Privacy Policy
Last updated: June 17, 2026
Smart Trust Bar ("the App") provides theme app blocks that let merchants display trust badges, payment method icons, and (on Pro) a free-shipping progress bar on product pages ("the Service"). This Privacy Policy describes how information is collected, used, and shared when you install or use the App in connection with your Shopify-supported store.
Personal information the App collects
When you install or use the App, we collect and store information needed to operate the embedded admin app and keep you signed in:
- Shop domain (for example,
your-store.myshopify.com) - OAuth session data, including access tokens used to authenticate requests to Shopify on your behalf
- Optional staff account metadata from the Shopify OAuth session, such as staff user ID, name, email, and locale
We do not collect, store, or process customer personal information (such as customer names, emails, addresses, or order details). Storefront blocks are display-only and do not send buyer data to our servers.
Shopify data and API access
The App requests no optional Shopify Admin API access scopes. It does not read your products, themes, orders, or customers through the Admin API.
To support Free and Pro features, the App writes one app-owned metafield on your shop's app installation:
app.metafields.tier.has_subscription— a boolean indicating whether you have an active Pro subscription
This metafield is used so theme app blocks can show or hide Pro features in the theme editor and on the storefront. It is stored by Shopify as part of your app installation, not in a separate customer database maintained by us.
When you subscribe or change plans through Shopify Managed Pricing, Shopify sends subscription update webhooks so we can keep this metafield in sync.
Storefront behavior
On your online store, the App's theme extension renders blocks configured in the theme editor. No buyer form submissions are sent to us.
If you use Smart Trust Bar (Pro) with the free-shipping progress bar, a small JavaScript file on your storefront may read your store's public cart total (via Shopify's standard cart.js endpoint) to update the progress bar when the cart changes. That cart data is processed in the buyer's browser and is not transmitted to our app servers.
Technologies we use
Like most web applications, our backend may record standard server log data when you use the embedded app (for example, IP address, browser type, request timestamps, and error logs) to operate, secure, and troubleshoot the Service.
The embedded admin app runs inside Shopify Admin and relies on Shopify's authentication mechanisms (including session tokens). We do not use advertising pixels, customer tracking, or third-party analytics on your storefront as part of the App.
How we use personal information
We use the information described above to:
- Provide, operate, and maintain the Service
- Authenticate your shop and sync subscription tier status
- Respond to support requests and communicate with you about the App
- Comply with legal obligations and protect the security of the Service
We do not use merchant or customer information for unrelated advertising purposes.
Sharing your personal information
We do not sell your personal information.
We may share information only in these limited cases:
- Service providers that host or operate the App on our behalf (for example, cloud hosting and database providers), under obligations to protect your data and use it only to provide the Service
- Legal requirements, when we believe disclosure is required by law, regulation, legal process, or governmental request, or to protect our rights and the security of the Service
We do not share customer personal information with third parties because we do not collect it.
Data retention and deletion
We retain OAuth session data for as long as your shop has the App installed and needs an active session.
When you uninstall the App, we delete stored session data for your shop. Shopify may also send a shop/redact compliance webhook after uninstall; when received, we delete any remaining session records for your shop.
App-owned metafields on your Shopify app installation are managed through Shopify's app lifecycle. If you have questions about metafield removal after uninstall, contact us using the details below.
Your rights
If you are located in the European Economic Area, United Kingdom, or other regions with similar privacy laws, you may have the right to:
- Access personal information we hold about you
- Request correction or deletion of your personal information
- Object to or restrict certain processing
- Lodge a complaint with your local data protection authority
To exercise these rights, contact us using the information below. We will respond within a reasonable timeframe and as required by applicable law.
Because the App does not store customer personal data, customer data subject requests are generally not applicable to data held by us. Shopify's own privacy practices apply to buyer data processed by Shopify.
International transfers
Your information may be processed and stored in countries other than your own, including the United States, where our hosting providers operate. We take reasonable steps to protect your information in line with this Privacy Policy and applicable law.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes to the App, our practices, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page. Continued use of the App after changes take effect constitutes acceptance of the revised policy.
Contact us
For questions about this Privacy Policy, our data practices, or to make a privacy-related request, contact us at:
PixelPerfectCreations