Legal
Privacy Policy
Last updated:
This document explains what information Minimum Order Quantity (the “App”) collects, why we collect it, and what we do with it. The App is a Shopify application that helps merchants set minimum and maximum limits on product quantities, cart quantities, order values, and weights, and enforce those rules on the storefront and at checkout. The App connects to your storefront through a theme app embed and publishes active limit settings through Shopify metaobjects. Throughout this policy, “we,” “us,” and “our” refer to the legal entity that operates the App. “You” means the merchant who installs the App. Shoppers are people who visit your storefront and add items to cart or checkout.
Shopify runs its own platform. When you use Shopify, Shopify’s terms and privacy policy apply to Shopify’s services. This policy only covers how we handle information in connection with Minimum Order Quantity.
If you are a shopper, the merchant is usually the one who decides why your data is collected. We process any shopper-related information on the merchant’s instructions to deliver the features they enable. For most privacy requests, you should start with the store you shopped on; we describe how we help merchants and Shopify with compliance below.
1. Who is responsible for your information?
| Role | Value |
|---|---|
| Data controller (for merchant and App operational data) | SideHustleX |
| Privacy contact | contact@hustlepops.com |
Use the email above for questions about this policy or requests about personal data we hold in connection with the App.
2. What we collect
2.1 From Shopify when you install or use the App
Installing the App through Shopify allows us to receive and use the minimum data needed to sign you in, identify your store, and perform the functions you expect. That typically includes:
- Store identifiers (for example, shop domain and internal IDs).
- Account-related details Shopify provides in the install or admin context, such as contact email, shop owner name, and plan signals where applicable.
- Access credentials Shopify issues for API use so the App can call Shopify on your behalf.
- Shop settings (for example, currency, timezone, and address fields) when needed to format limits, messages, and admin experiences.
- Theme information needed to confirm your theme app embed is enabled and to render limit messaging on your storefront.
The permissions you approve at install define what we can request. As of the date above, the App may request scopes such as: read themes, read metaobject definitions, read metaobjects, write metaobject definitions, write metaobjects, and write app proxy. The exact list shown in Shopify at installation applies to your store.
We use that access to publish limit configuration to your theme embed and metaobjects, run the merchant admin experience, and keep storefront enforcement in sync with your active rules. We do not use OAuth tokens for unrelated purposes.
2.2 Data you (the merchant) generate inside the App
We store configuration and operational records needed to run the service, which may include:
- Product limits (minimum/maximum quantity, value, or weight rules, schedules, scope selections, and custom messages).
- Order limits (cart-level minimum/maximum rules, audience settings, schedules, and custom messages).
- Design settings (colors, fonts, alignment, and warning styling for storefront messages).
- Preferences (for example, checkout blocking, add-to-cart behavior, currency rounding, and admin language).
- Resource references you select in the admin (for example, product, variant, collection, or tag identifiers used to scope a limit).
- Onboarding and theme embed status for your shop.
- Aggregate dashboard metrics (for example, counts of active product and order limits).
2.3 Data from shoppers on your store
The App is designed to validate cart and product behavior against your configured limits. We do not ask shoppers to create accounts in the App or submit contact forms through it. When a shopper interacts with your storefront while limits are active, we may process:
- Cart and product context needed to evaluate limits (for example, quantities, line values, product or variant identifiers, and cart totals).
- Customer tag or market signals Shopify exposes on the storefront when you configure audience or country restrictions for an order limit.
- Technical metadata such as IP address, user agent, and timestamps in server or diagnostic logs, for security, abuse prevention, and reliability.
Most limit checks run in the shopper’s browser using configuration published to your theme. We generally do not store persistent shopper profiles in our database for limit enforcement. The merchant is responsible for having a lawful basis and a clear notice for any shopper-facing processing, where the law requires it.
2.4 Compliance and lifecycle signals from Shopify
We subscribe to webhooks required for app operations and privacy compliance, which may include app uninstall and mandatory privacy topics Shopify specifies (for example, customer data request, customer redact, and shop redact). We use payloads only to operate the App, honor deletion requests, and meet our obligations under Shopify’s program rules and applicable law.
2.5 When you browse our site or the App’s web surfaces
When you or your staff use our pages or the embedded admin App, we and our infrastructure partners may process device and connection data, usage logs, and cookies or similar storage to run the service, keep it secure, and diagnose issues. A current list of material subprocessors (hosting, database, etc.) is available on request.
3. How we use information
We process personal data to:
- Provide, maintain, and secure the App, including authentication, theme embed configuration, metaobject publishing, and limit storage.
- Let merchants create, schedule, publish, and manage product and order limits, design settings, and preferences.
- Enforce configured limits on the storefront and at checkout according to merchant settings.
- Show dashboard metrics (for example, counts of product limits, order limits, and active rules) to merchants.
- Communicate with you about the App, security, and support.
- Improve and troubleshoot the product, including fraud prevention and error diagnosis.
- Comply with law, enforce our terms, and respond to valid requests from public authorities, courts, or Shopify’s compliance program.
We do not sell your personal information in the sense used by many U.S. state privacy laws. We do not use shoppers’ information for our own unrelated marketing.
4. Legal bases (EEA, UK, Switzerland, and similar)
Where GDPR-style laws apply to our own processing, we may rely on:
- Contract — to provide the App you asked us to run.
- Legitimate interests — to keep our systems secure, fix bugs, and protect users, balanced against your rights.
- Legal obligation — where the law compels retention or disclosure.
- For shoppers’ data, we usually act as a processor on the merchant’s instructions.
5. Retention and uninstall
We keep merchant and configuration data for as long as you use the App and for a limited period afterward where needed for legal, accounting, or security reasons.
Product limit, order limit, design, and preference records are kept for as long as the feature requires or until deletion is triggered by you, a redaction request, or uninstall procedures.
When the App is uninstalled, we follow Shopify’s requirements to stop processing for that shop and to delete or de-identify personal data, except where a narrow legal or security need requires minimal records.
7. Your rights
Merchants: Depending on your location, you may have the right to access, correct, delete, object, restrict processing, or port your data. Contact contact@hustlepops.com.
Shoppers: Contact the merchant first. We will work with the merchant and Shopify when a valid privacy webhook or other lawful process applies.
8. Children
The App is not intended for use by children, and we do not knowingly collect personal data from children. If you believe a child’s data was collected, contact us and we will take appropriate steps.
9. Changes
We may update this policy. We will change the “Last updated” date and, if the change is material, provide additional notice when practical.