> For the complete documentation index, see [llms.txt](https://flicky.gitbook.io/flicky-docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://flicky.gitbook.io/flicky-docs/legal/privacy-policy.md).

# Privacy Policy

**Effective Date:** 24 June 2026 | **Last Updated:** 4 July 2026

This Privacy Policy explains how **Flicky: B2B Wholesale Pricing** ("Flicky", "we", "us", or "our") collects, uses, stores, and protects information when a merchant installs and uses the app on their Shopify store.

> This document describes our data practices in plain language. It is provided for transparency and is **not legal advice**. Merchants are responsible for their own privacy obligations to their customers.

## 1. Introduction

Flicky is a Shopify application that helps wholesale merchants set up and manage B2B pricing, volume discounts, variant tables, and related campaigns on their Shopify stores. This Privacy Policy explains what information we access when you install or use the App, how we use it, and what rights you have over your data.

This policy applies to:

* **Merchants** — Shopify store owners and staff who install and configure Flicky.
* **Customers** — shoppers of a merchant's store, whose data the app may process on the merchant's behalf to apply B2B pricing and discounts.

By installing the App, you agree to the practices described in this policy.

## 2. Information We Collect

When you install Flicky, Shopify grants the app permission to access specific store data through the Shopify API, in line with the Shopify API License and Terms of Use. We request only what the app's features need.

### Store & Account Information

To operate the app, we collect and store:

* **Store record** — your store's domain and an encrypted Shopify access token used to call the Shopify API on your behalf.
* **App configuration** — the rules you create (volume discounts, pricing rules, variant tables), including their settings, targeting, schedules, and design options.

When you contact us directly (for example, for support), we also receive the information you choose to provide, such as your email address and the contents of your request.

### Product Information

To help you set up and run campaigns, we access **products and variants** — to target discounts and pricing rules and to render variant tables.

### Customer Data

Where you configure rules to apply to specific customers, customer tags, segments, or markets, we access and store the **customer identifiers** needed to evaluate those rules. We process the minimum data required and do not store or process your customers' data beyond what is necessary to deliver the App's functionality.

### Other store data we access

| Data            | Why we access it                                                                            |
| --------------- | ------------------------------------------------------------------------------------------- |
| **Discounts**   | To create and manage the automatic discounts that power Volume Discounts and Pricing Rules. |
| **Markets**     | To apply market‑based pricing eligibility.                                                  |
| **App proxy**   | To serve storefront widget data (pricing, discounts, variant tables).                       |
| **Validations** | To enforce Variant Table cart/checkout rules.                                               |

We do **not** access or store payment card details — all payments are handled by Shopify.

## 3. How We Use Your Information

We use the data we collect solely to:

* provide and operate the app's features for your store;
* calculate and display B2B pricing and discounts;
* save and apply your campaign configuration settings;
* generate analytics for your store; and
* provide support and maintain the security and reliability of the service.

We do **not** sell your data or your customers' data, and we do not use it for advertising.

## 4. Analytics

We use **Mixpanel**, a third-party analytics tool, to understand how the App is used so we can improve it. This may include usage data such as:

* pages and features accessed within the App;
* installation and uninstallation events, and interaction patterns across the app funnel; and
* device type and browser information.

Analytics data is aggregated and used only to improve the App experience. It does not include personal identifiers such as your name or email address.

## 5. Data Storage and Security

Your data is stored on secure servers hosted by **Vultr**, located in **Singapore**. We apply industry-standard security practices to protect your information:

* Shopify access tokens are **encrypted at rest**.
* Data is transmitted over encrypted (HTTPS) connections.
* Access to production systems is restricted to authorized personnel.

**International data transfers.** Because our servers are located in Singapore, your data is processed and stored outside the European Economic Area (EEA) and may be processed outside your country of residence. Where data is transferred across borders, we take reasonable measures to ensure it remains protected in line with this policy.

No method of transmission over the internet is 100% secure. While we take reasonable measures to protect your data, we cannot guarantee absolute security.

## 6. Data Retention

We retain your data only for as long as necessary to provide the App's features or to meet legal obligations. When you uninstall the App, your access token is revoked immediately and your sessions are purged; store and merchant data is removed upon written request.

Flicky does **not** collect or store your customers' personal information (such as names, email addresses, or contact details). The only customer-related data we hold is the targeting configuration you set up yourself — for example customer tags, segment identifiers, or market identifiers used to decide which pricing rules apply. We do not receive or retain individual shopper records.

Because of this, Flicky implements Shopify's mandatory privacy webhooks on an **acknowledge-only** basis. Each request is authenticated and confirmed, and we take the following action:

* **`customers/data_request`** — we hold no personal data about individual customers, so there are no shopper records to compile.
* **`customers/redact`** — we hold no personal data about individual customers, so there is nothing to delete.
* **`shop/redact`** — sent by Shopify approximately 48 hours after uninstall. As the app stores no customer personal data, the request is acknowledged; any residual store configuration data is removed in line with the retention practices above.

If we change the App in future so that it does store customer personal information, we will update these webhooks to compile and delete that data on request, and revise this policy accordingly.

## 7. Third-Party Services

We work with trusted third-party providers to operate and improve the App:

* **Shopify** — the platform the app runs on; all store and customer data originates from and is governed by Shopify, and is read or written within your permitted scopes.
* **Mixpanel** — to collect aggregated usage analytics (see Section 4).
* **Vultr** — for secure data storage and hosting (see Section 5).

Third-party providers are bound by their own privacy policies and data protection agreements. We do not authorize them to use your data for their own purposes, and we share data with third parties only as necessary to operate the service or where required by law.

## 8. Cookies

We use cookies to support basic App functionality, including:

* keeping you signed in to the App (via the App Bridge session token);
* remembering your store and settings; and
* measuring App performance (via analytics, see Section 4).

You can disable cookies in your browser settings, though this may limit certain App features.

## 9. Links to External Sites

The App may contain links to external websites. We are not responsible for the content or privacy practices of those sites. We recommend reviewing their privacy policies before submitting any personal information.

## 10. Your Privacy Rights

Depending on your jurisdiction, you or your customers may have the rights described below. Merchants can exercise their customers' data rights through Shopify's data request and redaction tools, which trigger the webhooks described in Section 6. To make a request directly, contact us using the details in Section 13.

### GDPR (EU/EEA Residents)

If you are based in the European Economic Area, you have the right to:

* **Access** — request a copy of the data we hold about you;
* **Rectification** — correct any inaccurate or incomplete data;
* **Erasure** — request deletion of your personal data;
* **Portability** — receive your data in a machine-readable format; and
* **Restriction or objection** — limit or stop certain types of processing.

To exercise any of these rights, contact us at <flicky.support@gmail.com>.

### CCPA (California Residents)

If you are a California resident, you have the right to:

* know what personal information we collect and how it is used;
* request deletion of your personal data;
* opt out of the sale of your personal information (we do not sell personal data); and
* not be discriminated against for exercising these rights.

To submit a request, email us at <flicky.support@gmail.com>.

### Nevada Residents

We do not sell personally identifiable information as defined under Nevada law. Nevada residents may still contact us at <flicky.support@gmail.com> to opt out of any potential future sale.

## 11. Children's Privacy

Flicky is not directed at individuals under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

## 12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. For significant changes, we will notify you via email or a notice within the App.

We encourage you to review this policy periodically.

## 13. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, contact us at:

**Email:** <flicky.support@gmail.com>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://flicky.gitbook.io/flicky-docs/legal/privacy-policy.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
