Privacy Policy

Last updated: March 2026

PayProof ("we", "our", or "us") is a Shopify app that helps merchants accept manual payments (including Instapay) by collecting payment screenshots and confirming orders. This Privacy Policy explains what data we collect, how we use it, and your rights.

1. Data We Collect

When installed, our app collects and stores the following data:

• Shop data: Shopify store domain, access token, payment gateway configuration.
• Order data: Order ID, order name, order amount, payment status.
• Customer data: Customer name, email address, phone number (from Shopify orders).
• Uploaded files: Payment screenshot images uploaded by customers.
• Email configuration: SMTP settings entered by the merchant (if configured).

2. How We Use Data

• To display payment submissions to merchants for review and confirmation.
• To send email notifications to customers (confirmation and reminder emails).
• To sync order payment status with your Shopify store.

3. Data Storage

All data is stored securely on Railway.app (PostgreSQL database) and Cloudflare R2 (file storage). Data is retained for as long as the app is installed. Upon uninstall, all shop data is permanently deleted within 48 hours.

4. Data Sharing

We do not sell or share your data with third parties, except for the infrastructure providers listed above (Railway, Cloudflare) which are necessary to operate the app.

5. Customer Data Rights (GDPR)

If you receive a customer data request, we will anonymise or delete the customer's personal data from our systems within 30 days. We fully comply with Shopify's mandatory GDPR webhooks.

6. Merchant Rights

You may request deletion of all your store's data at any time by contacting us or by uninstalling the app.

7. Contact

For privacy-related requests, contact us at: hello@payproofapp.com