gookit
Legal

Privacy Policy

Last updated:

Introduction

This Privacy Policy describes how gookit (“we”, “us”) collects, uses, and shares information when you install or use Barcodeman (the “App”) on Shopify or Wix. The App lets merchants design, generate, and print barcode and product labels using data from their connected store.

Information we access from your store

Shopify

When you install the App on Shopify, we request the following access scopes. We only use this data to operate the labeling service for your store.

  • Products & inventory (write_products, read_inventory, write_inventory, read_inventory_transfers) — to read product titles, variants, images, barcodes, SKUs, and pricing so they can be placed on labels, and to write barcodes back to products you choose to update.
  • Orders (read_orders, read_all_orders, read_draft_orders) — to generate shipping, picking, and order labels from order data.
  • Customers (read_customers) — to render customer name and address on shipping labels when you choose to print from an order.
  • Locations & markets (read_locations, read_markets) — to filter inventory and label content per location or market.

We do not request access to payment methods, customer payment information, themes, script tags, price rules, or saved searches.

Wix

When you install the App on Wix, you grant the App owner-level access through Wix OAuth. The App reads your store catalog (products, variants, SKUs, prices, images, inventory) and orders (order numbers, items, customer name and address) to generate labels. The App does not access payment, billing, or site-builder data.

Information we collect from you

  • Account information — name, email, store URL, plan, and billing metadata for the operators of the App.
  • Usage and device data — IP address, browser, operating system, app version, and feature usage logs, used to operate the service and diagnose issues.
  • Support communications — the contents of messages, screenshots, and files you send us through in-app chat or email.

How we use information

  • To provide, operate, and maintain the App.
  • To generate the labels and files you ask the App to produce.
  • To process subscription billing and prevent fraud.
  • To diagnose errors, improve performance, and develop new features.
  • To respond to your support requests and send service notices.

We do not sell personal information, and we do not use store or customer data for advertising.

Service providers (sub-processors)

We share data with vetted providers strictly to operate the App. Each handles only the data needed for their function:

  • Supabase — primary database and storage.
  • Firebase — authentication.
  • Amazon Web Services (S3) — storage of generated PDF labels and template assets.
  • Cloudflare — content delivery and routing.
  • Stripe — subscription billing and payment processing.
  • Sentry — error and performance monitoring.
  • Intercom — in-app support chat and email.
  • Bytescale — image and template uploads.

We may also disclose information when required by law, to enforce our terms, or to protect the rights, property, or safety of our users or the public.

Data retention

We retain account, billing, and operational records for as long as your account is active. Generated label files and job history are retained for up to 12 months and then purged. When you uninstall the App, we delete or anonymize merchant and customer data within 30 days, except where we are required to keep it longer for legal or accounting reasons.

Your rights

Subject to applicable law (including the GDPR and CCPA), you may request to access, correct, export, or delete the personal information we hold about you. To make a request, email hi@gookit.co.

Shopify merchants and their customers can also exercise data rights through Shopify’s mandatory data request and erasure flows. We respond to Shopify’s customers/data_request, customers/redact, and shop/redact webhooks within the timeframes Shopify requires.

Security

We use industry-standard safeguards including encryption in transit (TLS), encryption at rest, access controls, and audit logging. No system is perfectly secure; if we become aware of a breach affecting your data we will notify you as required by law.

Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our service providers, or applicable law. The “Last updated” date above shows when this policy was most recently revised. Material changes will be communicated before they take effect.

Contact us

For privacy questions, requests, or complaints, contact hi@gookit.co. The App is operated by gookit.