CherryPatch — Privacy Policy

Last updated: June 13, 2026

CherryPatch (“the app”, “we”) is a Shopify app that lets merchants compare two themes and selectively copy theme settings between them. This policy explains what data the app accesses, stores, and retains.

What we access

With your permission (the read_themes and write_themes scopes), the app reads your theme files to compare them and writes the changes you choose to the theme you select. The app does not request or access customer data, orders, products, or any personally identifiable information about your customers.

What we store

• Session data — your shop domain and the access token Shopify issues, so the app can authenticate API requests.
• Merge history — a log of each compare/apply action (shop domain, theme names, file name, timestamp, and a count of changes) so you can review and undo merges.
• Backups — before overwriting a theme file, the app saves a copy of the previous version (both inside your theme and in our database) so a merge can be undone.

We do not sell or share this data, and we do not use it for advertising or analytics profiling.

Where data is stored

Data is stored in a PostgreSQL database (hosted on Supabase) and the app runs on Vercel. Access tokens are stored solely to operate the app on your behalf.

Data retention & deletion

When you uninstall the app, your session is deleted immediately. In line with Shopify’s data-protection requirements, we also honor the shop/redact request Shopify sends 48 hours after uninstall, at which point all remaining data for your shop — merge history and backups — is permanently deleted. Because the app stores no customer data, the customers/data_request and customers/redact requests have no customer records to act on.

Contact

Questions about this policy or your data? Email maninder@anattadesign.com.