Propel Low Stock Alerts (“the App”) is a Shopify app operated by Propel Commerce / Alcaris Inc. This policy explains what data the App accesses, why, how long it is kept, and how it is deleted.
The App is a read-only inventory monitor. It requests only these Shopify scopes:
read_products — to read product and
variant titles, SKUs, vendors, types, tags, and status so low-stock
items can be identified and labeled in reports and digests.
read_inventory — to read available
quantities per variant so the App can compare them against your
configured thresholds.
read_locations — to read location names
so inventory can be reported and filtered per location.
The App does not request write access to your store, and does not access orders, customers, payment, or storefront-customer data.
To deliver scheduled low-stock digests, the App stores, keyed to your shop domain:
Inventory snapshots — product, variant, and location
identifiers, titles, SKUs, available quantities, and timestamps
captured at each scan.
Alert configuration — thresholds, schedules, filters,
and threshold overrides you set.
Recipient email addresses — the email addresses you
enter to receive digests. These are merchant or staff addresses you
provide; the App does not collect storefront-customer emails.
Run history — records of each scan (timing, item
counts, email delivery status) for troubleshooting and the in-app
activity log.
Session data — the Shopify offline access token and
shop metadata required to call the Shopify API on your behalf.
The App does not store, process, or have access to storefront customer personal data — names, addresses, customer emails, order history, or payment information. Because of this, there is no customer data to export or erase in response to Shopify's customer GDPR requests.
Stored data is used solely to evaluate inventory against your thresholds, render in-app reports, and send the low-stock email digests you configure. We do not sell data, and do not share it with third parties except the infrastructure providers required to run the service (hosting and transactional email).
Render — application hosting and database.
Amazon Web Services (Amazon SES) — delivery of digest
emails to the recipients you configure.
On uninstall: the App receives Shopify's
app/uninstalled webhook and marks your shop as
uninstalled — it stops all processing and stops sending alerts. Your
data is not deleted at this point; it is retained until Shopify's
shop/redact webhook is received (see below).
Data deletion: the App deletes all data keyed to your
shop — inventory snapshots, alert configuration, recipients, run
history, threshold overrides, shop settings, and session token — when
it receives Shopify's shop/redact webhook, which Shopify
fires approximately 48 hours after uninstall.
Customer GDPR webhooks: the App handles
customers/data_request and customers/redact.
Because no storefront-customer data is stored, these complete with
nothing to export or erase.
You can remove individual recipients or delete an alert at any time
from within the App. Uninstalling the App marks your shop as
uninstalled and stops all processing; your data is then deleted when
Shopify sends the shop/redact webhook, as described above.
Questions about this policy or your data: support@propelcommerce.io.
Propel Commerce / Alcaris Inc.
170-422 Richards St
Vancouver, BC V6B 2Z4
Canada
We may update this policy; material changes will be reflected by a new effective date at the top.