← All privacy policies

Privacy Policy — Store Locator

Last updated: June 24, 2026

Merchentia (“we”, “us”) operates the Merchentia: Store Locator Shopify app (the “App”). This policy explains what data the App accesses, stores, and shares.

Summary

The App displays a map and list of your stores, dealers, or stockists so shoppers can find a location near them. It stores the location data you provide (business information such as store names, addresses, and hours) and limited, non-identifying search analytics from the storefront locator. It requests no Admin API permissions, never accesses your customers or orders, and stores no shopper personal data. It does not process payments.

What the App stores

• Shop session credentials — an access token and basic shop identifiers (your *.myshopify.com domain), used to authenticate the App and operate the embedded admin.
• Your location data — the stores/dealers you add or import: names, addresses, geographic coordinates, phone numbers, emails, websites, opening hours, descriptions, tags/services, and any images or links you provide. This is your business information, which you choose to publish on your storefront.
• Storefront search analytics — to power the in-app analytics, the App records what was searched on your locator (e.g. a typed city or postcode, and the approximate coordinates a search resolved to), the number of results, and which locations were viewed or clicked. This data is aggregated and not linked to a shopper’s identity — we do not store shopper names, emails, accounts, or persistent tracking identifiers.
• We store no shopper personal data, no payment details, no order information, and no Shopify customer accounts.

Geocoding sub-processor

To place pins on the map, store addresses must be converted to coordinates (“geocoding”). When you add or import locations — and when a shopper searches for a place name or postcode — the relevant address or search text is sent to our geocoding sub-processor, Geoapify, which returns coordinates. Results are cached so the same address or query is not looked up repeatedly. The geocoding key is held on our servers and is never exposed in your storefront.

Map tiles

The map imagery (“tiles”) is served by OpenFreeMap, a free, open map-tile service, and is built from OpenStreetMap data (shown as on-map attribution). The App uses no map API key. When the map loads, the shopper’s browser requests tiles directly from OpenFreeMap, which receives the shopper’s IP address as part of that request, under OpenFreeMap’s own terms; no other shopper data is sent to it.

Shopper location (“find stores near me”)

If a shopper taps “use my location”, their browser asks them for permission and, if granted, provides their approximate position to find nearby stores. This is used only to sort and show the closest locations. We do not store a shopper’s device location as an identifier; only the non-identifying search analytics described above are retained.

What the App does not do

• It uses no Admin API scopes and cannot read your customers, orders, or products. (A future, opt-in “in-stock at this store” feature would request read_products only with your consent.)
• It does not process payments. Subscription billing is handled entirely by Shopify Billing; we never see card or payment details.
• It does not collect shopper personal data, build shopper profiles, or sell data.

Data sharing

We do not sell or rent your data. We share data only with the service providers needed to run the App: Shopify (installation, authentication, billing), our hosting and database providers (Render and Neon, which run the App and store your location data), our geocoding sub-processor (Geoapify), and the map-tile provider (OpenFreeMap, which serves map imagery to shoppers’ browsers).

GDPR / data requests

The App implements Shopify’s mandatory compliance webhooks:

• customers/data_request — the App stores no shopper personal data, so there is nothing to provide; the request is acknowledged.
• customers/redact — there is no shopper personal data to delete; the request is acknowledged.
• shop/redact — deletes all of your shop’s stored data (locations, settings, search analytics, and the session record), sent ~48 hours after uninstall.

Uninstalling the App revokes its access immediately; your stored data is deleted on shop/redact.

Data retention & security

Your location data, settings, and analytics are retained only while the App is installed and are deleted on uninstall (via shop/redact). Data is stored by our infrastructure providers using industry-standard security and access controls.

Contact

Questions about this policy or your data: ask@merchentia.com.