Privacy Policy

1. Who we are

Sandcastle Admin Search (“the app”) is built and operated by Sandcastle Interactive LLC (“we”, “us”, “our”). This policy explains what data the app collects from Shopify merchants who install it, how we use that data, and the choices you have. If you have questions, email support@sandcastle-web.com.

2. Data we collect

When you install Sandcastle Admin Search on your Shopify store, the app requests OAuth scopes that allow it to read and write product data. We collect and store only what is necessary to provide the app’s functionality:

• Shopify session tokens. When you install the app, Shopify provides an offline access token tied to your shop. We store this so the app can call Shopify’s API on your behalf during normal operation.
• Per-shop preferences. Settings you configure inside the app — search field defaults, visible columns, page size, and named saved views (filter combinations) — are stored in our database keyed to your shop domain.
• Operational logs and error reports. When the app processes a request, we log structured operational events (such as “a full-catalog scan ran for shop X taking N milliseconds”) and any unhandled errors. Error reports include your shop domain so we can investigate per-merchant issues, but do not include customer-identifying data.

Product, collection, and metafield data from your store is read live from Shopify’s API on each request and is not stored on our servers.

3. Data we do not collect

Sandcastle Admin Search does not request access to customer data, orders, payment information, or storefront analytics. The app’s OAuth scopes are limited to product administration and reading sales-channel publication state. We do not collect customer email addresses, customer names, or any personally-identifiable information about your shoppers.

4. How we use the data

The data we collect is used solely to:

• Authenticate API calls to your Shopify store
• Render your customised app experience (filters, columns, saved views)
• Diagnose and fix bugs that affect your store
• Monitor service health and performance

We do not sell, rent, or trade any of the data we collect. We do not use the data for advertising or marketing.

5. Subprocessors

We rely on the following third-party services to operate the app. Each is a recognised data processor with their own privacy commitments:

• Shopify, Inc. — the platform on which the app runs and the source of all product data.
• Fly.io — hosts the app server, located in the United States.
• Neon — hosts the Postgres database storing sessions and per-shop preferences.
• Sentry — receives error reports and performance telemetry to help us diagnose issues.

6. Where we process your data

Sandcastle Interactive LLC is established in the United States. All data we collect — session tokens, per-shop preferences, and operational logs — is stored and processed in the United States by our hosting and database subprocessors (Fly.io and Neon, both with primary US-region infrastructure).

We are not established in the European Economic Area (EEA), United Kingdom, or Switzerland. If you install the app from a shop located in those regions, data about your shop is transferred to and processed in the United States. We rely on Shopify’s own data-protection commitments to merchants as the basis for this transfer; if your jurisdiction requires an additional data-processing agreement directly with us, please contact support@sandcastle-web.com.

7. Data retention and deletion

We retain your shop’s session and preferences only as long as the app is installed on your store. When you uninstall the app:

• Shopify immediately notifies us via the app/uninstalled webhook, and we delete your session record.
• 48 hours later, Shopify sends the GDPR shop/redact webhook. Upon receipt we delete all remaining data associated with your shop, including saved preferences and saved views.

Operational logs are retained for up to 30 days for diagnostic purposes, after which they are purged automatically. Error reports in Sentry are retained according to Sentry’s current retention policy for our subscription tier.

8. Customer GDPR webhooks

Shopify requires every public app to handle GDPR data-subject requests on behalf of merchants’ customers. Because this app does not store any customer-identifying data, our implementation of the customers/data_request and customers/redact webhooks logs the request and returns a successful response — there is no customer data for us to export or delete.

9. Your rights

Depending on your jurisdiction, you may have rights regarding the data we hold about your shop, including the right to access, correct, or delete it. To exercise any of these rights, email support@sandcastle-web.com from an address associated with your Shopify Partner or store admin account. We will respond within 30 days.

You can also delete all data we hold about your shop at any time by uninstalling the app from your Shopify admin.

10. Children’s privacy

Sandcastle Admin Search is a business-to-business product designed for merchants operating Shopify stores. It is not directed at children under 13, and we do not knowingly collect data from them.

11. Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top reflects the most recent change. Material changes will be communicated via the app’s in-product notifications or by email to the installation contact registered with your Shopify Partner account.

12. Contact

Questions or concerns about this policy? Email support@sandcastle-web.com.