Pathkeeper Privacy Policy

Last updated: July 4, 2026

Pathkeeper is a Shopify app published by Sizzle (“Sizzle,” “we,” “us,” or “our”). This policy explains what information the app accesses, how we store and use it, and the choices you have. It applies to merchants who install Pathkeeper on their Shopify store.

Pathkeeper is a guided migration and redirects tool. It ingests your old site's URLs, maps them to your new Shopify pages, verifies every redirect resolves before you publish, publishes them as a versioned set you can roll back in one click, and watches for “not found” paths afterward so you can fix broken links.

Summary

In short: Pathkeeper manages your store's own URL redirects and migration data, and nothing about your shoppers. We request no customer or order permissions, so we never access shopper names, emails, addresses, or orders. Your data is stored in the United States, we use only three service providers (Neon, Netlify, and Shopify), and we run no tracking or advertising cookies. When you uninstall, your stored data is fully deleted about 48 hours later.

Information we access and store

Pathkeeper is a migration and redirects tool, so the data it stores is your store's own URLs and the working data needed to manage them. Specifically:

  • Your store domain and a Shopify access token: used to connect securely to your store and make Shopify API calls on your behalf. The token is never shared.
  • URL redirects you create (an old path and the new path it points to), stored as versioned sets so you can review, publish, and roll back to a previous version.
  • Migration working data: the old URLs you import (from a sitemap or an export) and their proposed new targets, so the app can map, verify, and publish them.
  • Counts of paths that returned “not found”: a path and how many times it was missed, so we can show you broken links to fix. This is a path and a count only — never who visited.

Every record is scoped to your store, and it consists of your store's own URLs and the metadata needed to organize them.

Information we do not collect

Pathkeeper does not access, process, or store any customer or shopper personal data. The app requests no customer, product, or order permissions from Shopify, so it has no API access to shopper names, email addresses, mailing addresses, payment details, or order records. We do not run analytics or profiling, and we do not sell or share data for advertising.

Shopify permissions we request

Pathkeeper requests only the permission it needs to manage your store's URL redirects, and it includes no customer or order scopes:

  • write_online_store_navigation — to read and write your store's URL redirects.

Pathkeeper also reads your store's published languages and markets so it never mistakes a native localized page (for example a /fr/ or /es-ca/ route) for a broken link.

How we use your information

We use the information described above only to provide the Pathkeeper service: to import and map your old URLs, to verify that redirects resolve before you publish them, to keep versioned redirect sets so you can roll back, to surface not-found paths you may want to fix, and to manage your subscription and billing status. We do not use your data for any other purpose.

Cookies and your storefront

Pathkeeper is a standard embedded Shopify app built with Remix, Polaris, and App Bridge. It sets only the functional session cookies required by Shopify's authentication and embedded app framework. It uses no analytics, advertising, or tracking cookies.

The app is used only by you inside the Shopify admin. The redirects it creates are served natively by Shopify, and Pathkeeper collects no personal information about the shoppers who follow them.

Where your data is stored

All persistent data and processing takes place in the United States (AWS US East, us-east-1). We store your redirect and migration data in a Neon Postgres database, and the application runs on Netlify.

Service providers

We keep our list of service providers small. The following third parties process data on our behalf or as part of delivering the service:

  • Neon: the Postgres database that stores your redirect and migration data.
  • Netlify: application hosting and serverless functions.
  • Shopify: the source of your store data and the processor of all billing through the Shopify Billing API.

We use no other subprocessors. There is no separate analytics, error tracking, email, advertising, or payment provider.

Billing

Billing for Pathkeeper is handled entirely through Shopify using the Shopify Billing API (Managed Pricing). We do not use an external payment processor, and we do not receive or store your payment card details.

Data retention and deletion

While Pathkeeper is installed, your redirect and migration data is retained so the app can work. When you uninstall the app, your session and access token are deleted immediately. Shopify then sends a shop redaction request about 48 hours after uninstall, at which point we permanently erase all remaining data associated with your store — redirects, migration records, not-found counts, and billing state. Effective retention after uninstall is therefore about 48 hours, followed by complete deletion. You can also request deletion at any time by contacting us.

Shopify compliance webhooks

Pathkeeper implements all three of Shopify's mandatory privacy webhooks:

  • customers/data_request: because we store no customer data, there is nothing to return. We log the request.
  • customers/redact: no operation, since there is no customer data to redact. We log the request.
  • shop/redact: we actively purge all stored data for the shop as described above.

Your rights

Because the data Pathkeeper stores is your own store's URLs and redirect configuration, you remain in control of it. You can review, edit, and roll back your redirects at any time inside the app, and you can trigger deletion of all your stored data by uninstalling Pathkeeper, which leads to complete erasure about 48 hours later through Shopify's shop redaction process.

Depending on where you or your customers are located, data protection laws such as the GDPR and the CCPA may give additional rights, such as the right to access, correct, or delete personal data. Since Pathkeeper does not collect shopper personal data, these requests are limited in scope, but you can contact us at any time and we will assist.

Security

We take reasonable measures to protect the data we store. Data is held on managed infrastructure provided by Neon and Netlify, and access is limited to the app's own functions. No method of storage or transmission is completely secure, so while we work to protect your data we cannot guarantee absolute security.

International users

Pathkeeper stores and processes data in the United States. If you install the app from outside the United States, you understand that your store data will be transferred to and processed in the United States.

Children

Pathkeeper is a business tool for Shopify merchants and is not directed to children. We do not knowingly collect personal information from children.

Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the date at the top of this page. Your continued use of Pathkeeper after an update means you accept the revised policy.

Contact

If you have questions about this policy or how Pathkeeper handles data, contact us atcontact@sizzle.so.