Privacy Policy

1. Overview

FastFulfill (“we”, “us”) operates the sourcing and fulfillment platform at https://fastfullfillsourcing.vercel.app. This policy explains what data we collect, how we use it, and your rights.

2. Data We Collect

• Account data: email address, name, business name, role (buyer / supplier / warehouse).
• Order data: product names, quantities, shipping addresses, tracking numbers imported from connected stores.
• Shopify store data: store domain, OAuth access tokens, products, inventory, fulfillment data, and order webhooks.
• Payment data: invoices and Stripe checkout sessions. Card details are processed by Stripe. We never see raw card numbers.
• Usage data: page views and server logs retained for up to 30 days.

3. How We Use Your Data

• To provide sourcing quotes, order management, and fulfillment services.
• To sync orders from your connected Shopify store in real time.
• To send transactional emails (quote notifications, shipment updates, invoices).
• To process payments via Stripe.
• To improve platform reliability and debug errors.

4. Shopify Data

When you connect a Shopify store, we request access to read orders, products, inventory, and merchant-managed fulfillment orders. We also request permission to write merchant-managed fulfillment orders so FastFulfill can send tracking and shipment updates back to Shopify.

We comply with Shopify’s GDPR requirements. Upon receiving acustomers/redact or shop/redact webhook, we anonymize or delete the relevant records from our database within 30 days.

5. Data Sharing

We do not sell your data. We share data only with:

• Supabase for database and authentication hosting.
• Stripe for payment processing.
• Resend for transactional email delivery.
• Vercel for application hosting and serverless functions.

6. Data Retention

We retain your account and order data for as long as your account is active. If you close your account, we delete your personal data within 30 days, except where retention is required by law (e.g. financial records).

7. Your Rights

You have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data (right to erasure).
• Export your data in a portable format.
• Withdraw consent at any time by disconnecting your Shopify store or closing your account.

To exercise these rights, email us at privacy@fastfulfill.com.

8. Cookies

We use only essential session cookies required for authentication and security (OAuth state tokens, Supabase session). We do not use tracking or advertising cookies.

9. Security

All data is transmitted over HTTPS. Shopify access tokens are stored encrypted. Passwords are handled by Supabase Auth (bcrypt-hashed). We conduct regular security reviews of our infrastructure.

10. Changes to This Policy

We may update this policy periodically. We’ll notify you by email or an in-app notice for material changes. Continued use of FastFulfill after changes constitutes acceptance.