Privacy Policy

Amoni Subscriptions — Effective 26 May 2026

1. Who we are

Amoni Subscriptions is a Shopify application published by Amoni ("we", "us", "our"). We help Shopify merchants offer subscription purchasing options on their storefronts.

Questions about this policy can be directed to support@amoni.io.

2. Data we collect from merchants

When a merchant installs Amoni Subscriptions we receive and store the following data via Shopify's OAuth flow:

Shop domain — used to scope all data to your store.
OAuth access token — used to call the Shopify Admin API on your behalf. Stored encrypted in our database.
Subscription plan configuration — plan names, billing intervals, discount values, and the products you link to each plan.
Widget settings — accent colour, border radius, button labels, and bullet-point content you configure in the Settings page.

We do not collect merchant passwords, payment details, or any data beyond what is necessary to operate the app.

3. Customer data

Amoni Subscriptions does not store any end-customer personally identifiable information (PII). Subscription contracts, customer names, email addresses, and payment information are held exclusively by Shopify and are never transmitted to or persisted by our servers.

Our storefront widget reads product and plan data from our API proxy. It does not collect, track, or send any customer data to us.

4. How we use data

Data collected is used solely to:

Authenticate your store with Shopify's API.
Create and manage Selling Plan Groups in your Shopify admin on your behalf.
Serve subscription plan options on your storefront via the app proxy.
Display dashboard metrics (active plans, MRR, churn rate).

We do not sell, rent, or share your data with third parties for marketing purposes.

5. Third-party services

We use the following sub-processors to operate the app:

Vercel — application hosting (United States / global edge). Privacy policy
PostgreSQL database provider — persistent storage for plans, settings, and sessions.

6. Data retention

Merchant data is retained for as long as the app is installed. When you uninstall the app:

All subscription plans are immediately marked inactive and removed from your storefront.
All stored data (plans, widget settings, OAuth tokens) is permanently deleted within 48 hours in response to Shopify's shop/redact webhook.

7. GDPR & data subject rights

If you or one of your customers is located in the European Economic Area, you have rights under the GDPR, including the right to access, correct, or erase data we hold. Because we do not store customer PII, requests from end-customers should be directed to the merchant. Merchants may submit requests to support@amoni.io. We respond within 30 days.

8. Cookies & tracking

Amoni Subscriptions does not use cookies, analytics scripts, or tracking pixels on merchant storefronts. The app admin UI uses Shopify's session storage mechanisms for authentication only.

9. Security

We use industry-standard measures including encrypted connections (TLS), encrypted credential storage, and access-scoped API tokens. We follow the principle of least privilege when requesting Shopify API permissions.

10. Changes to this policy

We may update this policy to reflect changes in the app or applicable law. When we make material changes, we will update the effective date above and, where possible, notify affected merchants via the app dashboard.

11. Contact

For privacy-related questions or data requests, contact us at support@amoni.io.