Who we are
TY Bridge is operated by eCom in motion, located at Salongsgatan 24G, 21116 Malmoe, Sweden. Support: ecominmotion.com/support.
Effective January 25, 2026
TY Bridge Privacy Policy
TY Bridge migrates Shopify pixels and ad platform signals (including Meta, GA4, TikTok, and Google Ads) while honoring customer consent. This policy explains what information we collect, how we use it, and the controls you have.
Data we collect
We collect the minimum data required to deliver consent-aware Shopify web pixel events and diagnose delivery issues. We do not store IP addresses or user agents. If Enhanced Matching is enabled and marketing consent is granted, IP address and user agent may be forwarded to destinations for matching; otherwise they are not sent. We do not store raw customer contact data (email or phone). When Enhanced Matching is enabled, hashed email or phone may be forwarded only when marketing consent is granted. This includes:
- Shop identifiers, plan metadata, and configuration settings
- Event metadata (event id, timestamp, value, currency, line items, origin)
- Order truth data from Shopify orders/paid (order id, paid/created timestamp, optional total + currency for reconciliation only)
- Consent state (granted, denied, or missing) captured at event time
- Consent-gated identifiers (fbp, fbc, gclid, gbraid, wbraid, ttclid, ttp, ga_client_id) when consent allows
- Encrypted destination credentials and API tokens
- Delivery audit logs, suppression reasons, and retry metadata
Consent model
TY Bridge treats consent as an explicit state: granted, denied, or missing. Missing consent is treated as denied. We do not infer permission.
- Storefront pixel events require analytics consent before they are emitted.
- Marketing identifiers are only forwarded when marketing consent is granted.
- GA4 identifiers are only forwarded when analytics consent is granted; if no identifier is available, the GA4 request is skipped.
Data map
| Category | Examples | Purpose | Consent required | Shared with |
|---|---|---|---|---|
| Shop account data | Shop domain, shop id, plan tier, settings | Provide and operate the service | Not applicable (contract) | Shopify, internal infrastructure |
| Event data (non-PII) | Event id, timestamp, value, currency, line items, origin | Deliver events and prove delivery | Analytics consent for storefront pixel events | Configured ad platforms, diagnostics logs |
| Order truth data | Order id, paid/created timestamp, total, currency | Reconciliation and delivery evidence | Not applicable (contract) | Internal systems only |
| Consent-gated identifiers | fbp, fbc, gclid, gbraid, wbraid, ttclid, ttp, ga_client_id | Attribution and match quality | Marketing or analytics consent (depends on destination) | Meta, TikTok, GA4, Google Ads |
| Credentials | Encrypted API tokens, destination keys | Authenticate delivery | Not applicable (contract) | Not shared |
| Diagnostics & audit logs | Delivery status, suppression reason, retry metadata | Support, security, and accountability | Not applicable | Internal systems only |
How we use data
We use the collected data to process pixel events, enforce consent, relay events to configured destinations, and surface diagnostics inside the TY Bridge admin. We reconcile Shopify order truth against downstream delivery receipts to detect gaps when pixels are suppressed. We do not sell, rent, or trade this data.
Legal bases
Our processing is based on contractual necessity (to deliver the service), legitimate interests (security and abuse prevention), and consent where required by applicable law.
Retention
We retain operational logs and payloads for the minimum period required to verify delivery, troubleshoot, and comply with legal obligations. Retention windows are enforced by code:
- Event logs: 90 days
- Order truth data: 90 days
Data is purged on uninstall and privacy redaction.
How we share information
We share event payloads only with configured advertising platforms (Meta, GA4, TikTok, Google Ads) and only as instructed by the merchant. Order truth data is used internally for reconciliation and is not shared with ad platforms. We also use Shopify and Cloudflare to operate the service. We do not share personal data with third parties for our own marketing.
Cookies & similar tech
TY Bridge does not set marketing cookies on storefronts. When consent allows, we read existing cookies and URL parameters (such as fbp, fbc, _ga, _gcl_*, _ttp, fbclid, gclid, ttclid) to improve match quality. If Enhanced Matching is enabled and marketing consent is granted, IP address and user agent may be forwarded for matching, but are never stored. Shopify’s pixel platform handles consent, and our service respects those signals.
Security
We encrypt sensitive data at rest, restrict access to operational staff, and audit all access paths. We never log decrypted secrets.
International transfers
TY Bridge routes traffic through Cloudflare’s global network, but regional data stores are used for account data and event processing. Configured advertising platforms may process data globally under their own safeguards. We follow Shopify’s regional requirements and cross-border safeguards.
Your privacy choices
Merchants can access, export, or delete data through the TY Bridge admin. If you are a shopper seeking access, contact the merchant who controls the data.
Contact us
For privacy inquiries, visit ecominmotion.com/support.