Privacy Policy
Last updated: July 15, 2026
Ripply is a customer-referral app for OpoShop merchants, published by Found. It lets a store's happy customers share a link, gives their friends a first-order discount, and rewards the customer when the referred order completes. This policy explains what data Ripply handles, why, and how we protect it. Merchants install and use Ripply inside their OpoShop store admin; we act as a service provider to the merchant for the data that flows through their referral program.
Who this covers
- Merchants — store owners who install Ripply to run a refer-a-friend program.
- Customers / referrers — people who share a store's referral link and earn a reward when a friend buys.
- Referred friends — people who click a referral link and claim a first-order discount.
What we collect and store
- Store connection. When a merchant installs Ripply, we store the store's ID, subdomain, and an OpoShop access token (obtained via OAuth) so Ripply can run the program on the store's behalf — read orders to confirm a referred purchase completed, read customers to check first-order eligibility, and create/read discounts for the friend's perk and the referrer's reward. We never share these tokens.
- Referral records. A referrer's unguessable referral code and the email they used to create their link; a referred friend's email (if provided) and the order the referral is attributed to; click, signup, and qualified-order counts; referral status; and the one-time discount and reward codes tied to each referral. Reward balances are tracked to the cent.
- Buyer / friend emails. Captured from the referral link, the claim page, or an order the buyer placed on the store — used only to attribute the referral, prevent self-referral, check first-order eligibility, and email a reward. Never sold.
- Attribution references. A first-party cookie (
kb_ref) and the OpoShop order ID a referral is bound to — used to tie a completed order back to the referrer who sent it. - Merchant settings & branding. Business name, logo, accent color, discount/reward amounts, guards (first-order-only, caps, expiry), placement, and program copy the merchant configures.
What we do NOT collect
- We do not collect or store payment-card numbers, bank details, or passwords. Payments are processed by OpoShop and its payment providers, never by Ripply.
- Our product analytics contain no personal information — events are keyed to a non-identifying store ID only, never to a customer's or friend's name or email.
- We do not sell personal data, and we do not use it for advertising or profiling.
How we use data
- To run the referral program: create referral links, issue and validate the friend's first-order discount, attribute completed orders, and issue the referrer's reward.
- To keep rewards honest: a reward is only issued after we re-read the referred order live and confirm it is genuinely placed and paid — the browser is never trusted for money.
- To send reward emails (a reward code or a store-credit note) through OpoShop's email service, on the merchant's behalf, branded as their store.
- To prevent fraud and abuse: block self-referral, enforce first-order-only rules and per-referrer caps, and rate-limit the public referral surfaces.
- To improve the product using non-personal, aggregate usage analytics.
Sharing & processors
We share data only with the service providers needed to run Ripply, and only for that purpose:
- OpoShop — the platform Ripply runs on; the source of store, order, customer, discount, and email delivery.
- Cloud hosting & database — to run the app and store referral/reward records securely in Ripply's own MongoDB database.
- Product analytics — non-personal usage data only (a shared PostHog project used across Found's apps, tagged by app, with no PII).
We do not sell or rent personal data to anyone.
Security
Data is transmitted over HTTPS. Store access tokens and records are access-controlled and scoped so a store can only ever see its own data — each store's referral data lives in its own scope in Ripply's MongoDB database. Referral codes are unguessable, and each reward is a bearer secret: it can be redeemed only by someone holding its private code, never by knowing an email address. The public claim and reward pages are rate-limited and return a generic response for links that don't exist — they never reveal whether a code or reward is real.
Data retention
We keep referral and reward records for as long as the merchant has Ripply installed, so outstanding rewards and discounts remain redeemable — an unclaimed reward is value the merchant owes their customer. When a merchant uninstalls Ripply, we stop processing new activity for that store; on request we will delete a store's data, subject to any legal or financial-record obligations.
Your choices & rights
- Merchants can edit branding and program settings in the app, and can uninstall Ripply at any time from their OpoShop admin.
- Customers & friends should contact the store they shopped with for requests about their referral, discount, reward, or personal data — the merchant is the controller of that data.
- You may request access to or deletion of your data by emailing us (below); we'll coordinate with the relevant store where needed.
Children
Ripply is a tool for merchants and their customers and is not directed to children under 13.
Changes to this policy
We may update this policy as the product evolves. Material changes will be reflected here with a new "last updated" date.
Contact
Questions about this policy or your data? Email brandon@tryfound.io. Ripply is published by Found and runs on the OpoShop platform.