Privacy Policy

Failsafe Backup & Restore · Last updated: June 2026

This policy describes what data Failsafe Backup & Restore ("Failsafe", "we") collects when you install the app on your Shopify store, why we collect it, and how we handle it. It also covers this website (keepstonelabs.com). Failsafe is operated by Keepstone Labs. If anything here is unclear, write to support@keepstonelabs.com — a real person reads it.

The short version: we store your store's catalog data so we can back it up and restore it. We never collect or store your customers' personal data — our app doesn't even request access to it. We don't sell data, we don't run ads, and we don't use tracking cookies.

1. Data we collect, and why

Store and account information. When you install the app we store your shop's myshopify.com domain, the API credentials Shopify issues to the app (stored encrypted), and your plan status. We need these to operate the service.

Catalog backup data. This is the service itself: scheduled and on-demand snapshots of your products, variants, inventory levels, collections, and metafields (custom data). Snapshots are used exclusively to show you what changed and to restore your data when you ask us to.

Operational records. A history of backup and restore jobs for your store, and an audit log of the privacy-compliance requests we receive from Shopify (see section 5).

2. Data we do not collect

We do not collect, store, or process your customers' personal data: no names, email addresses, phone numbers, physical addresses, order contents, or payment information. The app does not request API access to customer or order data at all — the access simply isn't there to misuse.

3. Cookies and analytics

This website is static and sets no cookies and runs no analytics or trackers. Inside Shopify, the app authenticates using Shopify's session tokens; these are used for security, not tracking.

4. Where your data lives

Backup data is stored on servers in the European Union (hosted with Hetzner Online GmbH). Data travels encrypted over HTTPS/TLS, and the app's API credentials are encrypted at rest. The app requests the minimum API permissions needed to do its job (products and inventory).

5. Retention and deletion

Backups are kept for the retention window of your plan (currently 7 days on the Free plan); older snapshots are removed automatically.
When you uninstall the app, Shopify sends us a mandatory deletion request and we permanently delete your store's data, and keep a record that the deletion happened.
You can request earlier deletion at any time by writing to support@keepstonelabs.com.

6. Sharing

We do not sell or rent data, and we do not share it with third parties for marketing. The only parties that process data on our behalf are our infrastructure provider (Hetzner Online GmbH, EU), our email providers for support correspondence (Porkbun and Zoho Mail), and Shopify itself as the platform the app runs on.

7. Your rights

Depending on where you live (for example under the GDPR), you may have rights to access, correct, export, or delete data we hold about your store. Email us and we will act on legitimate requests promptly. We also honor all of Shopify's mandatory privacy webhooks, including store data deletion on uninstall.

8. Changes to this policy

If we change this policy, we'll update this page and the date at the top. If a change is significant, we'll say so plainly rather than bury it.

9. Contact

Keepstone Labs · support@keepstonelabs.com