Privacy Policy
Last updated: July 1, 2026. This policy explains what data TrackedSale processes, why, and the choices you and your customers have.
Who we are
TrackedSale provides server-side conversion tracking for Shopify merchants. For the shopper data processed on behalf of a merchant, the merchant is the data controller and TrackedSale acts as a processor under their instructions.
Data we process
For merchants (our customers)
- Account data: email address, organization and store names.
- Store connection data: your Shopify store domain and the API credentials you provide. Secrets are encrypted at rest.
- Platform credentials you configure (e.g. Meta CAPI tokens), stored encrypted and used only to deliver your events.
For shoppers (on the merchant's behalf)
- Order data received from Shopify's signed webhooks: order value, currency, items, and customer contact details.
- On-site event data: pages viewed, cart and checkout events, click identifiers (such as
fbclid,ttclid,gclid), IP address and user agent, and the shopper's consent state.
How shopper data is used
Shopper data is used for one purpose: delivering conversion events to the advertising and marketing platforms the merchant has configured (Meta, TikTok, Google, Klaviyo, Pinterest). Where a platform requires hashed identifiers, personal fields such as email, phone, name and address are SHA-256 hashed before transmission. Klaviyo, as the merchant's own marketing tool, receives profile data in the format its API requires. We do not sell personal data and we do not use shopper data for our own advertising.
Consent
Every event carries the shopper's consent state as captured on the storefront. Where consent for marketing is denied, dispatch to marketing destinations is suppressed and Google receives the corresponding Consent Mode signals. TrackedSale does not grant consent on a shopper's behalf.
Retention
Event delivery records are kept for a limited operational window for deduplication and troubleshooting, then expire automatically. Store configuration and account data are kept while the account is active and deleted when a store or account is removed, including cleanup of associated credentials.
Security
Data is encrypted in transit (TLS) and at rest. Platform secrets are stored encrypted with restricted access. Webhooks are verified against Shopify's signatures before any processing happens.
Sub-processors
We use established cloud infrastructure providers to run our edge network, application and database. Sub-processors are bound by data protection terms consistent with this policy.
Your rights
Merchants can access, correct or delete their account data at any time. Shoppers should direct requests about their personal data to the merchant they purchased from (the controller); we assist merchants in fulfilling access and deletion requests, consistent with GDPR, LGPD and similar laws.
Contact
Questions about this policy: support@trackedsale.com. See also our Terms of Service.
Changes
We will update this page when our practices change and revise the date above. Material changes will be communicated to account owners by email.