Privacy Policy for Shopify Sync Theme Chrome Extension
Privacy Policy — Shopify Theme Sync
Last updated: April 20th, 2026
This Privacy Policy describes how EZFYCODE (“we”, “us”) handles information when you use the Shopify Theme Sync browser extension (the “Extension”) and related services we operate.
By installing or using the Extension, you agree to this policy. If you do not agree, do not use the Extension.
1. What the Extension does
The Extension helps merchants sync theme code between the Shopify admin (theme code editor) and a folder on their own computer. It runs in supported contexts (primarily Shopify admin pages you open) and uses permissions you grant in the browser (such as folder access and optional sign-in).
2. Information we process
2.1 Stored on your device (Chrome)
The Extension uses Chrome local storage and related browser APIs to store items such as:
- Sync settings (for example, whether sync is on, path preferences, onboarding state).
- Identifiers for the active Shopify shop/theme you are working with, and sync status (for example, watching, cloning, errors).
- File change history metadata the Extension shows in its UI.
- Guest sync credit counters used to limit unpaid usage.
- A stable random visitor identifier used only to associate guest credit usage with a device/browser installation (not your name or email unless you sign in).
- If you use optional sign-in, authentication session data for your account may be cached locally so you stay signed in.
We do not use the Extension to read your general browsing history across the web.
2.2 Theme and store content
To provide syncing, the Extension processes theme file contents and paths (for example Liquid, CSS, JSON) for your Shopify store themes, and writes them to the folder you choose. That processing is done to perform the sync you requested.
2.3 Optional account sign-in (Google / Supabase)
If you choose Sign in with Google (or similar), we use industry-standard OAuth. We may receive and store on our systems:
- Account identifiers (for example, user id).
- Email address (and, if provided by the identity provider, name or profile image URL) associated with your account.
We use this to provide account, subscription, or license-related features and support. Authentication is implemented using Supabase and Google as described in Section 4.
2.4 Payments
If you purchase a paid plan, payment details are collected by our payment processor (for example Stripe), not by us directly in the Extension. We may receive limited information needed to confirm your purchase or subscription status (for example, customer reference, plan type, payment outcome), subject to Stripe’s policies.
2.5 Technical and security data
Like most online services, our servers and providers may process technical data such as IP address, device/browser type, timestamps, and diagnostic logs when you use authenticated features or our websites. We use this to operate, secure, and improve the service and to prevent abuse.
3. How we use information
We use the information above to:
- Provide and maintain theme sync between Shopify and your computer.
- Show status, errors, and history in the Extension.
- Operate guest credits and optional paid plans.
- Authenticate optional accounts and manage subscriptions.
- Secure the service, troubleshoot issues, and comply with law.
We do not sell your personal information. We do not use your data for unrelated advertising profiling through this Extension.
4. Service providers (subprocessors)
We rely on vendors that process data on our behalf, including:
| Provider | Role |
|---|---|
| Supabase | Authentication, database, and related APIs for accounts and guest credit features. |
| Identity provider when you choose Google sign-in. | |
| Stripe | Payment processing for purchases you initiate. |
| Shopify | You interact with Shopify’s services directly; the Extension operates in the Shopify admin context you open. |
Their use of data is governed by their respective terms and privacy policies.
5. Legal bases (EEA/UK users)
Where GDPR/UK GDPR applies, we rely on:
- Performance of a contract / steps at your request — providing sync and features you activate.
- Legitimate interests — securing the service, preventing abuse, improving reliability (balanced against your rights).
- Consent — where required (for example, optional marketing on a website, if applicable).
6. Retention
- Device-side data remains until you remove the Extension, clear extension data, or we clear it through an update as needed.
- Account and billing records are retained as long as needed to provide the service, meet legal/tax obligations, and resolve disputes.
7. Security
We use reasonable technical and organizational measures to protect information. No method of transmission or storage is 100% secure.
8. Your choices and rights
Depending on where you live, you may have rights to access, correct, delete, export, or restrict certain personal data, or to object to certain processing. You may also have the right to lodge a complaint with a supervisory authority.
To exercise rights, contact us at contact@ezfycode.com with enough detail for us to verify and respond.
9. Children
The Extension is not directed to children under 16 (or the age required in your jurisdiction). We do not knowingly collect personal information from children.
10. International transfers
If you are outside the country where our servers or providers are located, your information may be transferred internationally. Where required, we use appropriate safeguards (such as standard contractual clauses).
11. Changes
We may update this policy from time to time. We will post the updated version and revise the “Last updated” date. Material changes may be communicated through the Extension, our website, or email where appropriate.
12. Contact
contact@ezfycode.com