Privacy Policy

StoreSonar scans publicly available pages and assets of e-commerce sites to identify technologies and Shopify apps. We do not request or collect store admin credentials.

When you use the scan feature, we process the URL you submit and the resulting public responses (e.g., HTML, JS, CSS, headers) to generate a detection result for you.

If you contact us, we collect the information you provide (e.g., name, email, message). We also collect limited technical data to keep the service secure and reliable.

• •Submitted content: store URL(s) you enter for scanning
• •Derived results: detected apps/theme from public site assets
• •Technical logs: IP address, user-agent, timestamps, request metadata
• •Preferences: language selection and UI settings (localStorage/cookies)

We use submitted URLs to fetch publicly available pages and compute detection results for your view. We may temporarily cache results to improve performance.

Contact information is used solely to respond to your inquiries and provide support.

Technical logs and optional analytics help prevent abuse (e.g., rate limiting), improve reliability, and understand feature usage.

• •Provide and improve the scan and blog experience
• •Detect, prevent, and respond to abuse or technical issues
• •Communicate service notices and respond to support requests
• •Comply with legal obligations and enforce our Terms

The scanner analyzes public pages and assets only. It does not bypass authentication, access private admin areas, or perform intrusive actions.

Results reflect what is discoverable from publicly available resources at scan time and may be incomplete.

If there is any inconsistency between translations of this Privacy Policy and the English version, the English version will prevail.

We use essential cookies or local storage for core functionality (e.g., language preference).

We may use privacy-preserving analytics to understand usage in aggregate. No advertising cookies are used.

• •Essential: session and preference storage (e.g., language, UI state)
• •Analytics (optional): aggregated event counts and performance data

Scan inputs and derived results may be cached for a short period to improve performance and reduce load; caches are periodically purged.

Contact form messages are retained for up to 12 months for support history, unless you request earlier deletion.

Server logs (IP, user-agent, timestamp) are retained up to 30 days for security and abuse prevention unless longer retention is required by law.

We do not sell personal information. We share data with service providers who help us operate the website (e.g., hosting, analytics, email), bound by confidentiality and data processing terms.

We may disclose information if required by law or to protect our rights, users, or the public.

Depending on your location and our infrastructure/providers, your information may be processed in countries other than your own. We take steps to ensure appropriate safeguards for such transfers.

Subject to local law, you may have rights to access, correct, delete, or restrict certain processing of your personal information.

You can control cookie preferences in your browser. To make a data request, contact us using the email below.

• •Access and receive a copy of your data
• •Request correction or deletion
• •Object to or restrict certain processing
• •Withdraw consent where applicable

Questions or requests about this policy can be sent to support@efundflow.com. We will respond within a reasonable timeframe.

If we make material changes to this policy, we will update the "Last updated" date and may provide additional notice.