Stocktake · Shopify App
Privacy Policy
Last updated: 13 July 2026
This policy explains what information the Stocktake — Inventory Audits app (“Stocktake”, “the app”) collects when you install it on your Shopify store, how we use it, and the choices you have. Stocktake helps brick-and-mortar merchants keep inventory accurate through cycle-count audits, and is operated by Runelight Ventures (“Runelight”, “we”, “us”).
1. Who this policy covers
This policy applies to merchants who install Stocktake on their Shopify store, and to the store data the app accesses in order to function. It does not govern Shopify itself — your use of Shopify is covered by Shopify’s Privacy Policy.
2. Information we collect
When you install Stocktake, you grant it permission (via Shopify’s standard OAuth flow) to access certain data from your store. We access only what is needed to run inventory audits:
| Category | Examples | Why we need it |
|---|---|---|
| Store & owner details | Store name and domain, and the store owner’s name, email address, phone number and physical address | To identify your store, configure the app, and contact you about your account and billing |
| Product & inventory data | Products, collections, inventory levels, inventory items and store locations (viewed and, when you record an audit, edited to correct stock counts) | The core function — selecting items to count and updating levels after an audit |
| Team member & audit data | Names of the team members you add to conduct audits, and the audit records they generate — items counted, discrepancies, shrinkage, accuracy scores and leaderboard standings | To run audit sessions, produce accuracy/shrinkage reports, and power the employee leaderboard |
| Usage & technical data | Log data, app settings, device/browser type, IP address, error diagnostics | To keep the app secure, reliable, and to fix problems |
A note on team members
If you add team members so they can run audits, you are responsible for having a lawful basis to share their names with us and for informing them that their audit activity is recorded and shown on the leaderboard. We process this information only to provide the app’s features to you.
3. How we use information
- To provide, operate and maintain Stocktake’s audit, reporting and leaderboard features;
- To update inventory levels in your store when you record the results of an audit;
- To diagnose issues, prevent abuse, and keep the service secure;
- To respond to your support requests and send you service and billing communications;
- To comply with our legal obligations, including Shopify’s Partner requirements.
We do not sell your data, and we do not use it to build advertising profiles.
4. How information is shared
We share data only with service providers that help us run the app, and only as needed:
- Hosting & infrastructure — Stocktake’s application and database are hosted on Railway (Railway Corp.), which stores and processes app data on our behalf.
- Shopify — we read from and write to your store through the Shopify Admin API to perform the functions described above.
- [If you use any other processors — e.g. error monitoring such as Sentry, an email/support provider, or analytics — list them here with what they receive. Remove this line if there are none.]
These providers act as our processors under contract and may not use your data for their own purposes. We may also disclose information where required by law, or to protect our rights, safety, or the integrity of the service.
5. Data retention
We keep store, team-member and audit data for as long as Stocktake is installed on your store. When you uninstall the app, we honour Shopify’s data-erasure requirements: our systems process Shopify’s shop/redact request and delete or anonymise your data within 30 days of the request. Some records may be retained longer where required for legal, accounting, or security reasons.
6. Security
We use industry-standard measures to protect your data, including encryption in transit (HTTPS/TLS), access controls, and least-privilege API scopes. No method of transmission or storage is perfectly secure, but we work to protect your information and to notify you of any material breach as required by law.
7. Your rights
Depending on where you are located (e.g. under the GDPR or CCPA/CPRA), you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise any of these rights, uninstall the app or contact us at the address below and we will respond within the timeframe required by law.
8. International transfers
Our hosting provider, Railway, processes and stores data in the United States, so if you are located elsewhere your data will be transferred to and processed in the U.S. [Confirm your Railway region.] Where we transfer data internationally, we rely on appropriate safeguards such as Standard Contractual Clauses.
9. Children
Stocktake is a business tool for merchants and is not directed at children. We do not knowingly collect personal information from anyone under 16.
10. Changes to this policy
We may update this policy from time to time. When we make material changes, we will revise the “Last updated” date above and, where appropriate, notify you within the app. Continued use of Stocktake after changes take effect constitutes acceptance of the updated policy.
11. Contact us
Questions or privacy requests regarding Stocktake? Reach us at:
hello@runelightventures.com
Runelight Ventures [· add legal entity name, mailing address and country if required by your jurisdiction]