Privacy Policy

Last updated: April 2026

DropShip Intelligence ("the App") is operated by LIETL. This Privacy Policy explains what data we collect, how we use it, where it is stored, and your rights regarding it when you install and use the App.

1. Information We Collect

Installation: Shopify provides your store domain and an OAuth access token when you install the App. We store this token to authenticate API requests on your behalf.

Usage: We record your subscription plan, monthly usage count, and install date to manage billing and usage limits. Search history and price alert preferences are stored in your Shopify account.

Analytics (Pro / Agency plans): The Analytics features read your Shopify order history, refund data and inventory levels to generate business insights. This data is fetched live per request and is not stored on our servers beyond the duration of that request.

The App does not collect, access or store personal information about your end customers beyond what is incidentally included in order line-item data (product IDs, quantities, prices). We never access customer names, email addresses, or shipping details.

2. How We Use Your Information

Your Shopify access token is used solely to interact with Shopify on your instruction (publishing listings, reading orders for Analytics, writing preferences)
Your usage count and plan are used to enforce monthly limits and manage your subscription
Product research queries are processed by AI systems on our infrastructure to generate product recommendations and cost estimates
Search terms are sent to market data providers to retrieve live supplier prices, competitor pricing and market intelligence — no personal data is included in these requests
We do not sell, rent or share your data with any third parties for marketing purposes

3. Where Your Data Is Stored

Your Shopify OAuth access token is stored in an encrypted database on our cloud server infrastructure. Merchant preferences, search history, and product cost data are stored in Shopify metafields on your own shop — governed by Shopify's data residency policies.

Our servers are hosted by a cloud infrastructure provider in the United States. All data in transit uses HTTPS/TLS encryption.

4. Third-Party Data Processing

The App integrates with external services to deliver its features. In each case, only the minimum data required for that function is transmitted — no personal data about your customers is shared.

AI research provider: Product search terms and categories are processed by an AI language model to generate product recommendations. The provider does not use API requests to train its models. No personal data is transmitted.
Market intelligence providers: Product search terms and country codes are sent to market data services to retrieve competitor pricing and demand signals. No personal data is transmitted.
Supplier data providers: Product search terms are sent to CN supplier platforms to retrieve live pricing and product availability. No personal data is transmitted.
Email delivery provider: Used for internal system alert emails only. No merchant or customer data is included in these communications.
Server infrastructure provider: All data stored on our servers passes through our hosting provider. Subject to their data processing agreement.
Currency data provider: Currency conversion rates are retrieved from a public exchange rate service. No personal data is transmitted.

A current list of specific sub-processors is available on request at support@lietlsolutions.com.

5. Data Retention

    We retain your data for as long as the App is installed. If you uninstall, your access token is deleted from our servers within 24 hours in response to Shopify's mandatory uninstall webhook. We do not retain any data beyond 90 days after uninstall.
  

6. Analytics Data and Orders

The Analytics features read order history, refund data and inventory levels from your Shopify store. This data is:

Fetched live from Shopify each time you use the Analytics features
Processed in memory to generate your analytics views
Not stored or cached on our servers beyond a single request lifecycle
Not shared with any third parties

7. Your Rights (GDPR)

If you are in the European Economic Area, United Kingdom, or a jurisdiction with equivalent laws, you have the right to:

Request access to the data we hold about your store
Request correction or deletion of your data — actioned within 30 days
Object to or restrict processing of your data
Receive your data in a portable, machine-readable format

To exercise any right: support@lietlsolutions.com.

8. Shopify GDPR Webhooks

We support all three mandatory Shopify GDPR webhooks (customer redact, customer data request, shop redact). All webhook payloads are verified using HMAC-SHA256 before processing. Upon a shop redact webhook we immediately delete all stored tokens and data for that store.

9. Security

All communication uses HTTPS/TLS. OAuth requests are verified using HMAC-SHA256. Access tokens are stored in an encrypted, isolated database. No API keys or authentication credentials are exposed to the frontend or to end users.

10. Changes

We may update this policy from time to time. Material changes will be notified via the email associated with your Shopify account. Continued use after notification constitutes acceptance.

11. Contact

Privacy concerns or data requests: support@lietlsolutions.com — LIETL