Privacy Policy
Last updated: July 9, 2026 · Version 1.0
This policy applies to LiveProfit, operated by Luxi Horizon SNC — Rue Paul-Bouvier 9, 2000 Neuchâtel, Switzerland — UID CHE-339.578.990. Contact: support@liveprofit.io.
1. Who we are
LiveProfit is a Shopify app that shows dropshipping merchants their real net profit by pulling order, product, and ad-spend data from the platforms they connect. The service is operated by Luxi Horizon SNC, a Swiss company registered at Rue Paul-Bouvier 9, 2000 Neuchâtel, Switzerland (UID CHE-339.578.990). We are the data controller for merchant data and the data processor for the shop's business data on behalf of the merchant. Contact: support@liveprofit.io.
2. Data we process
We only process what is strictly necessary to compute and display your net profit and to support you. Concretely:
Data from your Shopify store
- Order data via the Shopify Admin API: totals, subtotals, taxes, refunds, discounts, currency, timestamps, order status, financial status, line-item quantities.
- Product data: title, variant, SKU, unit cost (the cost you enter), price.
- Shop metadata: shop domain, plan, timezone, currency, contact email of the shop owner (from Shopify's install context).
- Fulfillment and shipping totals when available (for margin accuracy).
We do not collect buyer PII (buyer names, addresses, phone numbers). LiveProfit is a merchant-side analytics tool.
Data from advertising platforms you connect
When you connect Meta Ads, TikTok Ads, or Google Ads, we receive — read-only — daily ad spend and campaign metadata (campaign IDs, names, spend, currency). We do not read your creatives, audiences, or account settings. The Meta scopes we request are ads_read and read_insights; the Google Ads scope is https://www.googleapis.com/auth/adwords; TikTok scopes are the equivalent read-only reporting scopes.
Data you provide
- Merchant email and account information (name, role) when you sign up or contact support.
- Support chat messages. If you use the in-app AI chat, the message you send is transmitted to OpenAI for processing (see Sub-processors).
Technical data
- Server logs (IP address, timestamp, request path, response status) retained for a rolling 30-day window for security and debugging.
- Application errors captured via Sentry (stack traces, request context; PII stripped at capture where possible).
OAuth tokens
Access tokens and refresh tokens for Shopify, Meta, TikTok, and Google are encrypted with AES-256-GCM at rest in our database using an encryption key held only on our infrastructure.
3. Why we process it (purposes)
- Calculate and display your net profit — the core service. Order revenue minus COGS, shipping, ad spend, fees, and refunds.
- Support — respond to your questions via email and in-app chat.
- Transactional emails and digests — install confirmation, weekly profit digests, security-related notifications.
- Service operation and security — logs, error monitoring, abuse prevention.
Your data is only ever visible to you. LiveProfit staff can access it only when strictly necessary to provide support you have requested, or to investigate a security incident.
4. Legal basis (GDPR Art. 6 / nLPD Art. 31)
- Contract performance — processing that is necessary to provide the subscription service you signed up for.
- Legitimate interest — security logs, error monitoring, abuse prevention. We weigh this against your rights.
- Consent — where required (e.g., optional marketing emails you can opt out of at any time).
- Legal obligation — record retention required by Swiss/EU law.
5. Sub-processors we share data with
We use the following sub-processors to run the service. Each is bound by a data-processing agreement and receives only the data required for its function.
| Sub-processor | Purpose | Data received | Location |
|---|---|---|---|
| Railway | Application hosting + PostgreSQL database | All service data | United States |
| OpenAI | In-app AI chat responses | The chat messages you send, only when you use the AI chat | United States |
| Resend | Transactional emails (install confirmation, digests, security) | Recipient email, email subject and content | United States |
| Sentry | Application error monitoring | Stack traces, request path, IP address; PII stripped where possible | United States |
| Shopify | Platform (auth, webhooks) + billing rail | Install context, subscription events | United States / Canada |
| Meta Platforms (Facebook Marketing API) | Read ad spend for accounts you connect | OAuth token; API is read-only | United States / Ireland |
| TikTok (Marketing API) | Read ad spend for accounts you connect | OAuth token; API is read-only | United States / Singapore |
| Google (Google Ads API) | Read ad spend for accounts you connect | OAuth token; API is read-only | United States |
| Crisp | Live-chat widget (support) | Chat messages you send from the widget, contact email | France (EU) |
This list is authoritative and matches the services referenced in our production environment. We notify merchants by email when this list changes materially.
