Privacy Policy
Last Updated: January 16, 2026
1. Introduction
TallyX ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our inventory management and alert system, including our email and Slack notification services (collectively, the "Service").
By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.
2. Information We Collect
2.1 Information Collected Through Shopify APIs
When you connect your Shopify store to TallyX, we access the following data through Shopify's APIs:
| Data Type | Description | Purpose |
|---|---|---|
| Store Information | Store name, domain, email, currency, timezone | Account setup and localization |
| Product Data | Product titles, SKUs, prices, descriptions, variants | Inventory tracking and alerts |
| Inventory Data | Stock levels, locations, committed quantities | Real-time monitoring |
| Location Data | Warehouse/store names, addresses | Multi-location management |
| Collection Data | Collection names, product associations | Alert scoping |
| Order Data | Order IDs, line items, quantities | Sales velocity calculations |
We do NOT access or store: Customer payment information, customer billing/shipping addresses (beyond what's necessary for order processing), or sensitive customer data not required for inventory management.
2.2 Information Collected Directly from You
| Data Type | Collection Point | Purpose |
|---|---|---|
| Email address | Account registration | Authentication, notifications |
| Phone number | Settings | Account verification |
| Name | Account profile | Personalization |
| Notification preferences | Settings | Alert delivery |
2.3 Information from Your Customers (Limited)
If you enable the Back-in-Stock feature, we collect customer email and optionally phone number for the sole purpose of sending back-in-stock notifications. This data is retained until the customer is notified or 90 days, whichever comes first.
2.4 Automatically Collected Information
We automatically collect IP addresses, browser type, device information, and usage analytics for security, compatibility, and service improvement purposes.
3. How We Use Your Information
Provide Our Services
- •Monitor inventory levels in real-time
- •Send alerts when stock levels reach thresholds
- •Calculate sales velocity and demand forecasts
Deliver Notifications
- •Send email alerts about inventory status
- •Post alerts to your Slack channels
Improve Our Services
- •Analyze usage patterns to enhance features
- •Identify and fix bugs
- •Develop new functionality
Ensure Security
- •Prevent fraud and abuse
- •Protect against unauthorized access
- •Maintain system integrity
4. Data Sharing and Third Parties
4.1 Service Providers
| Provider | Purpose | Data Shared |
|---|---|---|
| Clerk | User authentication | Email, name, profile |
| Supabase | Database hosting | All application data (encrypted) |
| Resend | Email delivery | Email addresses, email content |
| Slack | Workspace integration | Channel IDs, message content |
| Vercel | Application hosting | Request logs, analytics |
We Do NOT:
- • Sell your personal information
- • Share your data for advertising purposes
- • Provide your data to data brokers
- • Use your data for profiling beyond service improvement
5. Data Retention
| Data Type | Retention Period | Deletion Trigger |
|---|---|---|
| Account data | Active subscription + 90 days | Account deletion request |
| Inventory data | Active subscription + 90 days | Store disconnection |
| Historical snapshots | 90 days | Rolling deletion |
| Alert history | 90 days | Rolling deletion |
| Order data | 90 days (for velocity) | Rolling deletion |
| Audit logs | 7 years | Legal requirement |
When you uninstall our app:
- • We receive a notification from Shopify within 48 hours
- • All your store data is deleted within 30 days
- • Audit records may be retained for legal compliance
6. Data Security
We implement industry-standard security measures to protect your data:
Technical Measures
- • Encryption in Transit (TLS 1.3)
- • Encryption at Rest (AES-256)
- • Role-based access controls
- • Multi-factor authentication
- • OAuth 2.0 for Shopify integration
Organizational Measures
- • Regular security training
- • Background checks for data access
- • Incident response procedures
- • Regular security audits
- • DPAs with all processors
7. Your Privacy Rights
7.1 For All Users
| Right | Description | How to Exercise |
|---|---|---|
| Access | Request a copy of your data | Email admin@tallyx.app |
| Correction | Update inaccurate data | Through your dashboard or email us |
| Deletion | Request data deletion | Email admin@tallyx.app |
| Portability | Export your data | Dashboard > Settings > Export |
7.2 For EU/EEA Residents (GDPR)
Additional rights include restriction of processing, object to processing, withdraw consent, and lodge a complaint with your supervisory authority.
7.3 For California Residents (CCPA/CPRA)
You have the right to know what personal information we collect, delete your personal information, opt out of the sale of personal information (we don't sell data), and non-discrimination for exercising your rights.
8. International Data Transfers
Our services are hosted in the United States. If you are located outside the US, your data will be transferred to and processed in the US.
For EU/EEA Residents: We rely on Standard Contractual Clauses (SCCs) with our service providers and adequacy decisions where applicable.
9. Children's Privacy
Our Service is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at admin@tallyx.app.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- •Posting the new Privacy Policy on this page
- •Updating the "Last Updated" date
- •Sending you an email notification for material changes
11. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
Email: admin@tallyx.app
For Data Protection inquiries:
- • Subject: "Privacy Request - [Your Request Type]"
- • Include: Your account email and specific request
Response Time: We aim to respond within 30 days.
This Privacy Policy was last updated on January 16, 2026