Last updated: June 2026
WeatherHold stores the data required to assess weather risk for open orders: your shop domain, an API access token issued by Shopify, your subscription status, your threshold settings, and for each open unfulfilled order: the order ID and number, the destination city, region, country, and postal code, and the forecast temperature range for that destination. Postal codes are also cached with their map coordinates to reduce repeat lookups.
WeatherHold does not store customer names, email addresses, phone numbers, full street addresses, order contents, or payment information. Destination postal data is used solely to retrieve a weather forecast.
Order destination data is sent to weather and geocoding services (Open-Meteo and Zippopotam) as coordinates or postal codes only, never with any personal identifiers, solely to retrieve forecasts. We do not sell, share, or transfer your data to any other third parties.
Assessments are deleted automatically when orders are fulfilled or closed. When a customer data erasure request is received from Shopify, all assessments for that customer's orders are deleted. When you uninstall WeatherHold, your access token is invalidated immediately and your shop's assessments are deleted, with remaining shop records removed in line with Shopify's mandatory data-erasure webhooks.
All data is transmitted over HTTPS and stored in an access-controlled database. API credentials are never exposed to the browser.
Questions or data requests: contact us via the support email listed on our Shopify App Store page.