Legal
Privacy Policy
Credit Control for B2B · Last updated 2026
This Privacy Policy explains what data the Credit Control for B2B app ("the App", "we") accesses and how we use it when installed on a Shopify store.
Data we access
- Orders — to record amounts owed by B2B companies and detect over-limit / overdue orders.
- Companies — to associate credit limits and balances with B2B companies (via each order's purchasing company).
We request the minimum scopes needed (read_orders, write_orders, read_companies, write_companies). We do not request access to customer profiles and do not use customer names, emails, phone numbers, or addresses.
How we use it
Solely to provide the App's function: computing outstanding balances, enforcing credit limits and holds at checkout, and showing AR aging to the merchant. We do not sell data or use it for advertising.
Where it is stored
Credit settings, ledger entries, invoices, and audit logs are stored in our application database (hosted on DigitalOcean Managed PostgreSQL, encrypted at rest and in transit). Credit-state metafields are stored on your Shopify store.
Sub-processors
We use a small number of trusted third-party providers to run the App. Each processes only what is needed to deliver the service:
- DigitalOcean — cloud hosting and managed PostgreSQL database (data encrypted at rest and in transit).
- Sentry — application error monitoring and performance telemetry. We do not send customer personal data to Sentry; alerts reference our own records rather than PII.
- Shopify — the platform the App runs on; billing and checkout are handled by Shopify.
- Email provider — where applicable, used to deliver transactional and support email. No merchant store data is shared beyond what is needed to send a message you have requested.
- QuickBooks Online (Intuit) and Xero — only if you connect one on the AR plan. When connected, the App sends your B2B invoice and payment records to that accounting system (posting them as open receivables and payments) and reads back payment status so reminders stay accurate. We store the accounting connection's OAuth access/refresh tokens encrypted at rest, request the minimum scopes (invoices and payments), and delete them when you disconnect, uninstall, or on a
shop/redactrequest. Data sent to your accounting system is then governed by that provider's own terms and privacy policy.
Retention & deletion
We honor Shopify's mandatory data-protection webhooks. On app uninstall and on a shop/redact request, all merchant store data we hold is permanently deleted.
Marketing list
Separately from the App, our public website may collect an email address you voluntarily submit to join our early-access list. This is prospect/marketing data — not merchant store data — and you can have it removed any time by emailing us.
Contact
For privacy requests, contact support@worqflow.org.