Privacy Policy

Last updated: March 27, 2026

Aresium LLC ("we", "us", or "our") operates the COD Profit Dashboard platform (the "Service"). This Privacy Policy explains how we collect, use, and protect your personal information when you use our Service.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (hashed). If you sign in with Google, we receive your Google profile name, email, and profile picture.

Store and Ad Account Data

When you connect your Shopify stores and Meta Ads accounts, we collect API credentials (encrypted at rest), order data, revenue figures, and ad spend data necessary to calculate your profits.

Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, and session duration.

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers. We receive from Stripe your subscription status, plan type, and billing period.

2. How We Use Your Information

  • To provide and maintain the Service
  • To calculate and display your store profits and metrics
  • To process your subscription payments
  • To send you important service-related communications
  • To improve and optimize the Service
  • To detect and prevent fraud or abuse

3. Data Storage and Security

Your data is stored in secure PostgreSQL databases hosted on Neon (EU region). API credentials (Shopify passwords, Meta access tokens) are encrypted using AES-256-GCM before storage. Session data is encrypted using iron-session with HTTP-only cookies.

4. Data Sharing

We do not sell your personal information. We share data only with:

  • Stripe — for payment processing
  • Vercel — for hosting the Service
  • Neon — for database hosting
  • Shopify & Meta — to fetch your store and ad data (using your own credentials)

5. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

6. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for data processing

7. Cookies

We use a single essential session cookie (cod_profit_session) for authentication. We do not use tracking cookies or third-party analytics cookies.

8. Children

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by email or by posting a notice on the Service.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us: