active locations.
• An OAuth access token (expiring) issued by Shopify so we can read products, manage draft orders, and finalize payments on the merchant's behalf. Stored encrypted at rest in Postgres.
• Product catalog data: product titles, handles, prices, variants, inventory levels, weights, and product images. This data is fetched from the Shopify Admin API and used only to populate the on-device catalog.
• Webhook events: we receive notifications from Shopify when products are updated, when the app is uninstalled, and when GDPR requests are made.

3. End-customer data — search-only, never stored

Snaptare uses Shopify's read_customers scope so the operator can attach a customer to a draft order at the till (for example, to link a regular's purchase to their Shopify customer record). When the operator searches for a customer, Snaptare proxies the live query to Shopify's Admin API and shows the matches. Search results are never cached on our backend or on the device — they vanish the moment the search modal closes. The only end-customer reference we persist is the Shopify customer ID attached to a saved draft order, which is what Shopify itself requires to link the order.

4. Data we do not collect

• We do not store end-customer names, emails, phone numbers, or addresses on our backend or in the on-device catalog. (See §3 for how customer search works without persistence.)
• We do not process card numbers or payment data — when the operator marks an order paid via Snaptare's "Take payment" sheet, the actual payment is recorded against a manual Shopify gateway; we never see card details.
• We do not sell merchant data or end-customer data to third parties.
• We do not use behavioural advertising trackers on the application surface.

5. Data stored on the merchant's device

Snaptare's tablet PWA stores the following locally in the browser's IndexedDB: product catalog (read-only copy), in-progress cart drafts, saved tare presets, and a session token issued by our backend. None of this leaves the device unless the merchant explicitly sends a draft order to Shopify or signs out.

6. Where data lives

• Backend infrastructure: hosted on Coolify in the European Union. Postgres database with encrypted disk, daily snapshot backups.
• Static frontend: served via Cloudflare's edge network.
• Shopify Admin API: calls go directly from our backend to Shopify over TLS.

7. How long we keep data

We retain merchant data while the app is installed. When a merchant uninstalls Snaptare, Shopify sends an app/uninstalled webhook and the shop/redact compliance webhook (typically within 48 hours). On receipt, we hard-delete the merchant's row and all related rows in our Postgres within 7 days. We also remove cached webhook payloads from our audit log within 30 days.

8. Compliance webhooks (GDPR + CCPA)

We implement the three compliance webhooks Shopify requires:

• customers/data_request — because we don't persist end-customer profiles (only the Shopify customer ID attached to a draft order, see §3), there is generally nothing for us to export beyond the audit-log entry recording that the request was received.
• customers/redact — we hard-delete any audit log entries that referenced the customer ID, plus any draft order on our backend that referenced the customer.
• shop/redact — we hard-delete the merchant's record and all child rows in a single transaction.

9. Sub-processors

• Shopify Inc. — the merchant's primary platform; we operate on their infrastructure as an installed app.
• Cloudflare — DNS, CDN, edge SSL, and Pages hosting for our static frontend and marketing site.
• Coolify on a Hetzner-hosted server (EU) — backend application + Postgres database hosting.

10. Your rights

Under GDPR (EU), CCPA (California), and equivalent regimes elsewhere, you may request access to, correction of, or deletion of your data. To exercise any of these rights, contact us at the address below. We respond within 30 days.

11. Changes to this policy

We may update this policy occasionally. Changes will be posted at this URL with a revised "Last updated" date. Material changes will be communicated via email to installed merchants where appropriate.

12. Contact

Petitgen Ltd
Email: [email protected] · [email protected]
For privacy-specific requests, please use the subject line "Privacy request".