Legal · Privacy
Privacy Policy
Petit Tools: Customer Heatmap — the Shopify app. Last updated 1 June 2026.
This privacy policy explains how the "Petit Tools: Customer Heatmap" Shopify app ("the App", "we", "us") collects, uses, stores and protects data when you install and use it on your Shopify store.
The App is provided by Ryan Mario Yasin ("the Developer"). For any privacy question or request, contact us at ryan [at] petitpli [dot] com.
1. Who the data belongs to
The App processes two kinds of party:
- Merchants — the Shopify store owner and staff who install and use the App.
- Customers — the people who have placed orders with the merchant's store, whose order data the App reads from Shopify.
The merchant is the data controller for their customers' personal data. The Developer acts as a data processor on the merchant's behalf, processing that data only to provide the App's features.
2. What data the App accesses
When installed, the App reads the following from your Shopify store through Shopify's Admin API:
- Order data — order reference, date, currency, order value, fulfilment status, and order tags.
- Customer data — the customer identifier and customer tags associated with each order, and, for orders you choose to export, customer name and email address.
- Address data — the billing and shipping address on each order, specifically postal code, country, region, county and city. The App uses the postal code and country to place orders on a map.
- Product data — product titles, vendors and product tags on each order, used for filtering.
The App requests these Shopify access scopes: read access to orders, products and customers, and write access to customers limited to adding tags (see section 6).
The App does not access payment card details, passwords, or any data beyond what is listed above.
3. How the data is used
The App uses this data solely to provide its features to the merchant:
- Plotting orders on an interactive map (heatmap or pins).
- Producing geographic sales reports by country, region, county and city.
- Building customer segments from a selected area, and exporting customer lists as CSV files at the merchant's request.
- Displaying an optional public map on the merchant's storefront, which shows order counts by area only and contains no personal data.
The App does not use the data for advertising, profiling for our own purposes, or any purpose other than delivering these features to the merchant who installed it.
4. Where the data is stored
Data is stored in a private database hosted on Fly.io in London, United Kingdom. The database is encrypted at rest, and all data is transmitted over encrypted (HTTPS) connections. Each merchant's data is isolated and identified by their store domain.
5. Third parties
- Shopify — the source of all order data, accessed under Shopify's own terms and privacy commitments.
- Map tile providers (OpenStreetMap and CARTO) — the App loads background map imagery from these providers. Only standard map tile requests are made; no order, customer or personal data is ever sent to them.
- Fly.io — our hosting provider, which stores the database as described above.
The App does not sell, rent or share personal data with any other third party. Any export of customer data (for example a CSV file) is generated at the merchant's request and delivered only to that merchant.
6. Customer data changes
The App's only write operation on customer records is adding a tag in order to create a Shopify customer segment, and only when the merchant explicitly chooses to create a segment. The App never edits, deletes, or otherwise modifies customer names, email addresses, addresses, marketing consent, or any other customer data.
7. Data retention and deletion
- The App retains a copy of the merchant's order data for as long as the App remains installed, so it can display maps and reports quickly.
- When the App is uninstalled, the merchant's session credentials are removed immediately.
- In line with Shopify's requirements, the App responds to Shopify's mandatory data-protection webhooks:
- Customer data request — we provide, via the merchant, a record of what order data we hold for a given customer (postal-code-level aggregates derived from Shopify's own data).
- Customer redaction — we remove the customer's identifier and tags from the order records we hold, so the remaining data is no longer linked to that person.
- Shop redaction — 48 hours after uninstall, we permanently delete all data associated with that store.
Merchants may also request deletion of their data at any time by contacting us at ryan [at] petitpli [dot] com.
8. Security
We protect data with encryption in transit and at rest, access controls limiting who can reach the database, and the principle of least privilege in the App's Shopify access scopes. No method of storage or transmission is completely secure, but we take reasonable measures to protect the data we process.
9. Merchants' and customers' rights
Depending on your jurisdiction (including under the UK GDPR and EU GDPR), individuals may have rights to access, correct, delete or restrict the processing of their personal data. Because the merchant is the controller of their customers' data, such requests should ordinarily be made to the merchant, who can action them through Shopify and, where relevant, through the App. We will assist merchants in responding to these requests.
10. Changes to this policy
We may update this policy from time to time. Material changes will be reflected by the "Last updated" date above, and where appropriate we will notify merchants.
11. Contact
For any question about this policy or about data the App processes, contact:
Ryan Mario Yasin
ryan [at] petitpli [dot] com