FeedOps › Privacy Policy
Get started free
Legal

Privacy Policy

Last updated: 1 June 2025  ·  Effective: 1 June 2025  ·  Version 1.0

1.0
India (IT Act 2000)

Overview

Nexera FeedOps ("FeedOps", "we", "our", or "us") is a Shopify application built and operated by Nexera Commerce Engineering, New Delhi, India. This Privacy Policy describes what data we collect when you install and use FeedOps, how we use it, and your rights regarding it.

By installing FeedOps from the Shopify App Store, you agree to this policy. If you do not agree, please uninstall the app and contact us to request deletion of stored data.

Plain-English summary: We only collect what we need to generate your Meta product feed. We don't sell your data. Your customers' personal information never passes through our systems.

Data we collect

We collect two categories of data:

Data typeExamplesSource
Store & product dataProduct titles, descriptions, prices, images, inventory, SKUs, variant info, collection namesShopify Admin API (read-only)
Shop account dataStore name, myshopify domain, shop owner email, country, currency, timezoneShopify Admin API on install
App usage dataSync run timestamps, error logs, feed generation events, dashboard viewsGenerated internally
Billing dataChosen plan, subscription status, charge IDShopify Billing API

We do not collect, process, or store any end-customer personal data (names, emails, addresses, payment details of your shoppers). Our feed only contains product catalog information.

How we use it

  • To generate and serve your Meta-compatible product feed at your unique feed URL.
  • To schedule and run automatic sync jobs at your chosen frequency.
  • To display sync history, error details, and product counts in your FeedOps dashboard.
  • To process your Shopify subscription and apply plan-based limits.
  • To send transactional emails about your account (sync failures, billing events).
  • To improve the app — we review aggregated, anonymized error logs to fix bugs.

We do not use your data for advertising, profiling, or any purpose unrelated to operating FeedOps.

Data sharing

We share your data only with the following parties, and only as needed to run the service:

  • Shopify Inc. — as the platform FeedOps is built on, per their own privacy policy and partner agreements.
  • Microsoft Azure — our app runs on Azure (regional data centre). Azure processes data on our behalf under standard contractual clauses.
  • Transactional email provider — only your store owner email is passed, to deliver account notifications.

We do not sell, rent, or trade your data to any third party. We do not share data with Meta directly — your feed URL is public and Meta fetches it on your behalf.

Shopify & GDPR webhooks

FeedOps complies with Shopify's mandatory GDPR webhook requirements:

  • customers/data_request — we respond within the required window. As noted, we do not store end-customer data, so these requests receive a null response.
  • customers/redact — we delete any incidental customer data within 30 days of receiving this webhook.
  • shop/redact — upon store uninstallation, we process this webhook within 48 hours and permanently delete all data associated with your shop within 30 days.

Data retention

  • Active stores: We retain your store and product data for as long as FeedOps is installed.
  • After uninstall: Anonymized sync logs are retained up to 90 days for debugging, then deleted. All identifiable store data is deleted within 30 days of receiving the shop/redact webhook.
  • Billing records: Retained for 7 years as required by Indian accounting law.

Security

We take reasonable technical and organisational measures to protect your data:

  • All data in transit is encrypted via TLS 1.2+.
  • Shopify access tokens are stored encrypted at rest using AES-256.
  • Our infrastructure runs on Azure with role-based access controls and audit logging.
  • Feed URLs use a unique, non-guessable token per store — they cannot be enumerated.

If you believe your account has been compromised, contact us immediately at info@nexeracommerce.online.

Your rights

Depending on your location, you may have the following rights:

  • Access — request a copy of the data we hold about your store.
  • Correction — request we fix inaccurate data.
  • Deletion — uninstalling the app triggers our deletion process automatically.
  • Portability — request your data in a machine-readable format.
  • Objection — object to specific processing activities.

Email info@nexeracommerce.online with the subject line Data Request – [your store domain]. We will respond within 30 days.

Cookies

The FeedOps admin panel uses a minimal session cookie to keep you authenticated. We do not use tracking, analytics, or advertising cookies. We do not use any third-party tracking scripts.

Children

FeedOps is a business tool intended for adults operating Shopify stores. We do not knowingly collect information from anyone under 18. If you believe a minor has installed our app, contact us and we will delete the associated data promptly.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we update the "Last updated" date at the top of this page. For material changes, we will notify active merchants via email or an in-app notice at least 7 days before the change takes effect.

Contact us

Questions, concerns, or requests relating to this Privacy Policy:

Nexera Commerce Engineering
New Delhi, India
Email: info@nexeracommerce.online
Subject line: Privacy – [your store domain]

We aim to respond to all privacy-related inquiries within 5 business days.