Privacy Policy - Shopify Spy Toolkit

Privacy Policy — Shopify Spy Toolkit

Privacy Policy

Shopify Spy Toolkit (the “Extension”) — Last updated: May 1, 2026

This Privacy Policy describes how EZFYCODE (“we”, “us”) handles information when you use the Shopify Spy Toolkit browser extension. By using the Extension, you agree to this policy.

1. What the Extension does

The Extension helps you analyze Shopify storefront websites that you open in your browser. It reads publicly available page content and public JSON endpoints on those sites (for example store metadata and catalog endpoints the store itself exposes to visitors) to show theme, app, product, and related information inside the Extension popup.

2. Information processed

Website and store content. When you visit a compatible Shopify storefront and use the Extension, it may process data visible on or served by that site, including for example: theme identifiers, detected third-party apps or scripts, product or collection listings (where available), merchant contact or social links if present on the page, store descriptions, and similar non-secret storefront signals. We do not ask you for your Shopify admin password, and the Extension is not designed to access private merchant admin areas.

Locally stored data. To work offline from cache and to keep the popup responsive, the Extension stores data on your device using Chrome’s storage APIs and local database features (for example chrome.storage and IndexedDB). Stored data is generally tied to the store domain you inspected and to your UI preferences (such as selected tab or filters), not to advertising profiles across unrelated sites.

Optional waitlist. If you choose to join an email waitlist inside the Extension, you may submit an email address you provide. That submission is handled as described in the waitlist screen (for example sent to a merchant storefront or email provider we designate). We do not use waitlist emails for unrelated marketing unless we clearly disclose that and obtain appropriate consent where required.

3. Network requests and third parties

The Extension may make read-only network requests to:

  • The same storefront origins you are viewing (for example public JSON or assets required to detect theme and apps).
  • Hosted configuration or catalog files we use to enrich results (for example theme or app reference JSON). Those files are data, not executable “remote code” for the Extension.
  • Other services strictly needed for features you see (for example aggregate statistics, flag images for country display, or storefront APIs if you explicitly submit a form).

We do not sell your personal information. We do not use extension data to determine creditworthiness or for lending.

4. Permissions (why they exist)

  • storage: Save cached store snapshots and popup settings on your device.
  • activeTab / tabs / windows: Reliably detect and operate on the storefront tab you were using when opening the popup.
  • scripting: Run limited, packaged scripts in page context where needed to read storefront objects (for example theme information) as part of detection.
  • Host access: Attach to and read from many possible Shopify store domains (custom domains and myshopify.com) and fetch public resources required for the features above.

If a permission listed in the Chrome Web Store manifest is not used in a given build, we remove it when possible to keep access minimal.

5. Data retention and deletion

Cached data remains on your device until you remove it (for example by clearing extension data in Chrome, uninstalling the Extension, or using any in-product “reload / resync” flows that overwrite cache). We do not operate a central database of every page you visit solely for advertising retargeting through this Extension.

6. Children’s privacy

The Extension is not directed at children under 13 (or the age required in your jurisdiction). We do not knowingly collect personal information from children for the Extension.

7. Security

We design the Extension to minimize data collection and to keep processing local where practical. No security practice is perfect; use the Extension at your discretion on sensitive machines.

8. International users

If you use the Extension outside your home country, your information may be processed in the country where you use the device and, for any network-backed features, in countries where our service providers operate.

9. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date will change when we do. Continued use after changes means you accept the updated policy.

10. Contact

Questions about this policy or the Extension: contact@ezfycode.com

If any section conflicts with disclosures you submitted in the Chrome Web Store Developer Dashboard, update the Dashboard or this page so they match.