Snackery: Variant Discounts privacy policy

Snackery: Variant Discounts
Operated by Wuforia LLC dba Snackery Labs
Last Updated: March 17, 2026
Effective Date: March 17, 2026

Overview

At Snackery Labs, we take your privacy seriously. This Privacy Policy explains how Snackery: Variant Discounts (“App”) collects, uses, stores, and protects your information. We are committed to transparent data practices and only collect information necessary to operate and improve our app.

We do not sell, share, or rent your personal data to third parties.

1. Information We Collect

Store Information

  • – Shopify store domain and name
  • – Shop owner name and email address
  • – Store plan information
  • – Currency and timezone settings

 

Product & Variant Data

  • – Product titles, descriptions, and handles
  • – Variant SKUs, prices, and inventory level
  • – Product collections and tags
  • – Metafield data used for rule evaluation

 

Customer Data

When you select specific customers for discount eligibility, we collect and process:

  • – Customer first and last names
  • – Customer email addresses
  • – Customer unique Shopify identifiers (IDs)

 

This customer data is used solely to determine which customers are eligible for the discounts you create within the app.

 

Discount Rule Configuration

  • – Rules, conditions, and settings you create
  • – Campaign configurations and schedules
  • – Sales channel selections
  • – Customer segment selections

 

Session & Authentication Data

  • – OAuth tokens and session identifiers provided by Shopify
  • – Authentication timestamps
  • – API access logs

 

App Settings & Preferences

  • – Your notification preferences
  • – Gift card exclusion settings
  • – UI customization choices

 

Usage & Performance Data

  • – App usage analytics (via Google Analytics)
  • – Feature usage patterns
  • – App performance metrics
  • – Bug reports and error logs

 

We do not sell, share, or rent your personal data to third parties.

2. How We Use Your Information

We use the information we collect exclusively to:

 

Operate the App

  • – Create, store, and manage your discount rules
  • – Apply discount rules to product variants in real-time
  • – Sync discounts when products are created or updated in your store
  • – Authenticate and maintain your secure session in Shopify Admin

 

Provide Customer Support

  • – Respond to your support inquiries
  • – Troubleshoot technical issues
  • – Provide guidance on using the app

 

Improve the App

  • – Identify and fix bugs
  • – Improve performance and user experience
  • – Develop new features and functionality
  • – Conduct analytics on feature usage

 

Ensure Security & Compliance

  • – Detect and prevent fraudulent activity
  • – Monitor system health and security
  • – Comply with Shopify’s requirements
  • – Maintain audit trails and access logs

 

We do NOT use your data for:

  • – Advertising or marketing to your customers
  • – Profiling or behavioral analysis
  • – Any purpose unrelated to app functionality
  • – Selling to data brokers or third parties

3. Data Sharing & Third Parties

Services We Use

We share limited information with trusted service providers necessary to operate the app:

  • – Shopify: The app operates within the Shopify platform and exchanges data with Shopify APIs as part of normal functionality
  • – Railway: Cloud infrastructure provider that hosts our application servers (US-based data center)
  • – Google Analytics: We use Google Analytics to understand aggregate usage patterns and improve the app

 

When We Share Data

We may disclose your information only when:

  • Required by law or legal process
  • Necessary to protect the rights, safety, or property of Snackery Labs or our users
  • With your explicit consent

 

We Do NOT Share Data With

  • Competitors or rival app developers
  • Marketing or advertising networks
  • Data brokers or data aggregators
  • Your customers or other Shopify merchants

4. Data Retention & Deletion

Active Use

  • – Rules and configurations: Stored and maintained as long as the app is installed
  • – Session data: Maintained for the duration of your active session
  • – Analytics data: Retained for 26 months for historical analysis

 

Upon App Uninstallation

  • – Session tokens: Immediately invalidated and deleted
  • – Discount rules and app settings: Deleted from our database within 30 days
  • – Access logs: Retained for 90 days for security purposes, then deleted
  • – Analytics data: Anonymized and aggregated within 30 days

 

Note on Shopify Discounts

Any discounts created by the app in your Shopify store remain in your Shopify account after uninstallation. You must manually delete these from your Shopify Admin if desired.

 

Customer Data Retention

Customer names and email addresses are not permanently stored. This data is:

  • Processed in real-time when you select customers for discounts
  • Cached temporarily in memory during active sessions
  • Not retained after you close the customer selection modal or uninstall the app
  • Deleted from all backups within 30 days of uninstallation

5. Data Security

We implement industry-standard security practices to protect your data:

In Transit

  • – All data transmitted between your browser and our servers is encrypted using HTTPS/TLS 1.2 or higher
  • – All API requests to Shopify are encrypted and authenticated

 

At Rest

  • – Customer and configuration data is encrypted using AES-256 encryption while stored in our database
  • – Database credentials and API keys are encrypted and access-restricted
  • – Sensitive data such as authentication tokens are hashed before storage

 

