Legal

Privacy Policy

Last updated: June 2026

Push Eagle ("we", "our", "us") provides web push notification software for Shopify merchants. This Privacy Policy explains what we collect, why we collect it, how long we keep it, and the choices you have when you install and use Push Eagle.

Who this policy applies to

This policy applies to merchants who install Push Eagle on a Shopify store and to the end customers whose devices may receive notifications after opting in on the merchant's storefront.

Information we collect

  • Merchant account data from Shopify, including store domain, store name, contact email, timezone, and granted app permissions.
  • Subscriber data collected on the storefront after consent, such as push notification tokens, browser type, locale, country, page activity, and campaign interaction events.
  • App usage data you create inside Push Eagle, including campaigns, automations, segments, delivery logs, and analytics summaries.
  • Shopify commerce data received through webhooks and APIs for attribution and automation triggers, such as order totals, product identifiers, checkout activity, inventory changes, and fulfillment status.

How we use information

We use collected data only to operate, secure, and improve Push Eagle, including to:

  • Deliver manual and automated web push notifications.
  • Measure impressions, clicks, conversions, and campaign performance.
  • Maintain billing, plan limits, and customer support.
  • Detect abuse, prevent fraud, and keep the service reliable.

We do not sell merchant or buyer personal data.

Legal bases and merchant responsibilities

Merchants are responsible for providing appropriate notice and obtaining valid consent before collecting push subscribers. Push Eagle supplies opt-in tools and settings, but each merchant must comply with applicable privacy, marketing, and consumer protection laws in the regions where they operate.

Data sharing and subprocessors

We use trusted infrastructure and service providers to host and deliver Push Eagle, including Shopify, Vercel, Neon, Cloudflare, Firebase/Google Cloud, and email/support tooling. These providers process data on our instructions and only as needed to provide the service.

Retention and deletion

We retain merchant and subscriber data while the app remains installed and as needed to provide the service. When a merchant uninstalls Push Eagle, we mark the store as uninstalled and stop processing new subscriber or order data. Shopify mandatory GDPR webhooks trigger customer redaction and shop data deletion according to Shopify's compliance requirements.

Security

We use industry-standard safeguards such as encrypted transport, access controls, scoped API permissions, and isolated merchant data storage. No method of transmission or storage is completely secure, but we work to protect data against unauthorized access, alteration, or disclosure.

International transfers

Push Eagle may process data in the United States and other countries where our infrastructure providers operate. We take steps designed to ensure an appropriate level of protection wherever data is processed.

Your rights and requests

Depending on your location, you may have rights to access, correct, delete, or restrict certain processing of personal data. Merchants can contact us using the details below. End-customer requests related to a specific Shopify store should generally be directed to that merchant, who may also receive Shopify GDPR redaction requests on the customer's behalf.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above. Material changes may also be communicated inside the app or by email where appropriate.

Contact us

Questions about privacy or data handling: support@push-eagle.com