ReturnLedger — Privacy Policy

Last updated: 2026-06-15

ReturnLedger ("we") is a read-only Shopify app that generates a monthly returns P&L for your store. This policy explains what we access and how we handle it.

What we access

With your permission (read-only scopes read_orders, read_returns, read_gift_cards), we read your store's orders, refunds, returns, and gift-card transactions solely to compute your returns report. We do not write to your store, and we do not access customer personal data beyond what is required to total figures.

What we store

We store your store domain and an encrypted access token (AES-256-GCM, encrypted at rest) so the app can run. We do not sell, share, or use your data for advertising. Report data is computed on demand and not retained beyond operational caches.

Data deletion

Uninstalling the app, or Shopify's shop/redact request, deletes your stored token and data. You may also request deletion at the contact below.

Subprocessors

We use a cloud host (Railway) to run the app and Shopify's APIs to read your data. We do not transfer your data to other third parties.

Contact

Questions or deletion requests: jay@lalalavaland.com.