Access Controls

  • – Access to production systems is restricted to authorized personnel only
  • – We use role-based access control (RBAC) to limit staff access to customer data
  • – Strong password requirements are enforced for all staff accounts (minimum 12 characters, complexity requirements)
  • – Multi-factor authentication (MFA) is required for access to production systems

 

Monitoring & Logging

  • – All access to customer data is logged and audited
  • – System access logs are retained for 90 days
  • – Unauthorized access attempts are detected and alerted immediately
  • – We monitor for suspicious activity on a continuous basis

 

Backups

  • – Database backups are created daily and encrypted using AES-256
  • – Backups are stored in geographically distributed secure locations
  • – Backup access is restricted to authorized personnel only
  • – Backups are tested regularly to ensure recoverability

 

Data Separation

  • – Test and production environments are completely isolated
  • – Production data is never used in development or testing
  • – Each environment has separate authentication, encryption keys, and access controls

 

Data Loss Prevention

  • – Our infrastructure includes redundant storage systems across multiple availability zones
  • – Automated failover systems ensure continuous service availability
  • – Regular disaster recovery drills ensure our ability to recover from data loss
  • – We maintain detailed disaster recovery and business continuity plans

 

Authentication

  • – We use Shopify OAuth for authentication — we never request or store your Shopify password
  • – All API communications use HMAC verification to validate requests
  • – Session tokens expire after 24 hours of inactivity

 

Incident Response

  • – We have a documented Security Incident Response Policy in place
  • – If we detect a security breach, we will notify affected users within 48 hours
  • – We maintain a security incident log for audit purposes
  • – We conduct post-incident reviews to prevent future occurrences

6. Your Data Rights

You have the right to:

Access

Request a copy of all personal data we hold about your store and its customers. We will provide this within 14 business days.

 

Deletion

Request deletion of your data by:

  • – Uninstalling the app from your Shopify Admin (automatic deletion within 30 days)
  • – Contacting us directly for immediate deletion

 

Correction

Request correction of any inaccurate data we hold about your store or its configuration.

 

Portability

Request your discount rule configurations in a machine-readable format (JSON or CSV).

 

Opt-Out (Applicable Protections)

  • – You can disable individual features or opt out of specific functionality
  • – You can delete customer selections to prevent customer data processing

 

How to Exercise Your Rights

To exercise any of these rights, contact us at:

7. Compliance & Legal Basis

Shopify Compliance

Snackery: Variant Discounts complies with:

  • – Shopify’s Partner Program Agreement
  • – Shopify’s App Store requirements
  • – Shopify’s API Terms of Service
  • – Protected Customer Data policies

 

Your use of the app is also governed by Shopify’s Privacy Policy and Terms of Service.

 

Legal Basis for Data Processing

We process your data under the following legal bases:

  • – Contract Performance: Data necessary to provide the app’s services
  • – Legitimate Interest: Improving security, preventing fraud, and app improvement
  • – Compliance: Meeting legal obligations and Shopify requirements
  • – Consent: You consent to data collection by installing and using the app

 

Data Protection Compliance

  • – We comply with applicable data protection laws including GDPR, CCPA, and others
  • – For European users, data is processed under lawful bases as defined in GDPR Article 6
  • – We do not engage in automated decision-making with legal or significant effects

8. Children's Privacy

Our app is not intended for children under the age of 13. We do not knowingly collect information from children. If we become aware that a child has provided us with personal information, we will delete such information immediately.

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • – Right to know what personal information is collected and used
  • – Right to delete personal information
  • – Right to opt-out of the sale of personal information (we do not sell data)
  • – Right to non-discrimination for exercising your privacy rights

To exercise California privacy rights, contact: [email protected]

10. European Privacy Rights (GDPR)

If you are in the European Union or UK, you have rights under GDPR:

  • – Right to access your data
  • – Right to rectification of inaccurate data
  • – Right to erasure (“right to be forgotten”)
  • – Right to restrict processing
  • – Right to data portability
  • – Right to object to processing
  • – Rights related to automated decision-making

 

Our lawful basis for processing is the performance of the contract with you and our legitimate interests in providing a secure, functional app. To exercise GDPR rights, contact: [email protected]

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable laws. When we make material changes:

  • – We will update the “Last Updated” date at the top
  • – We will notify you through the app or via email for significant changes
  • – Your continued use of the app after changes constitutes acceptance of the updated policy

12. Third-Party Links & Services

Our app may integrate with or reference third-party services (Shopify, Google Analytics, etc.). This Privacy Policy does not cover third-party services, and we encourage you to review their privacy policies separately.

13. Contact Us

Snackery Labs
Wuforia LLC dba Snackery Labs
1992 Morris Ave, Suite 176
Union, NJ 07083

📧Email:[email protected]
🌐Website:snackerylabs.com

Response Time:We typically respond to privacy inquiries within 7 business days.

End of Privacy Policy

Last Updated: March 23, 2026