Privacy Policy

Sectem ("we", "us") operates the Product Fetch Shopify application and merchant dashboard at https://product-fetch.abdulrauf-khan.workers.dev. This policy explains what data we process when you install or use our services.

Data we collect

• Shop data: store domain, display name, email, OAuth access tokens (stored securely), subscription and billing status, import credits usage.
• Product sync data: source store URLs, sync settings, import job logs, and product handles imported into your store.
• Dashboard accounts: name, email, and password hash if you create a standalone dashboard login.
• Extension tokens: we store only a cryptographic hash and prefix of your API token — never the full secret.

How we use data

We use your data solely to provide catalog import, sync, billing, authentication, and customer support. We do not sell merchant data to third parties.

Data storage & security

Data is stored on Cloudflare D1 (SQLite) in encrypted infrastructure. OAuth tokens are used only to call Shopify APIs on your behalf. Extension tokens are verified via SHA-256 hashes.

GDPR & Shopify compliance

We implement mandatory Shopify compliance webhooks: customers/data_request, customers/redact, and shop/redact. When you uninstall the app, shop data is marked uninstalled and removed per our retention policy and Shopify requirements.

Third-party services

• Shopify — app hosting, OAuth, billing
• Cloudflare — application hosting and database
• Open Exchange Rates API — live currency conversion (no personal data sent)

Your rights

You may request access, correction, or deletion of your data by emailing support@sectem.com. EU/UK merchants may exercise GDPR rights through Shopify's privacy tools or by contacting us directly.

Contact

Questions about this policy: support@sectem.com