1. Who We Are
Stovura (“Stovura,” “we,” “us,” or “our”) is a public Shopify embedded application that provides inventory and demand-planning tools for Shopify merchants, with an initial focus on apparel direct-to-consumer brands. The App connects to a merchant’s Shopify store and analyses product, inventory, and order data to provide demand forecasting, inventory planning, and replenishment recommendations.
This Privacy Policy explains what personal data we process in connection with the App, why, and the rights available to merchants and their customers.
Who operates Stovura
The App is currently operated by Pallavi Dhanopiya, an individual sole proprietor based in Pune, Maharashtra, India. References in this Policy to “Stovura,” “we,” “us,” or “our” mean this operator. If the App is later operated by a registered legal entity, this section and the contact table below will be updated to name that entity, and the updated “Last updated” date will indicate the change.
Contact details:
| Operator | Pallavi Dhanopiya (sole proprietor) |
|---|---|
| Postal address | Pune, Maharashtra, India |
| Privacy / data requests | privacy@stovura.com |
| General support | support@stovura.com |
| Website | https://stovura.com |
| App listing | Shopify App Store |
2. Our Role: Processor, Not Controller
Under the EU General Data Protection Regulation (“GDPR”) and comparable laws, the merchant who installs Stovura is the data controller for any personal data processed through their store. Stovura acts as a data processor, processing data only on the merchant’s documented instructions and only to provide the App’s functionality.
The formal allocation of responsibilities between the merchant (controller) and Stovura (processor) is set out in our Data Processing Agreement (“DPA”), which forms part of the merchant’s agreement to use the App.
3. What Data We Process
Stovura is designed around data minimisation. We process only what the App needs to generate inventory plans, and we deliberately do not collect customer-identifying information. The categories below describe everything the App processes.
3.1 Installation and Shopify authentication (OAuth)
Stovura is installed from the Shopify App Store and authenticates through Shopify’s standard OAuth flow. When a merchant installs or opens the App, Shopify provides:
- The store’s myshopify.com domain and store identifiers.
- An OAuth access token scoped to the permissions the merchant grants at install. We request read-only access to the data needed for planning (products, inventory, locations, and orders) and request no write access to customer data.
- Basic shop and merchant-account context exposed by Shopify during authentication (for example, the shop’s name, primary domain, and plan-level metadata) used to operate and configure the App.
The access token is a credential, not customer data; it is stored securely and used only to make authorised API calls on the merchant’s behalf. It is cleared when the merchant uninstalls the App.
3.2 Store, catalog, inventory, and order data
To produce forecasts, sell-through metrics, and reorder recommendations, the App reads the following from the merchant’s Shopify store through Shopify’s APIs:
- Products and variants — titles, variant IDs, SKUs, and option attributes such as style, size, and colour.
- Inventory and locations — inventory levels per variant and the store locations they are held at.
- Orders (sales signals) — for each relevant order line, the variant ID, quantity sold, and order date. These are reduced to aggregated daily unit counts per variant at the point of processing.
From these inputs the App generates forecasting and planning data — demand forecasts, size/colour curves, sell-through metrics, safety-stock and reorder calculations, and the resulting buy lists. This derived data describes product movement, not individuals.
3.3 Merchant account and configuration data
We process the settings a merchant enters to operate the App — for example lead times, service levels, supplier minimum-order quantities, and per-colour or per-style planning preferences — together with basic operational data such as server logs. These describe the merchant’s business preferences and account, not end customers.
3.4 What we explicitly do NOT collect
Stovura does not request, receive, or store customer personal data. Within Shopify’s protected customer data framework, we hold Level 1 access and have deliberately left every protected customer field unselected. We do not access or store:
- Customer names, email addresses, phone numbers, or postal/billing/shipping addresses.
- Customer IDs or any field that identifies an individual shopper.
- Raw order records. Order data is reduced to aggregated daily unit counts per product variant at the point of processing; individual orders and their line-level customer context are not retained.
Because of this design, the App holds no end-customer personal data at rest. The order-derived information we keep is aggregated sales facts (units per variant per day), which describe product movement rather than people.
3.5 Usage telemetry
To understand how merchants use the App and where it can be improved, Stovura records a small amount of self-hosted usage telemetry. This telemetry is engineered to contain no personal data of end customers and no sensitive store data:
- Self-hosted. Telemetry is written only to Stovura’s own database. It is not sent to any third-party analytics provider, external endpoint, or SDK.
- Restricted by design. A schema guard permits only numeric counts, boolean flags, and a fixed list of allowed category labels. There is no field that accepts free text, so product titles, SKUs, raw sales or inventory numbers, customer data, and raw error messages cannot be stored — even by mistake.
- Keyed by store domain. Each event is associated with the merchant’s store domain (for example, your-store.myshopify.com). This identifies the store, not any individual. The domain is never copied into the event detail itself.
Examples of what telemetry records: that an install occurred; that a catalog sync ran and roughly how many products/locations it covered; that a reorder list was generated and the spread of recommendation states; that a CSV export was served and how many rows; and categorised error events (for example, “import / validation error”) without the underlying message. The complete field-by-field inventory is maintained internally in our telemetry data inventory and is available to merchants on request.
