BundleCraft privacy policy

This privacy policy describes how BundleCraft ("the app"), operated by Slatehouse (Fabian Eppinger, Munich, Germany), handles data when you install and use it on your Shopify store. The general Slatehouse privacy policy at slatehouse.app/privacy applies in addition.

BundleCraft requests read access to your products (to let you pick bundle main products and add-ons) and read/write access to cart transforms (to group bundles and apply tiered discounts at checkout). It does not read orders or customer records.

Your bundle configuration — bundles, add-on lists, discount tiers and personalization field definitions — is stored in your own shop’s metafields, i.e. inside Shopify, under your control. On the app’s server only a standard authentication session for your shop is kept (shop domain and access token).

BundleCraft does not collect, store or process personal data of your customers. Personalization entries (e.g. engraving text or gift notes) are attached to the cart and order within Shopify and never touch BundleCraft’s servers. The mandatory GDPR webhooks (customers/data_request, customers/redact, shop/redact) are implemented; since no customer data is held, there is nothing to return or erase.

The authentication session is kept while the app is installed. No usage analytics or customer-level data is collected.

When you uninstall BundleCraft, bundles stop applying immediately and the app’s session data is deleted automatically. The bundle configuration copy stored in your own shop’s metafields remains in your store under your control and can be removed at any time.

Under the GDPR you can request access, correction, deletion or export of any data the app holds about your shop. Write to hello@slatehouse.app.

Questions about this policy: hello@slatehouse.app — Slatehouse, Munich, Germany. See the Impressum for full operator details.