Privacy Policy
App Name: StorePort Import Export Company: Sooce Ltd Effective Date: June 12, 2026 Last Updated: June 22, 2026
1. Introduction
This Privacy Policy describes how Sooce Ltd ("we", "us", or "our") collects, uses, and protects information when you use StorePort Import Export (the "App"), a Shopify embedded application that enables merchants to import and export Shopify store data using CSV and Excel files, with optional integration to Google Drive.
By installing or using the App, you agree to the practices described in this Privacy Policy. If you do not agree, please uninstall the App and discontinue use.
2. Information We Collect
2.1 Shopify Store Data
When you install the App and grant the required permissions, we access Shopify store data through the official Shopify API. This may include:
- Products and variants - titles, descriptions, prices, SKUs, inventory levels, images, and metafields
- Orders - order IDs, line items, customer references, fulfillment status, and financial data
- Customers - names, email addresses, phone numbers, and address information stored in your Shopify store
- Collections - collection titles, rules, and product assignments
- Inventory - inventory levels and locations
- Other resource types - any additional Shopify resource types you explicitly choose to import or export through the App
We access this data only to perform the specific import or export operation you initiate. We do not read your store data for any other purpose.
2.2 OAuth Tokens and Authentication Credentials
When you connect a Google Drive account to the App, we store:
- Access tokens and refresh tokens issued by Google to authorize the App to act on your behalf
- Basic account identifiers (such as Google user ID) used to associate the token with your merchant account
These tokens are stored securely and are used exclusively to read or write files to your cloud storage account as directed by you.
We do not store your Google account password. We do not have access to your password at any time.
2.3 App Usage and Configuration Data
We collect and store:
- Your Shopify shop domain (e.g.,
your-store.myshopify.com) to identify your account within the App - Import/export job history - job type, status, timestamp, and file name - so you can review past operations
- App configuration and settings you have saved (e.g., field mapping preferences, default options)
- Error logs and diagnostic information related to import/export operations, used for troubleshooting
2.4 Information We Do Not Collect
We do not collect:
- Payment card numbers or financial credentials
- Personally identifiable information beyond what is present in your Shopify store data and what is necessary to operate the App
- Data from your Google Drive account beyond the specific files you select for import/export operations
- Behavioral analytics, advertising identifiers, or cross-site tracking data
3. How We Use Your Information
We use the information described above for the following purposes:
- To perform import/export operations - reading your Shopify store data to export it to a file, or writing data from an uploaded or cloud-hosted file to your Shopify store
- To read and write files in your connected cloud storage - accessing only the specific file or folder you designate within Google Drive to complete the requested operation
- To maintain your account and settings - storing your preferences, job history, and authentication tokens so the App functions correctly between sessions
- To provide customer support - using job logs and error details to diagnose and resolve issues you report
- To improve the App - aggregated, non-identifiable usage patterns (e.g., most commonly exported resource types) may be used to guide product decisions
We do not sell, rent, or share your data with third parties for marketing or advertising purposes.
4. Third-Party Services and Data Access
4.1 Shopify
StorePort Import Export is built on the Shopify platform and uses the Shopify API. When you install the App, you authorize it to access specific scopes of your Shopify store. The App requests only the permissions required to perform import and export operations on the resource types you use.
Your use of Shopify is governed by Shopify's own Privacy Policy: https://www.shopify.com/legal/privacy
4.2 Google Drive
If you choose to connect a Google account:
- You authorize the App through Google's official OAuth 2.0 flow
- The App requests only the scopes necessary to read files you select and write files to a folder you designate within Google Drive
- No files outside the explicitly designated location are accessed
- Google Drive file contents are processed in memory to complete your import/export job. We do not store Google Drive file contents on our servers beyond the duration of the active processing session
- Each merchant connects their own Google account. We do not use shared or service-level Google accounts that commingle data across merchants
Your use of Google Drive is governed by Google's Privacy Policy: https://policies.google.com/privacy
You can revoke the App's access to your Google account at any time from your Google Account security settings under "Third-party apps with account access."
