Privacy Policy

The RetailLab is a Shopify application operated by Sustainable Souls, Inc. (“we,” “us,” or “our”). The RetailLab calculates how much revenue a store loses when products go out of stock by tracking product page views, detecting inventory stockouts, and estimating lost revenue broken down by size, color, or any variant.

From the Shopify API (with Merchant Authorization)

When a merchant installs The RetailLab and authorizes access through Shopify's OAuth flow, we access:

• Product catalog: titles, handles, variants, prices, images, product types, tags, vendor
• Inventory levels: quantities per variant per location, unit costs
• Order line items: trailing 730 days of order history, including refunds and returns
• Customer purchase behavior: aggregated and anonymized. No PII (names, emails, addresses) is stored
• Historical analytics data via ShopifyQL
• Script tag installation for storefront tracking

From the Storefront Tracking Script

The RetailLab installs a lightweight JavaScript tracking script on the merchant's storefront. This script collects:

• The Shopify product ID of the page being viewed
• The selling price displayed to the visitor at the time of the view
• The compare-at price, if the product is on sale
• A randomly generated anonymous visitor ID stored in localStorage (not a cookie)
• The timestamp of the visit and general device category (mobile, tablet, or desktop)
• When a visitor is logged in, the anonymous customer_id provided by Shopify for cross-device recognition
• User agent string for bot filtering and device categorization
• Country, region, and city (derived from the visitor's IP address at the edge, not stored as a raw IP)
• Referrer URL, UTM parameters, and source URL for attribution analysis
• Click events on add-to-cart and checkout-start buttons to measure conversion funnel steps

The tracking script uses daily deduplication and bot filtering. The visitor_id is anonymous and does not identify any individual. We track clicks on key conversion elements (such as add-to-cart and checkout-start buttons) because these actions are sometimes the only reliable signal of purchase intent before a completed order reaches the Shopify API.

The RetailLab explicitly does not collect, store, or process:

• No customer names, email addresses, phone numbers, or mailing addresses
• No IP addresses or precise geolocation data
• No device fingerprinting data (screen resolution, installed fonts, plugins)
• No cookies on the merchant's storefront (we use localStorage, not cookies)
• No session recordings, mouse movements, hover tracking, scroll tracking, or keystroke data
• No advertising identifiers or cross-site tracking
• No retargeting, remarketing, or behavioral advertising of any kind
• No data sharing with advertising networks or data brokers

All data collected is used exclusively for:

• Calculating estimated lost revenue from out-of-stock products
• Generating inventory analytics reports
• Tracking product page views and conversion rates
• Detecting inventory stockouts, restocks, and receipt events
• Auto-detecting markdown events and identifying backorder products
• Powering AI-driven merchandising insights (Pro tier)
• Computing sell-through percentages, size curves, and demand patterns
• Providing actionable buying recommendations
• Analyzing visitor journeys across multiple devices and sessions
• Tracking add-to-cart and checkout-start clicks to measure conversion funnel steps
• Attributing traffic sources via referrer and UTM parameters
• Filtering bot traffic using user agent and behavioral signals

How We Do NOT Use Data

The RetailLab does not use merchant or visitor data for:

• Advertising, retargeting, or marketing of any kind
• Selling or licensing data to third parties
• Building consumer profiles for any purpose other than the merchant's own analytics
• Email collection or outreach to the merchant's customers
• Competitive benchmarking that identifies individual merchants
• Training AI models on merchant-identifiable data

The RetailLab shares merchant data only with the following parties:

We do not sell, rent, license, or share merchant or visitor data with advertising networks, data brokers, or analytics aggregators.

• Managed PostgreSQL on US-based Render infrastructure, fully isolated with no public-facing routes
• Frontend hosted on Vercel with read-only API access; all writes via authenticated server-side processes
• Encrypted at rest (AES-256) and in transit (TLS 1.2+)
• Multi-tenant architecture with logical data isolation per store
• Two-layer access control: password-protected install gate plus admin approval panel
• OAuth tokens encrypted at rest and never exposed to the client
• Daily automated backups with point-in-time recovery
• SOC 2 Type 1 readiness in progress with target attestation Q3 2026

Active merchants: Data retained for as long as the app is installed. Inventory snapshots and stockout history are retained permanently for seasonal planning.

After uninstall: Upon receiving Shopify's shop/redact webhook, ALL store data is permanently deleted within 48 hours. This is irreversible.

Visitor data: Anonymous visitor IDs in localStorage can be cleared by the visitor at any time by clearing browser site data.

The RetailLab respects privacy rights under CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, TDPSA, OCPA, and other state laws effective through 2026. You have the right to know what personal information we collect, request access, request deletion, opt out of sale/sharing (note: we do not sell data), and not be discriminated against for exercising your rights.

To exercise any right, contact mlewis@sustainablesouls.com. We respond within 45 days as required by law.

The RetailLab's tracking script collects anonymous product page view data for inventory analytics only. We do not track visitors across third-party websites or serve advertising. Because our tracking is limited to anonymous, single-site product page views, the Do Not Track signal does not change our data practices.

The RetailLab is a business-to-business application. We do not knowingly collect personal information from children under 13. The anonymous storefront tracking data does not identify any visitor, including their age.

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be notified via email and/or dashboard notice. Continued use after changes constitutes acceptance.