Privacy Policy

Last updated: June 30, 2026

Who we are

Delta Point ("the App") is operated by InWave d.o.o., a consulting company registered in Slovenia. This policy explains what data the App accesses, how it is used, and how it is protected.

What data we access

When you install the App on your Shopify store, it requests read-only access to the following data through the Shopify Admin API:

The App does not modify, create, or delete any data in your Shopify store. All API access is strictly read-only.

How we use your data

Your store data is used solely to generate analytics and dashboards for you. Specifically, the App:

Your data is never used for advertising, marketing, profiling, or any purpose other than providing analytics to you.

Data storage and security

Your data is stored in a secure, private data lake accessible only to you and the Delta Point team managing your analytics setup. Data is encrypted in transit (HTTPS/TLS) and access is controlled through authentication tokens and cloud security policies.

We do not store Shopify API credentials in plaintext. Access tokens are managed through secure credential stores (OS keyring or cloud-based secrets management such as Azure Key Vault).

Data sharing

We do not sell, rent, or share your store data with any third party. Your data is used exclusively to provide analytics services to you.

Data may be processed by cloud infrastructure providers (such as Microsoft Azure or Amazon Web Services) solely for hosting and computation purposes, subject to their own security and privacy standards.

Data retention

Your data is retained for as long as the App is installed on your store and our analytics service is active. If you uninstall the App or terminate the service, we will delete your store data within 30 days of your request.

Your rights

You have the right to:

Uninstalling the App immediately revokes its API access token, preventing any further data retrieval.

GDPR compliance

As a company based in Slovenia (EU), we comply with the General Data Protection Regulation (GDPR). Personal data (such as customer email addresses) is processed on the legal basis of legitimate interest in providing the analytics service you have requested. You may exercise your data subject rights by contacting us at the address below.

Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Material changes will be communicated to you directly.

Contact

If you have questions about this privacy policy or your data, contact us at:

InWave d.o.o.
Email: info@inwave-consulting.com