Customer data

Privacy Policy

Perkli processes the minimum personal data needed to provide a Shopify-native loyalty wallet, rewards, referrals, store credit, and retention analytics for merchants.

Last updated: July 15, 2026

Scope

This Privacy Policy explains how Perkli processes personal data for merchants that install or use the Perkli Shopify app, including personal data about store customers, prospective customers, and visitors when that data is made available through Shopify APIs, app embeds, checkout, or customer account experiences.

Perkli is designed as an all-in-one loyalty solution for Shopify merchants. It is not a lending, banking, savings, or general-purpose payments product.

Data we process

Merchant account data: shop domain, Shopify account identifiers, app installation status, billing plan, settings, support communications, and app usage events.

Customer data: customer identifiers, name, email address, loyalty wallet balances, points, store-credit balances, reward history, referral attribution, VIP tier status, order and refund references, and the transactional ledger entries needed to explain balance changes.

Technical data: authentication/session metadata, webhook delivery metadata, logs, device/browser information, error events, and security signals needed to operate and protect the service.

How we use data

We use personal data to provide app functionality, including customer wallet creation, reward earning, redemption eligibility, referral tracking, refund-to-credit workflows, VIP tiers, merchant analytics, support, billing, fraud prevention, security, and compliance.

We limit use of personal data to these purposes and do not sell customer personal data or use it for cross-context behavioral advertising.

Sharing

We share personal data only with Shopify, the merchant that installed the app, service providers needed to operate Perkli, legal or compliance recipients when required, and successors if Perkli is involved in a business transfer.

Service providers are limited to the purposes Perkli authorizes and are expected to protect personal data using appropriate security and confidentiality controls.

Retention and deletion

Perkli keeps personal data only for as long as needed to provide the app, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and preserve an auditable loyalty ledger for merchants.

After uninstall, verified deletion request, or merchant account closure, Perkli deletes or de-identifies app data according to its retention schedule unless a longer period is required by law, security, billing, or dispute-resolution needs. Backups expire on their normal rotation cycle.

Security

Perkli uses encryption in transit, encryption at rest where supported by infrastructure providers, production/test separation, least-privilege access controls, access logging, and incident-response procedures.

No system is perfectly secure, but Perkli designs its operational controls around minimizing customer data exposure and limiting data access to authorized purposes.

Merchant responsibilities

Merchants are responsible for configuring Perkli lawfully, explaining their own data practices to customers, honoring consent choices, and responding to customer requests where they act as the controller or business for the data.

Perkli helps merchants process loyalty data, but merchants decide how their loyalty programs, rewards, referrals, and store-credit policies apply to their customers.

Questions about this page? Contact Perkli privacy support.