Privacy Policy

Privacy Policy

This policy explains what merchant and store data ProfitLens Analytics processes, why it processes that data, how long it keeps it, and how merchants can contact ProfitLens about privacy requests.

Effective date April 23, 2026
Last updated April 23, 2026
Legal identity details

The operator details below apply to ProfitLens Analytics.

Full legal name Erik Schumacher
Business address Siedlerweg 16, 16348 Marienwerder, Germany
Legal or privacy email support@profitlensanalytics.com

1. Who operates ProfitLens Analytics

ProfitLens Analytics is a Shopify embedded software product for merchants that want a clearer view of retained profit, margin pressure, refunds, fees, shipping impact, and related operating signals.

The operator details for ProfitLens Analytics appear in the Legal identity details section on this page. Privacy questions can be sent to support@profitlensanalytics.com.

2. What ProfitLens does

ProfitLens helps Shopify merchants calculate and interpret store profitability. The app combines Shopify order and store data with merchant-entered cost assumptions so the merchant can review retained profit, contribution margin, shipping subsidy, payment fee impact, refund pressure, and related trend or action views inside the app.

This Privacy Policy applies to the embedded app, related support workflows, and merchant-facing legal or privacy communications connected to ProfitLens Analytics.

3. Shopify and merchant data we process

When a merchant installs and authorizes ProfitLens, the app processes merchant and store data made available through Shopify and through the merchant's own use of the app.

This may include:

  • Installation and account data: shop domain, installation status, OAuth access credentials, billing state, subscription identifiers, and onboarding or account status metadata.
  • Order and analytics data: order identifiers and order names, timestamps, currency, financial and fulfillment status, order-level totals, shipping totals, refund totals and refund transactions, and line-item details such as quantity, title, SKU, variant ID, and product ID.
  • Merchant-entered configuration data: cost model settings, fixed-cost assumptions, COGS overrides, workflow state, action-plan status, and similar configuration inputs saved by the merchant inside the app.

ProfitLens is structured around operational and financial order fields rather than customer contact fields. In ordinary analytics use, the app is designed not to request customer names, customer email addresses, postal addresses, phone numbers, or payment card details.

Merchants are asked to avoid placing personal data into free-text support fields unless it is genuinely needed to explain an issue, because support submissions are stored and reviewed as support records.

4. Support and communication data

If a merchant contacts ProfitLens for support, billing help, technical issue review, or feedback, ProfitLens may process the information submitted in that request.

  • Contact information: the email address provided by the merchant.
  • Store context: the authenticated Shopify shop domain, plan context, workspace or route, and similar account context tied to the request.
  • Request content: subject line, description of what happened, what was expected instead, date range, affected order/product/metric references, and optional browser information.
  • Support operations data: internal ticket IDs, timestamps, delivery status for support notifications, and follow-up records needed to resolve the request.

5. Why we process data

  • App operation: to install, authenticate, maintain, and run ProfitLens inside the merchant's Shopify environment.
  • Profit calculation and analytics: to calculate retained profit, contribution margin, shipping impact, fees, refund impact, and related merchant analytics.
  • Account and support handling: to respond to support requests, manage plan or billing questions, investigate issues, and communicate with the merchant about the service.
  • Security, fraud prevention, debugging, and service reliability: to detect misuse, troubleshoot failures, investigate incidents, improve service performance, and maintain a reliable product.
  • Legal compliance: to comply with Shopify platform requirements, valid legal requests, accounting obligations, and data-protection requirements that apply to the service.

6. Legal bases

Depending on the merchant's location and the specific processing activity, ProfitLens generally relies on the following legal bases:

  • Performance of a contract: where processing is needed to provide the app, calculate analytics, manage the merchant account, or respond to requested support.
  • Legitimate interests: where processing is reasonably necessary to run and improve the service, secure the app, prevent abuse, debug issues, and keep the product reliable for merchants.
  • Compliance with legal obligations: where processing is needed to comply with applicable law, lawful requests, tax or accounting requirements, or Shopify platform obligations.
  • Consent, where required: if a specific optional activity requires consent under applicable law, ProfitLens will rely on consent for that activity rather than assuming another basis.

7. Data categories summary

  • Merchant identity and account records
  • Store configuration and merchant-provided commercial inputs
  • Operational and financial Shopify order data used for analytics
  • Support correspondence and support metadata
  • Technical and security records reasonably needed to operate the service

8. Recipients, service providers, and subprocessors

ProfitLens does not sell merchant data. Data may be shared with service providers only where needed to run the app or respond to merchant requests.

  • Shopify: as the e-commerce platform and API provider that supplies the underlying merchant store data and billing framework.
  • Infrastructure and hosting providers: to host the app, serve the embedded experience, and store necessary app data.
  • Email and support tooling providers: to deliver support notifications or handle merchant communications.
  • Monitoring, logging, and security vendors: if used to keep the service reliable, investigate incidents, and protect the app from misuse.

Where ProfitLens engages service providers, access is limited to what is reasonably necessary for the relevant operational, support, security, or compliance purpose.

9. International transfers

ProfitLens may use providers that process data in countries other than the merchant's own jurisdiction. That can happen, for example, when hosting, storage, email, or support tooling operates from another country.

Where cross-border transfers apply, ProfitLens uses an appropriate transfer mechanism for the relevant provider and jurisdiction, such as an adequacy decision, standard contractual clauses, or another recognized safeguard where required by law.

10. Retention and deletion

ProfitLens keeps data only for as long as it reasonably needs it for the service, support, security, and compliance purposes described above.

  • Merchant configuration and account data: retained while the app is active for the merchant and for any limited follow-up period reasonably needed for account administration, billing verification, security review, or legal recordkeeping.
  • Support request data: retained for as long as needed to handle the request, keep support history, detect repeated issues, and maintain appropriate business records.
  • Uninstall and shop redact handling: ProfitLens clears stored installation credentials, merchant configuration records, action-state records, and support-ticket records for the affected shop when the relevant Shopify uninstall or shop-redact webhook is received.
  • Customer data protection webhooks: ProfitLens responds to Shopify customer privacy webhooks according to the data it holds at the time. Because the app is structured not to persist customer profile fields for ordinary analytics use, customer-specific webhook handling generally consists of confirmation and case review rather than broad customer-profile deletion within ProfitLens.

No retention wording in this policy should be read as a promise of instant deletion in every case. Backup cycles, fraud review, legal holds, or short technical delays may affect timing where legally permitted.

11. Security

ProfitLens uses technical and organizational measures that are intended to protect merchant data against unauthorized access, loss, misuse, or disclosure. Those measures may include access controls, secure transport, credential handling, and operational safeguards appropriate to the size and nature of the service.

No internet service can guarantee absolute security. For that reason, ProfitLens describes its safeguards responsibly and does not promise perfect or risk-free security.

12. Merchant privacy rights

Depending on applicable law, merchants or relevant data subjects may have rights to request access, correction, deletion, restriction, objection, portability, or complaint handling for personal data processed by ProfitLens.

ProfitLens will review privacy requests in light of the requester's role, the data actually held, contractual commitments, and any legal obligations that require retention or prevent disclosure.

13. Privacy requests and contact

For privacy, data deletion, or data access requests relating to ProfitLens Analytics, contact support@profitlensanalytics.com.

To help process the request efficiently, include your shop domain, your relationship to the store, the type of request, and enough detail for verification.

14. Data Processing Addendum availability

If your store requires a Data Processing Addendum, contact support@profitlensanalytics.com and request the ProfitLens DPA process. Any completed DPA will use the operator details listed for the service.