Legal

Privacy Policy

How Nettry collects, uses, and protects your data.

Last updated: April 2026

Controller. Nettry is operated by StartUpUniverse Limited, a company registered in Hong Kong SAR. Contact us any time at support@nettry.tech.

1. Overview

Nettry is a Shopify-embedded profit tracking application. We help merchants understand their real profit by combining Shopify order data with ad spend from third-party platforms. This policy explains exactly which data we touch, what we keep, and how long we keep it.

2. Data We Collect

Shopify store data

When you install Nettry, Shopify grants us scoped, read-only access to:

Orders: line items, totals, taxes, discounts, refunds, financial status, fulfillment status.
Products and inventory: titles, SKUs, variant prices, inventory levels.
Customers: only the name and email attached to an order, used solely to attribute orders and refunds. We do not export, message, or market to your customers.
Shopify Payments payouts: payout amounts, fees, and currency conversion lines, used to reconcile your real payment processing fees.

Ad spend from connected platforms

If you connect Meta Ads, Google Ads, or TikTok Ads, we request the minimum read-only scope to pull daily cost data per campaign or ad set. We do not read your creatives, audiences, pixel events, or conversion data. We do not modify any ad account.

Account and payment metadata

Billing is handled by Shopify. We receive a charge status and plan identifier from Shopify Billing. We never see or store your credit card, bank account, or any payment credentials.

3. Data We Do Not Collect

No credit cards or bank details.
No passwords. Authentication runs entirely through Shopify session tokens.
No end-customer payment data beyond what is needed to reconcile payout fees.
No browsing or behavioral tracking, no analytics pixels, no session replay.

4. How We Use Your Data

We use your data for one purpose: to calculate and display your profit inside the Nettry app. Specifically:

Matching orders to ad spend and processing fees to compute net profit.
Rendering dashboards, charts, and exports within the app.
Diagnosing technical issues, when you contact support, using minimal logs.

We never use your data to train machine learning models, build aggregate datasets for sale, or benchmark you against other merchants in a way that identifies your store.

5. Where Your Data Lives

Data is stored in Supabase (PostgreSQL), hosted in the European Union. Access is restricted to the Nettry production service role. Transport is TLS-encrypted end to end. Backups follow Supabase standard retention and are stored in the same region.

6. Third-Party Sharing

We do not sell your data. We do not share it with advertisers, data brokers, or analytics vendors. The only third parties that process your data on our behalf are the subprocessors strictly required to run the service:

Supabase: primary database and authentication infrastructure.
Railway: application hosting.
Shopify, Meta, Google, TikTok: the upstream platforms you connect to Nettry. They remain the source of truth for their own data.

7. Data Retention and Deletion

When you uninstall Nettry, Shopify fires a GDPR compliance webhook. We react within 48 hours by deleting all store data, access tokens, and connected-platform credentials associated with your shop domain.

You can also request deletion at any time by emailing support@nettry.tech from the email on file. We process such requests within 48 hours.

8. Cookies

Nettry uses a single session cookie to keep you authenticated inside the embedded app. We do not set tracking cookies, advertising cookies, or analytics cookies. The public landing page at nettry.tech sets no cookies at all.

9. Your Rights Under GDPR

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction that grants equivalent rights, you have the right to:

Access the personal data we hold about you.
Request correction of inaccurate data.
Request deletion of your data.
Request a portable export of your data.
Object to or restrict certain processing.
Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact support@nettry.tech.

10. Security

Access tokens are stored encrypted at rest. Every request to our API is authenticated with a Shopify-signed session token. Administrative endpoints require a rotated secret. We follow the principle of least privilege for every upstream API scope we request.

11. Children

Nettry is a business tool and is not directed to children under 16. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this policy as the product evolves or as regulations change. Material changes will be surfaced inside the app. The "Last updated" date at the top of this page always reflects the current version.

13. Contact

Questions, requests, or complaints about privacy can be sent to support@nettry.tech. We aim to respond within two business days.

← Back to home