Payout Close Privacy Policy

Effective date: March 28, 2026
Last updated: March 28, 2026

This Privacy Policy explains how Erythreia (“Payout Close”, “we”, “us”, or “our”) processes personal data when merchants install or use the Payout Close Shopify app.

Payout Close is a Shopify app designed to reconcile Shopify Payments payouts and generate merchant-downloadable payout close outputs such as summary files, payout rollups, and pending-transaction reports.

1. Scope

This Privacy Policy applies to personal data processed through the Payout Close app, including personal data relating to merchants, merchant staff, merchant customers, prospective customers, and visitors where such data is made available to Payout Close through Shopify APIs, app sessions, mandatory compliance webhooks, merchant support interactions, or app usage.

2. Personal data we process

2.1 Data received from Shopify APIs

Depending on the merchant’s installation and the app’s functionality, we may process the following categories of data from Shopify:

• shop identifiers and shop domain
• order identifiers, order references, and order timestamps
• order financial data, including subtotal, shipping, discounts, tax, refunds, transactions, and totals
• refund identifiers, transaction identifiers, transaction types, statuses, timestamps, amounts, fees, and net values
• Shopify Payments payout identifiers, payout statuses, transaction types, issue dates, summary values, amounts, fees, and net values
• links between payouts, balance transactions, refunds, transactions, and orders
• webhook payloads required for app operation or legal compliance, including app lifecycle events and Shopify mandatory compliance webhooks
• app session records needed to authenticate merchants and operate the app securely

2.2 Data we receive directly from merchants

We may process information that merchants or merchant staff choose to provide directly to us, including:

• support requests and related correspondence
• configuration inputs or operational notes entered into the app
• business contact details voluntarily provided for support or compliance purposes

2.3 Data we collect directly from merchant customers

Payout Close is designed not to collect personal data directly from merchant customers through forms, tracking pixels, cookies, or similar direct collection mechanisms.

2.4 Data we intentionally do not request

Payout Close is designed to operate without requesting or relying on the following protected customer fields:

• customer name
• customer email address
• customer phone number
• shipping or billing address

If this design changes in the future, this Privacy Policy will be updated before those fields are used in production.

3. Why we process personal data

We process personal data only for the following purposes:

• authenticating merchants and maintaining app sessions
• retrieving and reconciling Shopify Payments payout data
• generating merchant-downloadable payout close outputs such as summary.json, payout-rollup.csv, and pending-transactions.csv
• identifying payout-linked and not-yet-linked transactions
• supporting merchants when they request troubleshooting or operational assistance
• maintaining app security, integrity, logging, and abuse prevention
• complying with contractual, regulatory, and legal obligations, including Shopify mandatory compliance webhook obligations

We do not process personal data for unrelated advertising, data brokerage, or cross-merchant profiling.

4. Data minimization

Payout Close is designed to process the minimum personal data required to deliver its core functionality to merchants.

In particular, Payout Close focuses on payout, refund, transaction, and order-linked financial reconciliation data and intentionally excludes direct customer identity fields unless and until those fields become strictly necessary for a clearly disclosed feature.

5. How we disclose personal data

We may disclose personal data only in the following limited situations:

• to infrastructure, hosting, database, logging, monitoring, or support providers that help us operate Payout Close and are bound by confidentiality and data protection obligations
• to comply with applicable law, regulation, legal process, or enforceable governmental request
• to protect the rights, security, integrity, or operation of Payout Close, merchants, customers, or Shopify
• in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, subject to appropriate confidentiality and data protection safeguards

We do not sell personal data and do not disclose personal data for third-party advertising networks or unrelated marketing purposes.

6. Retention

We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy.

Our standard retention approach is:

• app session records: retained while needed to operate the app and for a limited period after uninstall or inactivity
• generated payout outputs: generated on demand and not persistently stored by default after delivery, except where temporary storage is operationally necessary
• temporary diagnostic captures: if a merchant-authorized support or debugging capture is created, it is retained only for the period reasonably required to investigate or validate the issue, and then deleted or sanitized
• support correspondence: retained for a limited period as reasonably necessary to resolve issues, document support history, and comply with legal obligations
• compliance and legal records: retained for as long as reasonably necessary to document compliance, defend legal claims, or meet legal obligations

When personal data is no longer required, we delete, anonymize, or sanitize it.

7. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal data against unauthorized access, disclosure, alteration, and destruction.

These safeguards include:

• encryption in transit
• encryption at rest for production systems used to store personal data
• least-privilege access controls
• access restriction to authorized personnel only
• separation of development and production handling where applicable
• logging and monitoring designed to detect unauthorized access or misuse

No method of transmission or storage is perfectly secure, but we work to reduce risk and to handle data responsibly.

8. International processing

Our service providers and technical infrastructure may process data in countries other than the merchant’s country. Where this occurs, we use appropriate contractual, operational, and security safeguards suitable to the nature of the data and processing.

9. Merchant choices and rights

Merchants can stop further app processing by uninstalling Payout Close from their Shopify store.

Where applicable, we support Shopify’s mandatory compliance webhooks and related legal/privacy workflows, including customer data access and deletion requests routed through Shopify.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we make a material change, we will update the “Last updated” date above and, where appropriate, provide additional notice.

11. Contact

If you have questions about this Privacy Policy or Payout Close’s data handling, contact:

Erythreia
erythreia@proton.me
mailto:erythreia@proton.me