Privacy Policy

Last Updated: March 2026

This Privacy Policy describes how LeanNoku ("we", "us", or "our") collects, uses, and shares information when you install or use the LeanNoku application ("App") or visit our website at leannoku.com.

What Data We Collect

Store Data

When you install the App, we access and store:

• Order information (order totals, line items, financial status, fulfillment status)
• Product information (titles, prices, variants, inventory levels, tags)
• Customer information (names, email addresses, order counts, total spent)
• Store settings required for the App to function

Ad Platform Data

If you connect advertising integrations (Meta Ads, Google Ads), we access:

• Ad spend data (campaign-level and ad-set-level spend, impressions, clicks)
• Conversion and ROAS metrics as reported by each platform

Usage Data

We collect anonymized usage data to improve the App:

• API request logs (endpoint, timestamp — no request bodies)
• Feature usage statistics
• Error logs

How We Use Data

We use the collected data to:

• Provide store analytics, daily metrics, and intelligence reports
• Deliver daily Slack reports and email digests
• Power the REST API for your store's data
• Detect events and anomalies (low stock alerts, high-value orders, refunds)
• Compute blended ROAS, CAC, and other cross-channel metrics
• Improve and maintain the App

Data Storage and Security

• All data is encrypted in transit (HTTPS/TLS)
• All data is encrypted at rest
• We use secure cloud infrastructure (Railway)
• API keys are stored as SHA-256 hashes — we never store plaintext keys
• Access to data is limited to essential personnel only

Data Retention

• Store, order, product, and customer data: Retained while the App is installed
• Daily metrics and events: Retained for 24 months
• Usage analytics: Retained for 12 months
• Error logs: Retained for 90 days

When you uninstall the App, we delete your data within 30 days.

Data Sharing

We do not sell, rent, or share your data with third parties for marketing purposes.

We may share data with:

• Service providers who help us operate the App (hosting, error tracking)
• Legal authorities if required by law

All service providers are bound by data protection agreements.

Third-Party Integrations

When you connect third-party services (Meta Ads, Google Ads), we access data from those platforms using OAuth tokens you authorize. We only request the minimum permissions required. You can disconnect integrations at any time, and we will stop accessing data from those platforms.

Your Rights

You have the right to:

• Access the data we hold about your store
• Request correction of inaccurate data
• Request deletion of your data
• Export your data via our API
• Disconnect third-party integrations at any time

To exercise these rights, contact us at martynas@marchn.co.

Shopify Data Protection

As a Shopify app, we comply with Shopify's data protection requirements:

• We process only the minimum data required
• We respond to mandatory GDPR webhooks (customer data requests, customer redaction, shop redaction)
• We respect customer consent decisions
• We encrypt all data at rest and in transit

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last Updated" date.

Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

LeanNoku
Email: martynas@marchn.co
Website: leannoku.com