kijun logokijun

Legal

Privacy Policy — Kijun — Supplier Performance Scorecard

Kijun ("we", "us", "our") operates the Shopify application Kijun — Supplier Performance Scorecard (the "App"). This policy explains what data the App collects, why we collect it, how long we keep it, and the rights you have under GDPR, CCPA, and PDPA.

Operator: This App is operated as a sole-proprietor business based in Thailand. Hosting and data storage are located in the European Union (Germany).

1. Data we collect

  • Shop information: shop domain, Shopify shop ID, shop name, plan, locale, and the shop-owner email — provided by Shopify when the App is installed.
  • OAuth session tokens: stored encrypted in our PostgreSQL database so the App can call the Shopify Admin API on behalf of the authenticated admin user.
  • Vendor records that the merchant creates or imports: vendor name, optional contact email/phone/website, payment terms, lead time, currency, address, notes. This is supplier data that the merchant chooses to enter — not their own customers.
  • Purchase-order records entered by the merchant: PO number, dates, line items (product name, SKU, quantities, unit cost, defect counts), totals, and status.
  • Computed scorecard metrics: on-time delivery rate, defect rate, lead time, price stability, completion rate, and an overall 0–100 score per vendor per period. These are derived from the PO data above.
  • Operational metadata: webhook delivery IDs, timestamps, and error logs needed to operate and debug the App. Logs are scrubbed of PII before being written.

Data we do NOT collect: the App does not read, store, or process your shoppers' personal information. We do not collect customer names, customer emails, customer addresses, payment data, order history, or any protected customer data. The App's access scopes are intentionally minimal for this reason — see our Protected Customer Data audit in the app repository for detail.

2. How we use data

  • To provide the Scorecard, Vendor, and Purchase-Order features.
  • To compute and display vendor performance metrics.
  • To respond to merchant support requests sent to our contact email.
  • To detect and prevent fraud, abuse, and security incidents.
  • To comply with legal obligations (tax, audit, Shopify Partner Program rules).

We do not use your data for advertising, and we do not train machine-learning models on your data.

3. Data sharing

We do not sell, rent, or trade your data. Data is shared only with the infrastructure providers strictly necessary to operate the App:

  • Hetzner Online GmbH (Germany): hosting and encrypted database storage.
  • Shopify Inc.: the merchant's own Shopify store is the origin of shop data; Shopify receives the webhook acknowledgments we send back in response to privacy compliance webhooks.

These providers are bound by data-processing agreements appropriate to their role.

4. Data retention

Shop, vendor, purchase-order, and scorecard data are retained for as long as the App remains installed on your store. When the App is uninstalled, Shopify delivers the app/uninstalled webhook immediately and the mandatory shop/redact webhook approximately 48 hours later.

  • On app/uninstalled: the shop is marked inactive and access is revoked within minutes.
  • On shop/redact: all vendor records, purchase orders, line items, scorecard snapshots, vendor-product mappings, and session tokens belonging to that shop are deleted from our database.
  • Backup volumes are rotated within 30 days; deleted data therefore disappears from backups within that window.

We process customers/data_request and customers/redact webhooks for GDPR compliance even though we store no customer PII — our handler acknowledges Shopify, records a non-PII audit line, and returns. See section 8.

5. Your rights (GDPR / CCPA / PDPA)

  • Right to access the data we hold about you or your shop.
  • Right to correct or delete that data.
  • Right to object to processing or request data portability.
  • Right to lodge a complaint with your national supervisory authority.

To exercise any of these rights, contact us at support@kijun.app. We respond to verified requests within 30 days. Merchants can also trigger immediate deletion by uninstalling the App.

6. Security

  • All traffic is transmitted over TLS 1.2+.
  • Data is stored on encrypted volumes.
  • OAuth session tokens are stored encrypted at rest.
  • Access to production infrastructure is restricted to the solo operator on an individually-keyed workstation; SSH is public-key only, password auth disabled.
  • Every database query is enforced to be shop-scoped by a Prisma-level tenant guard, making cross-tenant leakage technically impossible.
  • Incoming Shopify webhooks are HMAC-verified with constant-time comparison before any side effect.

7. Uninstall and deletion

When you uninstall the App from your Shopify admin, we immediately stop processing your shop and then delete your shop's records when Shopify delivers shop/redact (typically ~48 hours after uninstall). No manual action is needed on your side.

8. GDPR mandatory webhooks

As required by Shopify's Protected Customer Data rules, the App implements the three mandatory compliance topics:

  • customers/data_request — Since the App stores no customer PII, the handler logs receipt (without payload contents) and acknowledges with HTTP 200. There is no customer data to export.
  • customers/redact — The App stores no customer PII. The handler logs receipt and acknowledges; no records need deletion.
  • shop/redact — Deletes all vendor, purchase-order, line-item, scorecard, vendor-product, and session records for the shop, including any settings JSON.

9. Third-party services and sub-processors

  • Shopify Inc. — origin of all shop and identity data (data controller in the merchant relationship).
  • Hetzner Online GmbH — hosting provider (data processor).

The App does not integrate with any advertising networks, analytics trackers, or third-party SaaS platforms beyond the above.

10. Children

The App is a B2B merchant tool. It is not directed at children and does not knowingly process personal information of individuals under 16.

11. International transfers

The App is operated from Thailand. Data is stored and processed in the European Union (Germany) by Hetzner Online GmbH. Data transfers between Thailand (operator) and the EU (processor) are conducted under standard contractual clauses or equivalent safeguards. If you access the App from outside the EU, your data may be transferred to and processed in the EU under appropriate safeguards.

12. Changes to this policy

We may update this policy from time to time. The "Last updated" date below will change when we do. Material changes will be announced via the App's listing page on the Shopify App Store.

13. Contact

Kijun
Email: support@kijun.app
Response target: 48 business hours.

See also our Terms of Service.

Last updated: 2026-04-21