4.3 Hosting and Infrastructure
The App is hosted on infrastructure provided by Sooce Ltd. Our production API operates at https://storeport.api.btpro.net. We take reasonable steps to ensure our hosting environment meets industry-standard security practices.
5. Data Storage and Security
5.1 Where Data Is Stored
All persistent App data - including your Shopify access token, Google OAuth tokens, and job history - is stored on servers located at https://storeport.api.btpro.net. We do not currently use third-party analytics, advertising, or data-broker services.
5.2 Security Measures
We implement the following security practices:
- OAuth tokens are stored encrypted at rest
- All communication between the App and Shopify and Google Drive occurs over HTTPS/TLS
- All communication between your browser and the App backend occurs over HTTPS/TLS
- Access to production systems is restricted to authorized personnel only
- We follow Shopify's security requirements for embedded apps, including HMAC validation of all requests originating from Shopify
5.3 No Guarantees
While we take security seriously, no system is completely secure. We cannot guarantee the absolute security of your information. If we become aware of a data breach that affects your information, we will notify you in accordance with applicable law.
6. Data Retention and Deletion
6.1 Retention During Active Use
We retain your App data - including your OAuth tokens, job history, and settings - for as long as the App is installed on your Shopify store.
6.2 Deletion Upon Uninstall
When you uninstall the App from your Shopify store:
- Your Shopify access token is revoked and deleted from our systems
- Your Google Drive OAuth tokens are deleted from our systems
- Your job history and settings are deleted
This process is initiated automatically upon receiving Shopify's app/uninstalled webhook. Deletion is completed within 30 days of uninstall.
6.3 Manual Deletion Requests
You may also request deletion of your data at any time by contacting us at emrah.ozyazgan@btpro.net. We will confirm deletion within 30 days of receiving your request.
6.4 Temporary Processing Data
Files retrieved from Google Drive during an import/export operation are held in memory for the duration of the operation only. They are not written to disk or retained after the job completes.
7. Your Rights
Depending on your jurisdiction, you may have rights regarding your personal data, including:
- Right to access - request a copy of the data we hold about you
- Right to correction - request correction of inaccurate data
- Right to deletion - request that we delete your data (see Section 6.3)
- Right to restriction - request that we limit how we use your data
- Right to data portability - request your data in a structured, machine-readable format
- Right to object - object to certain uses of your data
To exercise any of these rights, contact us at emrah.ozyazgan@btpro.net. We will respond within 30 days. Note that some rights may be subject to limitations under applicable law.
8. Cookies and Tracking
The App is an embedded Shopify app and runs within the Shopify Admin interface. We use the minimum cookies required for the App to function:
- Session cookies - to maintain your authenticated session within the App
- CSRF protection tokens - to protect against cross-site request forgery
We do not use:
- Third-party advertising cookies
- Cross-site tracking technologies
- Analytics cookies from services such as Google Analytics, Mixpanel, or similar
Shopify's own session and cookie practices apply within the Shopify Admin environment. Refer to Shopify's Privacy Policy for details.
9. Children's Privacy
The App is designed for use by Shopify merchants and is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us at emrah.ozyazgan@btpro.net and we will delete it promptly.
10. International Data Transfers
If you are located outside the country where our servers are hosted, your data may be transferred to and processed in a different jurisdiction. By using the App, you consent to such transfer. We take steps to ensure that any such transfers are subject to appropriate safeguards.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will:
- Update the "Last Updated" date at the top of this document
- Post the updated policy at our App's privacy policy URL
- For material changes, provide notice through the Shopify Admin interface or by email to the store owner's contact email on file
Continued use of the App after changes are posted constitutes your acceptance of the updated policy. We encourage you to review this policy periodically.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: emrah.ozyazgan@btpro.net Company: Sooce Ltd Website: https://storeport.api.btpro.net
We aim to respond to all privacy-related inquiries within 5 business days.
*This Privacy Policy applies exclusively to the StorePort Import Export Shopify application. It does not apply to any other products or services offered by Sooce Ltd.*