Privacy Policy
This Privacy Policy explains how Tryful (“we”, “us”, “our”) handles information in connection with the Checkout Pixel Migrator application (the “App”) for Shopify. Tryful is an independent software developer operating under the brand “Tryful” (domain tryful.dev); it is not a registered company. If you have any questions, contact us at support@tryful.dev.
1. Who we are
The App helps Shopify merchants migrate their legacy checkout tracking before Shopify removes the “Additional Scripts” field from the Thank You and Order Status pages on August 26, 2026. The App scans the tracking snippets a merchant pastes in, identifies the tracking vendors involved, and moves supported purchase tracking to a Shopify web pixel. For any privacy request, email support@tryful.dev.
2. Scope of this policy
This policy covers three surfaces:
- The embedded admin App that a merchant installs and uses inside their Shopify admin.
- The public scanner on our marketing site, which anyone can use without installing or signing in.
- The web pixel extension the App activates in a merchant’s store to replace legacy checkout tracking.
3. Information we collect and process
a. Merchant and store account data
When a merchant installs the App, Shopify authorizes it through OAuth. We store the information Shopify provides to operate the App: the store domain, the Shopify staff user identifier, first and last name, email address, locale, and the API access and refresh tokens needed to call Shopify on the store’s behalf. This is merchant / staff account information — it is not shopper personal data.
b. Tracking-script content and migration configuration
To scan and migrate tracking, we process the tracking code a merchant pastes in and the configuration derived from it:
- Signed-in (admin) scans: the pasted “Additional Scripts” content is stored so the merchant can revisit their report, along with a one-way hash of the input, the detected vendors, and the tracking IDs extracted from the snippets (for example a GA4 measurement ID or a Meta pixel ID).
- Public scanner: pastes submitted on our public scanner are never stored. We keep only a one-way hash and the list of detected vendors — the raw pasted content is not persisted and is not sent to any third party.
- Web pixel configuration: when a merchant sets up migration, we store the vendor tracking IDs the merchant chooses to migrate so the web pixel can send events to those vendors.
c. Optional AI assistance (paid, admin-only)
Signed-in merchants may optionally use a paid AI feature to help identify tracking snippets our scanner does not recognize. When (and only when) a merchant explicitly triggers it, the App sends those unrecognized snippets to a configured third-party AI provider for identification, and stores the resulting analysis. The provider is named in the App at the point of use, and that provider’s own terms govern how it handles the data. This feature is never available on the public scanner, and public pastes are never sent to any AI provider.
d. App-usage analytics
To understand how the App is used and improve it, we collect basic product-analytics events — for example which pages are viewed and which actions are taken (running a scan, requesting AI analysis, activating or deactivating the pixel). These events are keyed to the store domain and record only the page path and aggregate counts. They never include the pasted tracking-script content, the public scanner’s input, or any shopper personal data. Events from the public scanner are collected anonymously (no store identifier). We process these events with PostHog, our analytics provider (see section 7). This analytics is captured on our servers, not by third-party code running in your browser.
4. We do not collect shopper personal data
The App does not request access to Shopify customer or order records, and it does not store shopper names, email addresses, or postal addresses in our systems. Because we hold no shopper personal data, Shopify’s mandatory customers/data_request and customers/redact privacy requests have no shopper data to return or erase. When a store is uninstalled and Shopify sends a shop/redact request (approximately 48 hours after uninstall), we delete all data associated with that store.
5. The web pixel and data sent to your configured vendors
After a merchant activates migration, the App installs a Shopify web pixel that runs at checkout. When a purchase completes, the pixel sends purchase-event data directly to the advertising and analytics vendors the merchant has configured (such as Google Analytics 4, Meta, TikTok, and Pinterest). That event data includes the order or checkout token, currency, order value, tax and shipping amounts, line-item details (SKU, title, price, and quantity), the page URL, and the vendor advertising cookies present in the shopper’s browser (for example _ga, _fbp, _fbc, _ttp, ttclid, and _epik). It does not include the shopper’s name, email, or address.
This transmission is gated by the shopper’s consent choices through Shopify’s Customer Privacy API: analytics tracking runs only with analytics consent, and marketing/advertising vendors run only with marketing consent. The merchant is the data controller for the vendor accounts they configure, and each vendor processes the data it receives under its own privacy policy. Tryful does not receive or store this checkout event data — it flows from the shopper’s browser to the merchant’s chosen vendors.
6. How we use information
- To authenticate the merchant and operate the App.
- To scan tracking snippets and produce migration reports.
- To configure and activate the web pixel a merchant chooses.
- To provide support and respond to requests.
- To operate billing for paid features via Shopify.
- To comply with legal obligations and Shopify’s requirements.
7. Sharing and service providers
We do not sell personal data. We share information only with the providers needed to run the App:
- Shopify — the platform the App runs on; it provides authentication, billing, and the store data described above.
- Our hosting provider — which stores the App’s data on our behalf.
- The configured AI provider — only if a merchant uses the optional AI feature, and only the unrecognized snippets described in section 3(c).
- PostHog — our product-analytics provider, which processes the app-usage events described in section 3(d) (store domain, page paths, and aggregate counts — no shopper data and no tracking-script content).
The advertising and analytics vendors described in section 5 are configured by the merchant, not by us; they receive checkout event data directly and act under the merchant’s direction.
8. Data retention and deletion
We retain merchant account data and migration configuration for as long as the App is installed. When a store uninstalls the App, Shopify sends a shop/redact request (approximately 48 hours later), and we delete all scans, detections, AI analyses, migration configuration, and session records associated with that store. Public scanner pastes are never stored, so there is nothing to retain for them. You may also request deletion of your data at any time by emailing support@tryful.dev.
9. Data security
We use Shopify’s OAuth and session mechanisms, transmit data over encrypted connections (HTTPS/TLS), and limit access to the App’s data. No method of transmission or storage is completely secure, but we take reasonable measures to protect the information we hold.
10. International data transfers
We and our providers may process data in countries other than the one you or your shoppers are located in. Where we transfer data, we rely on appropriate safeguards to protect it.
11. Your rights
Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing (for example under the GDPR or the CCPA). To exercise any of these rights, email support@tryful.dev and we will respond within the time required by applicable law. Merchants can also have their data erased by uninstalling the App, which triggers the deletion described in section 8.
12. Children’s privacy
The App is a business tool for merchants and is not directed at children. We do not knowingly collect personal data from children.
13. Changes to this policy
We may update this policy from time to time. When we do, we will revise the “Effective date” above and, where appropriate, notify merchants. Continued use of the App after an update means you accept the revised policy.
14. Contact us
For any question about this policy or your data, contact us at support@tryful.dev.