Privacy Policy

Last updated: March 2026

Refund Insights ("we", "our", or "the App") is a Shopify application that helps merchants understand why customers request refunds by sending automated post-refund survey emails. This Privacy Policy explains what data we collect, how we use it, and the rights merchants and their customers have over that data.

1. Data We Collect

When a refund event occurs in a Shopify store that has installed the App, we receive and store the following data via Shopify's webhook system:

  • Customer email address — used solely to send the post-refund survey email
  • Refunded product name and variant — included in the survey email so the customer can identify the purchase
  • Refund amount — stored for analytics purposes to help merchants understand financial impact by refund reason
  • Order ID and Shopify refund ID — used to deduplicate webhook events and link survey responses to the correct refund

We do not collect customer names, phone numbers, shipping addresses, payment information, or any data beyond what is listed above.

2. How We Use This Data

  • Customer service: We send a single survey email to the customer's email address asking them to select the reason for their refund. No follow-up emails are sent.
  • Analytics: Aggregated refund reason data is displayed to the merchant in their Refund Insights dashboard. Individual customer responses are visible to the merchant.
  • We do not use customer data for advertising, profiling, or any purpose beyond the two above.
  • We do not sell, rent, or share customer data with any third party, except for Resend (our transactional email provider) which processes the email address solely to deliver the survey email.

3. Data Storage and Security

  • Data is stored in a PostgreSQL database hosted on Replit's infrastructure, which provides encryption at rest and in transit (TLS).
  • Database backups are encrypted as part of Replit's underlying cloud infrastructure (AWS/GCP).
  • All data is strictly scoped to the merchant's Shopify store — one merchant cannot access another merchant's data.
  • Access to merchant data is restricted to the authenticated merchant via Shopify's OAuth session.
  • We do not store Shopify access tokens in plaintext logs.

4. Data Loss Prevention

We maintain the following technical controls to prevent unauthorized access, exfiltration, or loss of customer data:

  • Authentication gates: All endpoints that return customer data require a valid Shopify OAuth session. Unauthenticated requests are rejected.
  • Merchant scoping: Every database query is filtered by the merchant's shop domain. Cross-merchant data access is architecturally impossible.
  • No bulk export: The App has no endpoint that allows bulk download of customer records. Data is only accessible record-by-record through the authenticated dashboard.
  • Minimal third-party exposure: The only third-party service that receives customer data is Resend (email delivery). No customer data is sent to analytics, advertising, or data-broker services.
  • Access logging: Every request to an endpoint that returns customer data is logged with a timestamp, shop domain, IP address, and action type. These logs are retained in application server logs for audit purposes.
  • Test/production separation: Development and production environments use entirely separate databases. No real customer data is ever present in the development environment.

5. Data Retention

Customer data (email addresses and associated refund records) is retained for as long as the merchant's store has the App installed. Upon uninstallation, we will delete all customer data associated with that store within 30 days. Merchants may also request immediate deletion at any time (see Section 7).

6. Third-Party Service Providers

We share customer email addresses with the following service provider solely to deliver survey emails:

  • Resend (resend.com) — transactional email delivery. Resend processes the email address to send the survey email and does not retain it for any other purpose. Resend's privacy policy is available at resend.com/legal/privacy-policy.

No other third parties receive customer data.

7. Merchant Rights and Data Deletion

Merchants have the right to:

  • Access all customer data associated with their store via the Refund Insights dashboard
  • Delete all customer data by contacting us (see Section 8) — we will process deletion requests within 7 business days
  • Disable survey emails at any time via the Settings page in the App — this immediately stops all future survey emails

Shopify's customer data deletion webhooks (customers/redact and shop/redact) are supported. When Shopify sends a redact request, we permanently delete the associated customer data from our database.

8. Shopify's Role

Refund Insights is built on the Shopify platform. Shopify's privacy policy governs data processed directly by Shopify. Our App only receives data that Shopify sends to us via webhooks after a merchant installs the App and grants the requested permissions.

9. Contact

For questions about this Privacy Policy, data deletion requests, or any privacy-related concerns, please contact us at:

Refund Insights

Email: support@refundinsights.io

App URL: https://refundinsights.io

10. Security Incident Response

In the event of a security incident or data breach involving customer data, we will:

  1. Detect: Identify the incident through server access logs and monitoring of application activity.
  2. Contain: Take the affected service offline or rotate compromised credentials immediately upon confirmation of a breach.
  3. Notify: Inform all affected merchants by email within 72 hours of confirming the incident, describing what data was involved and what steps have been taken.
  4. Remediate: Delete or quarantine compromised customer data as required, restore service from a clean state, and document the incident and response actions taken.

To report a suspected security issue, contact us at support@refundinsights.io.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted at this URL with an updated date. Continued use of the App after changes constitutes acceptance of the updated policy.

© 2026 Refund Insights. All rights reserved.