CheckoutProof — Privacy Policy
Last updated: July 3, 2026
CheckoutProof ("the app", "we") is operated by Wigley Studios LLC. It helps Shopify merchants find and migrate legacy checkout customizations before Shopify's checkout-extensibility shutoff (August 26, 2026 for non-Plus stores). This policy explains what we access, why, and how we handle it.
What we access
- ScriptTag metadata (read) — the source URL, display scope, and creation date of script tags visible to the app (scope: read_script_tags). Shopify's ScriptTag API is app-scoped — we can only list tags the app itself can see, and the report says so.
- Checkout profile status (read) — your checkout profiles' names, published state, and whether the new Thank-you/Order-status pages are active (scope: read_checkout_branding_settings). Store-level design configuration only.
- Shop name, plan tier, and storefront URL — to pick the right deadline messaging (Plus vs non-Plus) and run the storefront check below.
- Your public storefront HTML — we fetch your store's public home page (exactly what any visitor's browser loads) to inventory the scripts rendered into it, because legacy scripts injected by other apps are only visible there.
What we do NOT access
We do not request or access orders, customers, or any personal / Protected Customer Data. CheckoutProof is a zero-PCD app by design.
What we store
- Scan results — your readiness score, findings, and suggested migration fixes, stored against your shop domain for history and trends. This is your own store configuration data, not customer data.
- Session/authentication tokens — to keep the app connected to your store.
How we process it
The gathered metadata is sent over an encrypted connection to our analysis engine (run on our own infrastructure) to compute your readiness score and fixes. An optional internal classifier (OpenAI) can be enabled to identify unrecognized third-party script hosts; it is off by default — the scan is fully deterministic without it. When enabled, only script host names may be sent to OpenAI, solely to classify them. We never send customer data (we hold none), and we do not sell, rent, or share your data for advertising.
Data retention & deletion
- We keep your scan history only while the app is installed.
- On uninstall, CheckoutProof honors Shopify's
shop/redactwebhook and deletes the sessions and scan records we hold for your shop. - We also honor the
customers/data_requestandcustomers/redactwebhooks; because we store no customer personal data, these are acknowledged with nothing to return or erase. - You can also request deletion anytime at support@wigleystudios.com.
Important limitation
CheckoutProof flags readiness risk against Shopify's published deprecation schedule and suggests the platform-approved replacements. Because the ScriptTag API is app-scoped and some surfaces (like the order-status "Additional scripts" box) have no API at all, no app can see everything — that's why the report includes a guided manual checklist. We do not certify that a migration is complete; the proof is your post-migration test order. The app is a migration-planning tool, not a guarantee.
Your rights
You can uninstall the app at any time to stop all data collection and trigger deletion. For any data request, contact us.
Contact
Wigley Studios LLC — support@wigleystudios.com