Privacy
ServerSideSplitter Privacy Policy
Last updated: June 3, 2026
This Privacy Policy explains how Natural Revolution LLC ("we", "us", "our"), the developer of the ServerSideSplitter Shopify app (the "App"), collects, uses, stores, shares, and protects information when a Shopify merchant ("Merchant", "you") installs and uses the App, and when visitors to a Merchant's online store ("Visitors") interact with experiences the App serves.
If you have any questions about this policy or your data, contact us at support@serversidesplitter.com. The current version of this policy is published at https://serversidesplitter.com/privacy-policy.
1. What the App does
ServerSideSplitter lets Merchants run server-side A/B and split tests by URL. A Merchant points a single proxy URL at landing pages they have already built in Shopify; the App chooses a variant server-side, redirects the Visitor to the selected page, and attributes resulting checkout conversions back to the correct variant so the Merchant can compare variants by revenue.
To do this, the App processes a deliberately minimal set of data. It is built so that it does not collect or store Visitor contact or payment information.
2. Roles (controller and processor)
- For Merchant account data and App configuration, we act as a data controller.
- For storefront and order data processed on the Merchant's behalf (variant assignment and conversion attribution), the Merchant is the controller and we act as a processor/service provider, processing that data only to provide the App.
The Merchant is responsible for maintaining their own customer-facing privacy policy and store consent banner, and for disclosing their use of A/B testing, analytics, and conversion measurement to their Visitors.
3. Information we collect
3.1 Merchant and store account information
Collected through Shopify OAuth and stored to operate the App:
- Shop domain (
*.myshopify.com) and installation/uninstallation state. - Shopify-issued API access tokens, stored in encrypted form.
- For online (user-scoped) sessions only: the Shopify staff user's ID, first name, last name, email address, and locale, as provided by Shopify.
- The Merchant's selected pricing plan and billing state (billing is handled by Shopify; we do not receive or store card or bank details).
- Any information a Merchant voluntarily provides when contacting support@serversidesplitter.com.
3.2 App configuration
Entered by the Merchant inside the App:
- Experiments (names, slugs, status), variant labels, destination URLs, and traffic weights.
3.3 Storefront Visitor data
When a Visitor reaches an experiment proxy URL:
- Processed in memory only and not stored: the Visitor's IP address and browser user agent. These are used solely (a) to compute a salted, irreversible visitor hash for consistent ("sticky") variant assignment, and (b) to filter out bot traffic.
- Stored: a salted SHA-256 visitor hash (which cannot be reversed back to an IP address or user agent) and aggregate, per-variant visit counters. We do not store a raw per-visit record tied to an identifiable individual.
3.4 Order and conversion attribution
Received via the Shopify orders/create webhook and the App's Shopify Web Pixel
when a Visitor completes checkout on an experiment path:
- Order identifier (Shopify order GID) and order number.
- Order total/revenue and currency.
-
The
_ab_testcart/note attribute, which contains only an experiment ID, variant letter, and the salted visitor hash. - The source of the record ("webhook" or "pixel").
We do not collect or store Visitor names, email addresses, phone numbers, billing or shipping addresses, or payment/card details.
3.5 Compliance and operational data
- Compliance webhook audit records: when Shopify sends a mandatory privacy webhook, we log the shop domain, the webhook topic, a timestamp, and — only if Shopify includes one in the payload — a Shopify-issued customer identifier (a numeric ID, not a name, email, address, or other contact detail). This audit log exists to evidence our handling of privacy requests.
- Server and error logs: standard request and error logs used to operate and secure the service. When optional error monitoring is enabled, sensitive headers (authorization, cookies, Shopify HMAC/webhook identifiers) are redacted before transmission.
4. How we use information
We use the information above only to:
- Authenticate the App with Shopify and operate the embedded admin experience.
- Serve the correct experiment variant and keep variant assignment consistent for a given Visitor.
- Measure experiment performance and attribute checkout conversions and revenue to variants for the Merchant.
- Filter bot traffic and keep visit counts accurate.
- Maintain the security, integrity, and capacity of the service (including rate limiting and abuse prevention).
- Provide support and respond to Merchant inquiries.
- Comply with Shopify platform requirements and applicable law, including privacy/data-subject requests.
We do not use this data for advertising profiling, and we do not sell or rent personal data.
