Privacy Policy Effective Date: [Date] Last Updated: [Date]
1. Overview
PodProfits ("we", "us", "our") is a profit monitoring and order management application for Etsy sellers using print-on-demand services such as Printful and Printify. PodProfits is read-only. We do not modify, create, or delete anything in your Etsy, Printful, or Printify accounts. We only read data and present insights about your business.
2. What Data We Collect and Where It Comes From
We collect data only from the accounts you choose to connect.
Sources and data categories
- Etsy: shop information, listings, orders, transactions, shipping details, and payout data.
- Printful: order status, fulfillment costs, product details, and shipping charges.
- Printify: order status, fulfillment costs, product details, and shipping charges.
We do not collect
- Passwords for Etsy, Printful, or Printify.
- Customer payment information.
- Data from any source other than the connected platforms you authorize.
3. How We Use Your Data
We use your data only to
- Calculate profit margins on your POD orders.
- Show order status across platforms in one place.
- Provide analytics and insights about your business.
- Identify profitable products and listings.
We do not
- Send data back to Etsy, Printful, or Printify beyond OAuth authentication.
- Modify, create, or delete anything in your connected accounts.
- Use your data for advertising or unrelated purposes.
- Sell your data.
4. Legal Basis for Processing
Under GDPR, our legal basis is contract performance under Article 6(1)(b). We process your data so we can provide the service you requested.
5. How We Share Your Data
We share your data only when necessary to provide PodProfits.
- Cloudflare (D1 + Workers): hosting and database infrastructure.
- You, the seller: dashboard analytics and order data display.
We do not share your data with advertisers, marketers, or data brokers.
6. Data Retention
We retain data as follows
- Order and transaction data: while your account is active, plus 30 days after disconnection.
- Logs and error records: 30 days.
- Aggregated and de-identified analytics: may be retained indefinitely.
Upon account deletion, personally identifiable data is deleted within 30 days.
7. Data Deletion and Disconnection
When you disconnect a platform, we stop reading new data from that platform and delete the platform-specific data within 30 days. Other connected platforms continue to sync.
When you delete your PodProfits account, all platform data is deleted within 30 days, OAuth tokens are revoked, and you receive a confirmation email after deletion is complete.
Immediate deletion requests may be sent by email with the subject line "Delete My PodProfits Data."
8. Data Security
We use
- Encryption in transit (TLS).
- Encryption at rest (Cloudflare D1).
- Read-only API tokens.
- Regular security reviews.
9. Your Rights
Depending on your location, you may have the right to:
- Access your data.
- Correct inaccurate data.
- Delete your data.
- Restrict processing.
- Request data portability.
- Object to processing.
We generally respond to privacy requests within 30 days, or faster where required by law.
10. International Data Transfers
Your data may be processed using Cloudflare's global network. For EU users, we use Cloudflare D1 databases restricted to the EU jurisdiction where required, and rely on Cloudflare's Standard Contractual Clauses where applicable.
When you connect Printful or Printify, those providers may process data outside the EU under their own safeguards and agreements.
11. Children's Privacy
PodProfits is intended for business use by adults. We do not knowingly collect data from anyone under 18.
12. Changes to This Privacy Policy
We may update this Privacy Policy. Material changes will be communicated by email or in-app notice at least 14 days in advance.
13. Contact Us
For privacy questions or rights requests
- privacy@podprofits.app
Response time: 5 to 7 business days.
14. Required Disclaimers
As required by Etsy API Terms of Use
"The term 'Etsy' is a trademark of Etsy, Inc. This Application uses Etsy's API, but is not endorsed or certified by Etsy."
PodProfits is an independent application and is not endorsed by, directly affiliated with, or sponsored by Printful or Printify.
Data Deletion and Account Disconnection Flow
1. Overview
Because PodProfits is read-only, disconnecting your accounts does not affect your Etsy, Printful, or Printify data in any way. It only stops us from reading new data and starts deletion of the data we have stored.
2. Disconnecting a Single Platform
Flow
- User clicks "Disconnect Etsy" in PodProfits settings.
- PodProfits revokes the OAuth token and can no longer read Etsy data.
- Existing Etsy data is marked for deletion.
- Within 30 days, all Etsy-specific data is deleted.
- Other platforms, such as Printful and Printify, continue syncing normally.
User impact
Your profit calculations will no longer include Etsy orders after disconnection, and historical Etsy data will be removed.
3. Deleting Your Entire PodProfits Account
Flow
- User clicks "Delete Account" in Settings → Danger Zone.
- A confirmation modal explains that deletion cannot be undone.
- User confirms the deletion request.
- All OAuth tokens are revoked immediately.
- All user data is marked for deletion.
- Within 30 days, all data is permanently deleted from our systems.
- A confirmation email is sent to the registered address.
4. Revoking Access in Source Platforms
Users may also revoke access directly in the connected platforms.
- Etsy: Etsy.com → Account Settings → Connected Apps → Remove PodProfits
- Printful: Printful Dashboard → Settings → Connected Apps → Remove PodProfits
- Printify: Printify Dashboard → Settings → Connected Apps → Remove PodProfits
Revoking access at the source platform is stronger than disconnecting only in PodProfits. We recommend doing both.
5. Immediate Deletion Requests
Users may request faster deletion by emailing deleteme@podprofits.app from the registered account email address with the subject line "Immediate Deletion Request."
Our response process
- Acknowledge receipt within 48 hours.
- Complete deletion within 14 days.
- Send a confirmation email when deletion is complete.
6. Data That Cannot Be Deleted
Some limited categories may be retained
- Aggregated de-identified analytics, retained indefinitely to improve the product.
- Support ticket history, retained for 24 months.
- Billing records, if applicable, retained as required by law.
No personally identifiable information is retained in these categories.
7. User Confirmation Checklist
When a user deletes an account, we confirm:
- All OAuth tokens are revoked.
- All order data is deleted within 30 days.
- All profit calculations are deleted.
- All product mapping data is deleted.
- The user's email address is removed from active marketing lists.
- A confirmation email is sent.