Privacy policy
Effective date: July 12, 2026
TermsPilot ("we", "us") is a Shopify app that helps merchants track and collect B2B net-terms receivables. This policy explains what data the app touches, why, and what happens to it. It is written to be read, not skimmed past.
Who this covers
- Merchants — the store owners and staff who install TermsPilot.
- Buyers — the B2B companies (and their contact people) that owe a merchant money. We process buyer data on the merchant's behalf, only to provide the app's features to that merchant.
What we store
The minimum the features need, nothing more:
| Data | Why |
|---|---|
| Store domain and an encrypted Shopify access token | To read your B2B data from Shopify and act on your settings |
| Company names and company contact email / phone | To show your aging dashboard and address reminder emails |
| Order financial fields: order number, amounts, currency, issue/due dates, payment status | To compute balances, aging buckets, and reminder schedules |
| Your app settings (credit limits, reminder rules and templates, sender name, reply-to and alert email addresses, notes you write on a company) | To run the app the way you configured it |
| A log of reminders sent and actions taken (flag / tag / hold) | So nothing double-sends and you can review what happened |
We do not store order line items, shipping or billing addresses, end-customer personal data beyond company contact details, or any payment-card data. We never see or move money.
What we don't do
- We do not sell, rent, or share your data or your buyers' data with anyone for marketing or any other purpose.
- We do not use your data to train AI models or make automated decisions about people.
- We do not touch your storefront or checkout.
Who processes data for us (sub-processors)
- Shopify — the platform the app runs on; all store data originates there.
- Railway (railway.app) — hosts the application and its PostgreSQL database.
- Resend (resend.com) — delivers the reminder and alert emails you configure.
Each processes data only as needed to run TermsPilot.
Retention and deletion
- Uninstall the app → all of your shop's data (companies, invoices, rules, logs, settings, token) is deleted automatically.
- Shopify GDPR webhooks → we honor Shopify's customer data-request, customer erasure, and shop erasure requests, in line with Shopify's mandatory privacy webhooks.
- Downgrade or cancel a plan → nothing is deleted; paid features simply pause.
Security
Data lives in a managed PostgreSQL database; access tokens are encrypted at rest; secrets live in environment variables, never in code; every query is scoped to the shop it belongs to. Reminder sends are idempotent — enforced at the database level — so buyers can't be spammed by retries.
Your rights
Merchants and buyers can ask us what data we hold, ask for a copy, or ask for deletion at any time: email support@termspilot.app. For buyer data, we will loop in the merchant you do business with, since we process on their behalf.
Changes
If this policy changes materially, we'll note it here with a new effective date.
Questions? Email support@termspilot.app — a real human (the founder) reads it.