4. Why We Process Data (Purpose and Lawful Basis)
We use data only for the purposes above. We do not sell personal data, and we do not use merchant or customer data — including derived or aggregated data — to develop or train AI or machine-learning systems.
| Data | Purpose | Lawful basis (GDPR) |
|---|---|---|
| Products, variants, inventory, locations | Generate forecasts, sell-through metrics, and reorder recommendations | Performance of the merchant’s contract; legitimate interests |
| Order-derived sales facts (variant, quantity, date — aggregated) | Calculate demand and seasonality | Performance of contract; legitimate interests |
| Usage telemetry (pseudonymous) | Measure feature usage and reliability to improve the App | Legitimate interests (minimised, store-level) |
| Account / authentication / settings | Operate, secure, and configure the App | Performance of contract |
5. Sharing and Sub-Processors
We do not sell personal data and do not share it for advertising. We disclose data only to the limited service providers (“sub-processors”) needed to run the App, and to Shopify as the platform. Our current sub-processor is:
| Sub-processor | Purpose | Data location | Ownership |
|---|---|---|---|
| Render (Render Services, Inc.) | Application hosting and managed PostgreSQL database | European Union (Frankfurt, Germany) | U.S.-incorporated; EU region used |
Shopify itself acts as the platform and, depending on the data flow, as a controller or processor under its own terms and Data Processing Addendum. We will give merchants advance notice of any change to our sub-processor list and an opportunity to object, as set out in the DPA.
6. Where Data Is Stored and International Transfers
All merchant and store data processed by Stovura is stored in the European Union (Frankfurt, Germany) on Render’s managed infrastructure. We selected EU data residency specifically to keep merchant data within the EEA at rest.
Two cross-border considerations apply:
- Operator access from India. Stovura is operated by a sole proprietor based in India. India does not have an EU adequacy decision, so any access to EEA-resident personal data from India is treated as an international transfer requiring appropriate safeguards. We rely on the EU Standard Contractual Clauses (controller-to-processor) incorporated into our DPA, supported by the technical measures described in Section 7 and the fact that the App holds no end-customer personal data.
- Hosting provider ownership. Render is a U.S.-incorporated company providing the EU-region hosting. The relationship is governed by Render’s own data processing terms, including any transfer safeguards (such as Standard Contractual Clauses or Data Privacy Framework participation) that Render maintains.
7. How We Protect Data
We maintain technical and organisational measures appropriate to the data we handle, including:
- Encryption at rest: AES-256 encryption of the production database and its backups (Render managed PostgreSQL).
- Encryption in transit: TLS 1.3 for data moving between the App, Shopify, and the database.
- Data minimisation by design: no customer-identifying fields are collected; order data is aggregated; telemetry is constrained by a schema guard.
- Access control: administrative access to the production environment is limited to the operator and protected by the hosting provider’s access controls.
- EU data residency: data stored in the Frankfurt region.
No method of transmission or storage is completely secure, but these measures are designed to reduce risk in proportion to the limited and non-identifying nature of the data we hold.
8. How Long We Keep Data
We keep data only as long as needed to provide the App, and we delete it on the triggers below.
| Data | Retention | Deletion trigger |
|---|---|---|
| Store / catalog / aggregated sales data, settings, reorder outputs | Kept while the App is installed | Deleted when the merchant uninstalls and on a shop-data erasure (“shop redact”) request — see Section 9 |
| Usage telemetry (pseudonymous) | Up to 180 days on a rolling basis while installed | Older events purged automatically; all telemetry for a store purged on uninstall / shop-redact |
| Authentication session data | Duration of installation | Cleared on uninstall |
These two retention periods are intentionally distinct: store and order-derived data persist only while the App is installed and are erased on uninstall/erasure, whereas telemetry is additionally subject to a rolling 180-day maximum even during active use. A standalone Retention Policy statement accompanies this notice.
9. Merchant and Data-Subject Rights
Subject to applicable law, merchants and, where relevant, their customers may request to access, correct, delete, restrict, or port personal data, and may object to certain processing. Because Stovura holds no end-customer personal data, most customer-level requests will have nothing to action in our systems; we nonetheless respond to and log every request we receive through Shopify’s required channels.
We implement Shopify’s mandatory privacy webhooks:
- customers/data_request: we verify the request and confirm that we hold no customer personal data to return.
- customers/redact: we verify the request; there is no customer-level data to erase in our systems.
- shop/redact: on this request (sent by Shopify after uninstall), we erase all of the store’s data across our database, including aggregated sales data, settings, reorder outputs, and all telemetry for that store. This is the deletion mechanism that gives effect to the retention table above.
To exercise a right or ask a question, contact us at privacy@stovura.com. Merchants subject to GDPR may also lodge a complaint with their local supervisory authority.
10. Children’s Data
Stovura is a business-to-business tool used by merchants to manage inventory. It is not directed to children and does not knowingly process children’s personal data.
11. Changes to This Policy
We may update this Privacy Policy as the App or legal requirements change. We will post the updated version with a new “Last updated” date and, where required, notify merchants. Continued use of the App after an update constitutes acceptance of the revised policy.
12. Contact Us
For any privacy question or request:
Pallavi Dhanopiya
Pune, Maharashtra, India
Privacy / data requests: privacy@stovura.com
General support: support@stovura.com
Website: https://stovura.com
Governing law: India, without prejudice to mandatory data-protection rights merchants and their customers have under the GDPR and other applicable laws.
← Back to home