5. Legal bases for processing (EEA/UK)
Where the GDPR or UK GDPR applies, we rely on: performance of a contract (operating the App for the Merchant); legitimate interests (securing the service, preventing abuse, and measuring conversions in a privacy-preserving way); and compliance with legal obligations. Where a Merchant's Visitors are in scope, the Merchant is responsible for obtaining any consent required for analytics and marketing measurement, which Shopify's Customer Privacy / consent framework helps enforce (see Section 8).
6. How we share information (sub-processors)
We do not sell personal data. We share data only with the following service providers ("sub-processors"), and only as needed to run the App:
| Sub-processor | Purpose | Data involved |
|---|---|---|
| Shopify | Platform, authentication, billing, webhooks, and Web Pixel delivery | Account data, order/attribution data, compliance webhooks |
| Fly.io | Application hosting and managed PostgreSQL database (United States) | All stored App data described in Section 3 |
| Sentry (optional, only if enabled) | Application error monitoring | Error events with sensitive headers and cookies redacted |
| Resend (operational) | Sending internal capacity/health alert emails to our team | Aggregate infrastructure and traffic metrics and an internal shop identifier; no Visitor contact data |
We may also disclose information if required by law, to enforce our terms, or to protect the rights, property, or safety of our users or the public.
7. Data retention
We retain data only as long as needed for the purposes above. Default retention periods are:
- Aggregate per-variant visit counters: until the Merchant deletes the experiment.
- Salted visitor assignment hashes: 90 days.
- Conversion/attribution records: approximately 13 months (400 days).
- Compliance webhook audit records: 3 years (1095 days).
- Shopify sessions and shop configuration: until the App is uninstalled, the shop is redacted, or deletion is requested.
Automated data-retention jobs purge data on the schedule above. Deleting an experiment cascades deletion of its variants, visit counters, visitor assignment hashes, and conversion records.
8. Consent
The App's Shopify Web Pixel declares analytics and marketing purposes and declares that it does not sell or share data. Shopify's pixel manager loads the pixel only when the store's customer privacy settings permit the declared purposes. Variant selection only changes which Merchant-authored page a Visitor sees; the App does not make legal or similarly significant automated decisions about Visitors.
Merchants are responsible for configuring their storefront privacy banner, consent mode, and customer-facing notices to reflect their use of ServerSideSplitter for A/B testing, analytics, and conversion measurement.
9. Security
We protect data using measures that include:
- TLS encryption for data in transit (via Shopify and Fly.io).
- Encryption at rest for the PostgreSQL database volume.
- Encryption of stored Shopify access tokens before they are written to the database.
- Salted, one-way (SHA-256) hashing of Visitor identity, so raw IP addresses and user agents are never persisted.
- HMAC verification of Shopify webhooks and signature verification of App Proxy requests, plus rate limiting on public endpoints.
No method of transmission or storage is completely secure, but we work to protect your data using industry-standard safeguards.
10. International data transfers
The App is hosted in the United States. If you access the App or your Visitors interact with it from outside the United States, the data described in this policy will be transferred to and processed in the United States and other jurisdictions where our sub-processors operate.
11. Your rights
Depending on your location, you (and, through the Merchant, Visitors) may have rights to access, correct, delete, or restrict the processing of personal data, and to object to processing or request portability.
- Visitors should contact the Merchant (the store they interacted with) to exercise these rights; the Merchant can submit a request to us through Shopify.
- Merchants can exercise these rights by contacting support@serversidesplitter.com.
We honor Shopify's mandatory privacy/compliance webhooks:
customers/data_request— we log the request; the App does not store Visitor contact data to return.customers/redact— we log the request; the App does not store Visitor contact data to redact.shop/redact— we delete the shop's session and configuration records, which cascades deletion of related experiments, visit counters, visitor assignment hashes, and conversion records.
12. Children's privacy
The App is a business tool for Shopify Merchants and is not directed to children. We do not knowingly collect personal data from children.
13. Changes to this policy
We may update this policy from time to time. When we do, we will revise the "Last updated" date above and post the new version at https://serversidesplitter.com/privacy-policy. Material changes will be communicated by reasonable means.
14. Contact us
Natural Revolution LLC — ServerSideSplitter
Email: support@serversidesplitter.com
Privacy policy URL:
https://serversidesplitter.com/privacy-policy