Português · English
Privacy Policy
Cadence · Last updated: 2026-07-08
Cadence (“the App”) helps Shopify merchants plan inventory replenishment: it forecasts demand from the store’s sales history and recommends how much of each product to reorder and by when. This policy explains what data the App accesses, why, how it is stored, and the rights you and your customers have. The App is operated by Luís Ivars (sole operator).
1. Data we access
- Store & session data: your shop domain and the OAuth access token issued by Shopify, used solely to authenticate the App and call the Shopify Admin API on your behalf.
- Order history (aggregated): order dates and line-item quantities per product variant (
read_orders), used only to compute units sold per variant over recent weeks. The App’s queries request no customer fields (no names, emails, addresses or payment data), and the App does not store individual orders, only the aggregated demand it computes on the fly. - Product, inventory & cost data: variant SKUs, prices, stock on hand and cost per item (COGS) (
read_products,read_inventory). Cost values and per-product planning settings (supplier lead time, minimum order quantity) you set in the App are stored to build the restock plan. - Usage telemetry: anonymous events (e.g. install, subscription state) tied to the shop, used to improve the App. No end-customer personal data is included in telemetry.
2. How we use it
Data is used exclusively to provide the App’s functionality: forecasting demand, computing reorder recommendations, managing COGS and planning settings, and managing your subscription. We do not sell your data, use it for advertising, or share it with third parties for their own purposes.
3. Storage & retention
Data is stored on a private server located in the EU, in a database accessible only to the operator. We retain the cost values, planning settings, store record, sessions and aggregated/telemetry data for as long as the App is installed. When you uninstall, your store is marked churned and data is deleted in response to Shopify’s mandatory compliance webhooks (typically within 48 hours, or upon a redaction request).
4. Customer data requests (GDPR / CCPA)
The App implements Shopify’s mandatory privacy webhooks: customers/data_request, customers/redact and shop/redact. The App does not store end-customer personal data, so customer data-request and redaction webhooks are acknowledged with no personal data held; shop/redact deletes your store’s records.
5. Sub-processors
We use Shopify (platform & APIs) and a private EU virtual server (hosting & database). No other sub-processors receive your data.
6. Security
Data is encrypted at rest (database-level, AES) and in transit (HTTPS/TLS). Access tokens and credentials are stored server-side and never exposed to the browser. Access to the database is restricted to the operator.
7. Your rights
You may request access to, correction of, or deletion of your data at any time by uninstalling the App or by contacting us. We will respond within the timeframes required by applicable law.
8. Changes
We may update this policy; the “last updated” date above reflects the latest version. Material changes will be reflected here.
9. Contact
Questions about this policy or your data: support@luisivars.pt.