This page summarizes the controls used by ProperApp Image Downloader to protect merchant and customer data.
The app is designed to reduce exposure of protected customer data.
App traffic is served over HTTPS and app proxy requests are sent through secure Shopify storefront endpoints.
Customer identifiers stored in download logs are encrypted before being written to the production database.
Merchant staff access the embedded admin only through Shopify-authenticated sessions.
Access to customer-related reporting in the admin is recorded in a dedicated security audit log.
The app follows a documented response flow when a security issue is suspected or confirmed.
Review alerts, logs, and merchant reports, then classify severity and affected data.
Disable affected flows, rotate secrets if needed, and limit access until the issue is contained.
Patch the root cause, validate the fix in production, and restore services in a controlled manner.
Notify affected merchants and Shopify when required by contract, law, or platform policy.
For suspected incidents or urgent data protection questions.
Contact: properapp.pl@gmail.com