Privacy Policy

Last updated: April 27, 2026

Profit Leak Detector ("we", "us", "the App") is a Shopify application operated by Workrol. This policy explains what data we process when a merchant installs the App on their Shopify store.

1. What data we access

When a merchant authorizes the App, Shopify grants us access to:

• Products (read_products, write_products): title, description, images, variants, prices, SEO fields, tags, vendor, type.
• Orders (read_orders): order ID, creation date, total price, and line-item product references. We do not store customer names, emails, phone numbers, or shipping addresses.
• Shop metadata: shop domain, primary URL, email of the shop owner (used only for support correspondence).
• Google Search Console (optional, only if the merchant connects): verified site properties, sitemap submission status, and Search Console performance data such as clicks, impressions, click-through rate, average position, pages, and queries for the connected store property.
• Google Analytics 4 (optional, only if the merchant connects): the list of GA4 properties available to the merchant and aggregated analytics metrics for the selected property, such as organic sessions, key events/conversions, revenue, and top landing pages. We do not read or store individual Google user profiles.

2. What we do with it

• Compute product-level profit metrics (revenue, cost, margin) and surface "leaks" — products that underperform relative to their cost.
• Generate SEO content (titles, descriptions, alt text, blog articles) using OpenAI's API. Prompts include product fields but never customer data.
• Analyze technical SEO signals (robots.txt, sitemap.xml, JSON-LD) for the storefront domain.
• Submit sitemap URLs to Google Search Console on the merchant's behalf (only when connected and explicitly requested).
• Combine Search Console and GA4 metrics in the merchant dashboard so merchants can understand how organic search traffic relates to sessions, conversions, and revenue.

3. Google user data and limited use

Google integrations are optional and are initiated only by the merchant through Google's OAuth consent flow. We request the minimum Google scopes needed to provide the connected features:

• https://www.googleapis.com/auth/webmasters.readonly to read Search Console properties and performance data.
• https://www.googleapis.com/auth/webmasters to submit sitemap URLs when the merchant explicitly clicks the sitemap submission action.
• https://www.googleapis.com/auth/analytics.readonly to read aggregated GA4 metrics and list properties the merchant can select.

We use Google user data only to provide and improve user-facing SEO, indexing, analytics, and reporting features inside Profit Leak Detector. We do not sell Google user data, use it for advertising, transfer it to data brokers, or use it to train generalized AI models. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4. Third-party processors

• OpenAI — receives product titles, descriptions, and related fields for SEO/blog generation. OpenAI's policy: openai.com/policies/privacy-policy. API data is not used for model training.
• Supabase (PostgreSQL) — hosts the operational database (products, orders, optimization history). Data is encrypted at rest.
• Railway — runs the backend API. TLS in transit.
• Google — when the merchant connects Google Search Console or GA4, we call Google APIs using OAuth tokens that the merchant authorized. Google data is used only for the connected merchant's own dashboard and reports.

4a. Internal error monitoring and product analytics

We may log sanitized error reports (e.g. route, HTTP status, message, request correlation id, and optional shop domain) to operate and improve reliability. We do not store Shopify access tokens, API keys, full customer PII, or unredacted sensitive headers in these logs. For internal product understanding, we may record aggregated usage events (e.g. plan view, billing flow milestones, onboarding completion) with no marketing profiling outside what you explicitly allow below.

4b. Store contact email and marketing

The App may use the shop/business contact email available from Shopify (with appropriate API access) to operate the service, security notices, and support. Marketing or promotional email (tips, product updates) is sent only if the merchant opts in through a clear in-app control (e.g. Settings → Privacy & data, or a checkbox in onboarding) and the consent is stored with date and source. Merchants can withdraw consent and unsubscribe at any time, including through an unsubscribe link we provide, without affecting the core functionality of the App.

4c. App subscriptions and payment processing

Paid plans, when offered, are charged through the Shopify Billing API. Shopify (not Workrol) processes the payment. We do not receive full payment card numbers. For refunds, transferability of the license between stores, annual prepayment, and the role of Shopify as payment processor, see section 5 of our Terms of Service.

5. Storage and retention

• Access tokens (Shopify offline token and Google OAuth refresh tokens) are stored encrypted with AES-256-GCM.
• Product and order aggregates are retained while the App is installed.
• Google Search Console and GA4 metrics may be cached or stored as merchant-level aggregated reporting data. We do not store raw personal Google account data.
• When the merchant uninstalls the App, Shopify sends a shop/redact webhook within ~48 hours. On receipt we delete every row associated with the shop from our database.

6. Disconnecting Google

Merchants can disconnect Google Search Console or GA4 inside the App. Disconnecting removes the stored Google OAuth token for that integration and stops future Google API access. Merchants can also revoke access at any time from their Google Account permissions page: myaccount.google.com/permissions.

7. GDPR / CCPA compliance

We comply with Shopify's three mandatory compliance webhooks: customers/data_request, customers/redact, and shop/redact. Because we do not store customer personal data, a customers/redact request is typically a no-op, but it is always logged and acknowledged.

8. Data subject requests

Merchants and end-customers can request access, correction, or deletion of personal data by emailing info@workrol.com. We respond within 30 days.

9. Changes to this policy

We will post updates to this page and notify active merchants via the email associated with the Shopify shop if a material change affects how their data is processed.

10. Contact

Workrol — Profit Leak Detector
Email: info@workrol.com
Website: workrol.com