Security

Core Controls

• OAuth-based account authorization for supported integrations.
• Encrypted storage for integration tokens and secrets.
• Webhook signature verification for Shopify event integrity.
• Application-level authentication and row-level access controls.

Access and Permissions

Profitify requests only the scopes needed for supported analytics workflows. You can disconnect integrations at any time.

Vulnerability Reporting

To report a security issue, contactsecurity@profitify.appwith reproduction steps and impact details.