Privacy Policy — StorePro

Last updated: 3 May 2026

TL;DR — StorePro is a tool that helps small shops run an online store. Each shop owns its own data. We collect the minimum needed to make the service work, never sell anyone's data, and you can request deletion at any time by emailing amitnegimca@gmail.com.

1. Who is "we"

"StorePro", "we", "our" refers to the operator of storepro.in, contactable at amitnegimca@gmail.com. StorePro is a software service that lets small Indian retailers create an online store and accept orders.

2. Two types of users

Shopkeepers (our direct users)

People who sign up at storepro.in/signup to create an online store for their business.

Customers (your users)

People who order from a shop's storefront. Customers are users of the shopkeeper's store, not direct StorePro users. The shopkeeper, not StorePro, is the data controller for customer orders. We process customer data on the shopkeeper's behalf.

3. What we collect from shopkeepers

When you sign up, we ask for:

Shop name, owner name, phone number, optional email
City and shop type (so we can pre-fill your menu)
Optional: address, UPI ID, business hours, brand color, tagline

This goes into the StorePro master registry (a Google Sheet we control) so we can route customer orders to your store.

We may also collect support emails / WhatsApp messages you send us.

4. What customers' data the shopkeeper collects

When a customer places an order at a shop's storefront, the following gets stored in that shop's own Google Sheet (which the shopkeeper owns and controls):

Customer name and phone number
Delivery address (only for delivery orders)
Order items, total, payment mode, and any notes
Approximate location coordinates (if the customer taps "Use my current location")

StorePro itself does not centrally store, read, or analyse this data. It sits on the shopkeeper's Google account.

5. Cookies and tracking

StorePro pages use localStorage (not cookies) to:

Remember the shopkeeper's dashboard session token (so they don't re-enter the PIN every time)
Remember a customer's name, phone, and address on the storefront so re-ordering is one tap
Cache shop branding so the page doesn't flash white on slow connections

If a shopkeeper has configured Google Analytics for their store (Config row AnalyticsID), Analytics cookies are set on that storefront. Each shopkeeper is responsible for disclosing this to their customers.

6. Push notifications

If a shopkeeper allows browser notifications on their dashboard, we register a push subscription with their browser vendor (Apple, Google, or Mozilla). The subscription endpoint is stored on a Cloudflare Worker we operate. We use it only to send "new order" alerts to that shopkeeper's devices.

Customers do not receive push notifications.

7. Telegram alerts (optional)

Shopkeepers may set up a private Telegram bot to receive order alerts on their phone. The bot token and chat ID live in the shopkeeper's own Apps Script project. StorePro never stores them. If we operated the bot, we would mention it here — but we don't, the shopkeeper does.

8. Where data is stored

Master registry — Google Sheets, in our Google account
Shop data — Google Sheets, in the shopkeeper's Google account
Static site — Vercel (Frankfurt / Mumbai edge)
Push relay — Cloudflare Workers (global edge)

Google Sheets data is processed under Google's privacy terms. Vercel and Cloudflare are processors, not data sources.

9. What we share

We don't sell or rent data. Period.

We may share data only when:

You explicitly ask us to (e.g. you request a sheet be transferred)
A law enforcement order compels disclosure (we will notify you unless legally barred)
The Google service operating the sheet has its own privacy policy that applies

10. Your rights

As a shopkeeper:

Access — your shop's Google Sheet is already yours; you have full access
Correction — edit your Sheet or settings any time
Deletion — email amitnegimca@gmail.com with your shop slug; we'll remove the registry row and unlink the Sheet within 7 days
Portability — your Sheet is already a Google Sheet; you can export to CSV or transfer ownership at any time

As a customer of a shop, contact the shop directly to access, correct, or delete your order history. The shop has the data, not us.

11. Children

StorePro is intended for adults running businesses. We do not knowingly collect data from anyone under 18.

12. Security

We follow industry-standard practices:

HTTPS everywhere
Per-shop cryptographic secrets (HMAC) for push notifications, derived from a master key we never expose
Hashed dashboard PINs (SHA-256, never stored in plaintext)
Constant-time comparison on auth tokens

No system is perfectly secure. If you discover a vulnerability, please email amitnegimca@gmail.com before disclosing publicly.

13. Changes

If we materially change this policy, we'll notify shopkeepers via email at least 14 days before the change takes effect. Minor wording fixes don't count as material changes.

14. Contact

For any privacy question or data-deletion request:

📧 amitnegimca@gmail.com