6. What we don't do
- We do not sell your data or your customers' data. Ever.
- We do not share your data for advertising purposes.
- We do not use your data to train third-party AI models. OpenAI's default policy for API usage does not train on submitted content (we do not use ChatGPT Enterprise or Business features that would opt in to training).
- We do not combine data across merchants or use one merchant's data to benefit another.
- We do not build profiles for automated decisioning with legal effect.
7. Retention & deletion
Your data is retained for as long as you have the app installed. On uninstall, a hard purge job runs after a 48-hour grace period and deletes all data associated with your shop, including OAuth tokens, cached spend rows, and product cost overrides. This 48-hour delay exists to protect you from accidental uninstalls — if you reinstall within 48 hours, your data is restored. After 48 hours it is unrecoverable.
Backups are encrypted, retained on a rolling 30-day window, and expire automatically. A shop uninstalled today is gone from live systems within 48 hours and gone from backups within 30 days.
Server logs are retained for 30 days for security and debugging, then rotated.
Support-related emails and chat messages are retained while your account is active and for up to 24 months after uninstall for support-history purposes, unless you request earlier deletion.
8. Your rights
Under GDPR (EU) and nLPD (Switzerland) you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate data.
- Delete your data (right to erasure). You can trigger this yourself by uninstalling; you can also email us.
- Restrict or object to certain processing.
- Data portability — receive your data in a machine-readable format.
- Lodge a complaint with a supervisory authority: the Swiss FDPIC (edoeb.admin.ch) or, if you are in the EU, your national data protection authority.
To exercise any of these rights, email support@liveprofit.io. We respond within 30 days.
9. International data transfers
Several of our sub-processors are located in the United States (Railway, OpenAI, Resend, Sentry, Meta, Google). Data transfers from the EU/EEA and Switzerland to the US are covered by the European Commission's Standard Contractual Clauses (SCCs) and, where applicable, our sub-processors' certifications under the EU-US Data Privacy Framework and the Swiss-US Data Privacy Framework. We do not transfer data to countries without a lawful transfer mechanism.
10. Security
- All connections use TLS 1.2 or higher.
- OAuth tokens (Shopify, Meta, TikTok, Google) are encrypted at rest using AES-256-GCM with an encryption key held only on our infrastructure.
- Shopify session tokens are verified with HMAC-SHA256 (constant-time compare) on every API request.
- Access to production systems is restricted to Luxi Horizon SNC founders. All administrative actions are logged.
- Two-factor authentication is required on all internal admin accounts.
- Errors are captured via Sentry with PII stripped at capture where possible.
We do not currently hold SOC 2 or ISO 27001 certifications; we will disclose any change to this transparently.
11. Children
LiveProfit is a business tool for merchants. It is not directed at children, and we do not knowingly process personal data of anyone under the age of 16.
12. Changes to this policy
We update this policy when the service changes materially — a new sub-processor, a new data category, or a change to retention. You will be notified by email at least 15 days before a material change takes effect. Non-material clarifications may be made without notice; the "Last updated" date at the top will always reflect the most recent version.
13. Contact
Luxi Horizon SNC
Rue Paul-Bouvier 9, 2000 Neuchâtel, Switzerland
UID CHE-339.578.990
Email: support@liveprofit.io
This policy is provided in English. In case of translation, the English version prevails. Governed by Swiss law.