NexVault Privacy Policy

Effective date: 31st March, 2016
This Privacy Policy explains how NexVault (“we”, “us”, “our”) collects, uses, stores, and protects data when you install and use the NexVault Shopify app (the “App”).
Merchant-first • Secure-by-design • Shopify-compliant

1) Privacy Summary

NexVault is built to help merchants manage Shopify media files (cleanup, duplicate detection, compression, and storage insights). We only access the data we need to provide these features, and we treat merchant data as confidential.

Your data is safe: NexVault does not sell merchant data, does not create advertising profiles, and only processes store information to deliver app functionality.

Quick links: Data we accessHow we use dataSecurity controlsShopify complianceYour choices

2) Data We Access

When you install NexVault, Shopify provides the App with limited access to your store data based on the permissions (scopes) you approve. NexVault primarily works with your store files (images, videos, documents) and related metadata.

Category Examples Why NexVault needs it
Store identifiers Shop domain (e.g., example.myshopify.com) To associate scans, jobs, and settings with the correct store.
Files & media metadata File IDs, URLs, content type, size, timestamps, status To list files, detect unused assets, track sizes, and show insights.
Usage signals References/usage counts, last referenced time (where available) To determine “orphaned/unused” files safely.
App settings Compression quality, scan interval, thresholds, notifications To apply your preferences and automation rules.
Operational logs Job progress, error messages, timestamps To show Active Tasks, troubleshoot, and improve reliability.
We do not intentionally access sensitive merchant/customer data that is not required for NexVault’s file management features. If your store contains customer data in files you upload (e.g., PDFs), that content remains your responsibility; NexVault treats the file as a storage object and processes it only when you request actions such as cleanup or deletion.

3) How We Use Data

NexVault uses store data only to provide and improve the App’s features, including:

  • Displaying your file library (Files Explorer) and file details
  • Detecting unused/orphaned files (usage = 0 or not referenced)
  • Finding duplicate files (grouping identical/near-identical media)
  • Compressing images based on the settings you choose
  • Moving files to Trash, restoring them, or deleting them permanently (only when you request)
  • Generating storage insights and optimization score metrics
  • Running background scans and showing progress (Active Tasks)
  • Providing support and troubleshooting when requested
No selling or advertising use: We do not sell your store data. We do not use your data to build ad profiles.

4) Data Sharing

We do not sell merchant data. We only share data in the limited circumstances below:

  • Service providers: We may use reputable infrastructure providers (hosting, databases, monitoring) to operate the App. They are bound to protect data and use it only to provide services to us.
  • Legal obligations: We may disclose data if required by law, regulation, subpoena, or valid legal process.
  • Merchant request: If you request support, you may share additional information with us (such as screenshots or logs).

5) Security

We use industry-standard security practices to protect data. Security measures may include:

  • Encrypted connections (HTTPS/TLS) for data in transit
  • Access controls and least-privilege principles
  • Secure storage of tokens/credentials
  • Monitoring and logging for reliability and fraud detection
  • Regular updates and vulnerability patching
Important: No system can be guaranteed 100% secure. However, we work to protect your data and respond quickly to security issues.

6) Data Retention

NexVault retains only the data needed to operate the App (such as scan results, job history, and settings) for as long as your store uses NexVault. We may retain limited logs for security, support, and compliance purposes.

When you uninstall the App, we follow Shopify’s requirements for data removal and retention, including responding to required data deletion requests.

Uninstall behavior: When NexVault is uninstalled, access to Shopify APIs is revoked. We will remove or anonymize stored app data associated with your shop within a reasonable period unless we must retain it for legal/compliance reasons.

7) Shopify Compliance & Data Protection Requests

NexVault is designed to follow Shopify’s app requirements and privacy expectations, including handling Shopify’s mandatory data protection webhooks:

  • Customers Data Request (access request)
  • Customers Redact (erasure request)
  • Shop Redact (store data erasure after uninstall)
Compliance note: If NexVault stores personal data covered by these requests, we will delete or anonymize it as required and within Shopify’s timelines.

8) Your Choices & Rights

You control how NexVault operates through Settings (scan schedule, compression defaults, notifications, thresholds). You can also:

  • Disable automatic scans at any time
  • Disable compression on upload
  • Move files to Trash (safe) instead of deleting permanently
  • Uninstall the App to revoke access to your Shopify store data

9) International Transfers

NexVault may process and store data in locations where our service providers operate. Where required, we use appropriate safeguards for cross-border data transfers.

10) Children’s Privacy

NexVault is intended for Shopify merchants and is not directed to children. We do not knowingly collect personal information from children.

11) Changes to This Policy

We may update this Privacy Policy from time to time to reflect improvements, legal changes, or Shopify requirements. If changes are significant, we will provide notice (for example, in-app or via the email associated with your Shopify account where appropriate).

12) Contact Us

If you have questions about this policy or your data, contact us:

Merchants first: We take privacy seriously. If you need data clarification or deletion support, we’ll help promptly.