PRIVACY
operational
legal

PRIVACY_POLICY

Privacy policy and data deletion / disconnection flow.

Privacy Policy Effective Date: [Date] Last Updated: [Date]

1. Overview

PodProfits ("we", "us", "our") is a profit monitoring and order management application for Etsy sellers using print-on-demand services such as Printful and Printify. PodProfits is read-only. We do not modify, create, or delete anything in your Etsy, Printful, or Printify accounts. We only read data and present insights about your business.

2. What Data We Collect and Where It Comes From

We collect data only from the accounts you choose to connect.

Sources and data categories

  • Etsy: shop information, listings, orders, transactions, shipping details, and payout data.
  • Printful: order status, fulfillment costs, product details, and shipping charges.
  • Printify: order status, fulfillment costs, product details, and shipping charges.

We do not collect

  • Passwords for Etsy, Printful, or Printify.
  • Customer payment information.
  • Data from any source other than the connected platforms you authorize.

3. How We Use Your Data

We use your data only to

  • Calculate profit margins on your POD orders.
  • Show order status across platforms in one place.
  • Provide analytics and insights about your business.
  • Identify profitable products and listings.

We do not

  • Send data back to Etsy, Printful, or Printify beyond OAuth authentication.
  • Modify, create, or delete anything in your connected accounts.
  • Use your data for advertising or unrelated purposes.
  • Sell your data.

4. Legal Basis for Processing

Under GDPR, our legal basis is contract performance under Article 6(1)(b). We process your data so we can provide the service you requested.

5. How We Share Your Data

We share your data only when necessary to provide PodProfits.

  • Cloudflare (D1 + Workers): hosting and database infrastructure.
  • You, the seller: dashboard analytics and order data display.

We do not share your data with advertisers, marketers, or data brokers.

6. Data Retention

We retain data as follows

  • Order and transaction data: while your account is active, plus 30 days after disconnection.
  • Logs and error records: 30 days.
  • Aggregated and de-identified analytics: may be retained indefinitely.

Upon account deletion, personally identifiable data is deleted within 30 days.

7. Data Deletion and Disconnection

When you disconnect a platform, we stop reading new data from that platform and delete the platform-specific data within 30 days. Other connected platforms continue to sync.

When you delete your PodProfits account, all platform data is deleted within 30 days, OAuth tokens are revoked, and you receive a confirmation email after deletion is complete.

Immediate deletion requests may be sent by email with the subject line "Delete My PodProfits Data."

8. Data Security

We use

  • Encryption in transit (TLS).
  • Encryption at rest (Cloudflare D1).
  • Read-only API tokens.
  • Regular security reviews.

9. Your Rights

Depending on your location, you may have the right to:

  • Access your data.
  • Correct inaccurate data.
  • Delete your data.
  • Restrict processing.
  • Request data portability.
  • Object to processing.

We generally respond to privacy requests within 30 days, or faster where required by law.

10. International Data Transfers

Your data may be processed using Cloudflare's global network. For EU users, we use Cloudflare D1 databases restricted to the EU jurisdiction where required, and rely on Cloudflare's Standard Contractual Clauses where applicable.

When you connect Printful or Printify, those providers may process data outside the EU under their own safeguards and agreements.

11. Children's Privacy

PodProfits is intended for business use by adults. We do not knowingly collect data from anyone under 18.

12. Changes to This Privacy Policy

We may update this Privacy Policy. Material changes will be communicated by email or in-app notice at least 14 days in advance.

13. Contact Us

For privacy questions or rights requests

  • privacy@podprofits.app

Response time: 5 to 7 business days.

14. Required Disclaimers

As required by Etsy API Terms of Use

"The term 'Etsy' is a trademark of Etsy, Inc. This Application uses Etsy's API, but is not endorsed or certified by Etsy."

PodProfits is an independent application and is not endorsed by, directly affiliated with, or sponsored by Printful or Printify.

Data Deletion and Account Disconnection Flow

1. Overview

Because PodProfits is read-only, disconnecting your accounts does not affect your Etsy, Printful, or Printify data in any way. It only stops us from reading new data and starts deletion of the data we have stored.

2. Disconnecting a Single Platform

Flow

  • User clicks "Disconnect Etsy" in PodProfits settings.
  • PodProfits revokes the OAuth token and can no longer read Etsy data.
  • Existing Etsy data is marked for deletion.
  • Within 30 days, all Etsy-specific data is deleted.
  • Other platforms, such as Printful and Printify, continue syncing normally.

User impact

Your profit calculations will no longer include Etsy orders after disconnection, and historical Etsy data will be removed.

3. Deleting Your Entire PodProfits Account

Flow

  • User clicks "Delete Account" in Settings → Danger Zone.
  • A confirmation modal explains that deletion cannot be undone.
  • User confirms the deletion request.
  • All OAuth tokens are revoked immediately.
  • All user data is marked for deletion.
  • Within 30 days, all data is permanently deleted from our systems.
  • A confirmation email is sent to the registered address.

4. Revoking Access in Source Platforms

Users may also revoke access directly in the connected platforms.

  • Etsy: Etsy.com → Account Settings → Connected Apps → Remove PodProfits
  • Printful: Printful Dashboard → Settings → Connected Apps → Remove PodProfits
  • Printify: Printify Dashboard → Settings → Connected Apps → Remove PodProfits

Revoking access at the source platform is stronger than disconnecting only in PodProfits. We recommend doing both.

5. Immediate Deletion Requests

Users may request faster deletion by emailing deleteme@podprofits.app from the registered account email address with the subject line "Immediate Deletion Request."

Our response process

  • Acknowledge receipt within 48 hours.
  • Complete deletion within 14 days.
  • Send a confirmation email when deletion is complete.

6. Data That Cannot Be Deleted

Some limited categories may be retained

  • Aggregated de-identified analytics, retained indefinitely to improve the product.
  • Support ticket history, retained for 24 months.
  • Billing records, if applicable, retained as required by law.

No personally identifiable information is retained in these categories.

7. User Confirmation Checklist

When a user deletes an account, we confirm:

  • All OAuth tokens are revoked.
  • All order data is deleted within 30 days.
  • All profit calculations are deleted.
  • All product mapping data is deleted.
  • The user's email address is removed from active marketing lists.
  • A confirmation email is sent.