Privacy Policy

Last updated: 28 March 2026

Syncible ("we", "us", "our") is operated by We Design It Ltd, a company registered in England and Wales. We are committed to protecting your personal data and being transparent about how we use it. This policy explains what data we collect, how we use it, and your rights under the UK GDPR.

1. Who We Are

We Design It Ltd, trading as Syncible. Registered in England and Wales. Contact: privacy@syncible.co.uk

2. What Data We Collect

When you install Syncible through the Shopify App Store and connect your Xero account, we collect:

• Your Shopify store domain and access credentials (encrypted)
• Your Xero organisation ID and OAuth tokens (encrypted)
• Order data from your Shopify store (order IDs, line items, amounts, customer names and email addresses)
• Sync logs and activity records
• Billing plan and subscription status (managed by Shopify)
• Contact information provided when you sign up or contact support

3. How We Use Your Data

We use your data solely to provide the Syncible service:

• To sync your Shopify orders to Xero in real time
• To create and manage invoices, contacts, and credit notes in your Xero organisation
• To provide you with a dashboard showing sync activity and logs
• To send service-related emails (billing, support, product updates)
• To diagnose and fix technical issues

We do not sell your data, use it for advertising, or share it with third parties except as described in this policy.

4. Data Sharing

We share data with the following third parties only to the extent necessary to provide the service:

• Shopify — to retrieve order data and manage your subscription
• Xero — to create invoices, contacts and credit notes in your organisation
• DigitalOcean / hosting provider — our servers are hosted in the UK/EU
• Redis / PostgreSQL — data is stored on our own servers, not third-party databases

5. Data Retention

We retain your sync logs and order data for 12 months after your subscription ends. Encrypted access tokens are deleted immediately upon app uninstallation. You can request deletion of all your data at any time by emailing privacy@syncible.co.uk.

6. Security

All access tokens and credentials are encrypted at rest using AES-256 encryption. Data is transmitted over HTTPS/TLS. We conduct regular security reviews and apply software updates promptly.

7. Your Rights (UK GDPR)

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request erasure of your data
• Object to or restrict processing
• Data portability

To exercise any of these rights, email privacy@syncible.co.uk. We will respond within 30 days.

8. Cookies

Syncible uses session cookies only for authentication purposes when you are logged into the Syncible dashboard. We do not use advertising or tracking cookies.

9. Changes to This Policy

We may update this policy from time to time. We will notify active subscribers of any material changes by email. The latest version is always available at syncible.co.uk/privacy.

10. Contact

For any privacy-related questions, contact us at privacy@syncible.co.uk.