Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Privacy Policy — Flame Shopify Integration

            Modified on Mon, 1 Jun at 1:42 PM

            Privacy Policy — Flame Shopify Integration

            Last updated: 26 May 2026

            This policy explains how Flame Analytics, S.L. ("Flame") handles data in the context of the Flame app for Shopify.

            Data we receive from Shopify

            When a merchant installs the app, Flame requests read_orders and write_orders access. Through these scopes we receive:

            • Shop information (domain, owner email, plan, currency)
            • Order data (order id, total, line items, financial status, dates)
            • Customer name and email when present in the order

            How we use this data

            We link in-store foot traffic, measured by Flame sensors at the merchant's physical venue, with the merchant's Shopify orders to calculate conversion metrics and generate the merchant's reports.

            We do not sell personal data, do not use it for advertising, and do not share it with third parties beyond the infrastructure providers required to operate the service.

            Roles

            Flame is the data controller for merchant account information and acts as a data processor on behalf of the merchant for the customer-level data received from the merchant's Shopify store.

            Retention

            Personal data received from Shopify is kept while the app is installed and is deleted within 48 hours of uninstall, as enforced by Shopify's shop/redact webhook. Aggregated, anonymised statistics may be retained for product analytics.

            Compliance webhooks

            Flame implements the three mandatory Shopify compliance webhooks:

            • customers/data_request — we acknowledge and respond to data access requests forwarded by Shopify. Flame's primary databases do not store identifiable customer-level personal data.
            • customers/redact — we acknowledge and process customer data deletion requests. Where no identifiable customer-level personal data is held, no further action is required.
            • shop/redact — within 48 hours of uninstall we revoke access tokens and delete the shop's personal data from our primary databases.

            Your rights

            You (or your customers) may request access, rectification, deletion, portability, restriction, or object to processing of personal data by writing to privacy@flameanalytics.com. Complaints may be lodged with the Spanish Data Protection Authority (AEPD).

            Security

            Data is transmitted over HTTPS (TLS 1.2+). Access to production systems is restricted and protected with multi-factor authentication. Shopify access tokens are stored securely and rotated through Shopify's expiring-token flow.

            Changes

            Material changes will be communicated to merchants by email and reflected in the "Last updated" date above.

            Contact

            Flame Analytics, S.L.
            privacy@flameanalytics.com

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0