nmuaInstall StockAlert →
※  Viewly3D

privacy

Last updated · May 2026

1. Who this covers

This privacy policy covers Viewly3D specifically - our Shopify app for adding interactive 3D and AR viewers to product pages, published by Noomua. For questions about this policy, contact us at hello@noomua.com.

2. What Viewly3D accesses and stores

What we write to your store. Viewly3D uses a single Shopify access scope:

  • write_products - used to attach the 3D model file URL as a metafield on your products, so the viewer can load the correct model on each product page. We do not read or modify any other product data.

What we store. The data we persist in our database and storage:

  • Your shop domain and Shopify access token (token is invalidated and nulled on uninstall).
  • Shopify session data required to operate the embedded app.
  • Your plan tier, trial state, credit balance, and subscription state.
  • Billing charge records returned by the Shopify Billing API for your subscription and any credit pack purchases.
  • Promo-code redemption records.
  • 3D model files (GLB). GLB files you upload directly or that Viewly3D generates from your product photos are stored in Supabase Storage. These files are served publicly - they are loaded by the storefront viewer when shoppers open your product pages, so they must be publicly accessible by design.
  • Generation records. A record of each AI 3D generation request, including timestamps, credit usage, status, and references to the input product image URLs you provided. These input image URL references are retained in the generation record - they are not deleted after generation completes.

No store-customer PII. Viewly3D does not collect or store customer names, customer email addresses, phone numbers, billing addresses, shipping addresses, or any other personally identifiable information about your end shoppers. The storefront viewer loads the public model file and does not set tracking cookies or collect buyer data.

3. How we use your data

  • Serving the 3D and AR viewer. Stored GLB model files are served publicly via Supabase Storage so the viewer can load them on your product pages. The model URL is written to your product as a metafield using the write_products scope.
  • AI 3D model generation. When you submit product photos for AI generation, those images are sent to Meshy AI (image-to-3D) to produce a GLB model file. This image data leaves Viewly3D's systems and is processed by Meshy. See sub-processors below.
  • Credit and billing management. Generation records, credit balance, and billing charge records are used to enforce plan limits and process charges through Shopify Billing.
  • App improvement. Aggregate usage patterns help us understand reliability and feature priorities.

Your data is not sold and is not used for advertising. We share it only with the sub-processors listed below, to the extent required to operate the app.

4. Sub-processors

  • Shopify - app installation, OAuth authentication, and billing.
  • Supabase - database storage for all app data, and file storage for GLB model files. Model files stored here are publicly accessible by design.
  • Meshy AI - AI 3D model generation. Product photos you submit for generation are transmitted to Meshy AI for processing. Meshy processes this image data under its own privacy policy.
  • Fly.io - hosting and infrastructure for the Viewly3D backend.

5. Data retention and compliance

App data and 3D model files are retained for as long as Viewly3D is active on your store.

On uninstall. When you uninstall Viewly3D, your Shopify access token is immediately invalidated and nulled. Your remaining data - plan state, generation records, billing records, promo redemptions, session data, and all hosted GLB model files - is soft-retained briefly, then permanently and irreversibly erased (including the model files from Supabase Storage) when Shopify fires the shop/redact webhook (typically ~48 hours after uninstall). You can request immediate, permanent deletion at any time by emailing hello@noomua.com.

GDPR. Viewly3D handles Shopify's mandatory GDPR webhooks:customers/data_request, customers/redact, and shop/redact. Because we do not store customer PII, customer-data requests are honoured as confirmed no-ops. The shop/redact webhook triggers permanent deletion of all shop data and hosted model files.

Billing is handled entirely through Shopify. No payment data ever touches Viewly3D's systems.

6. Your rights

Depending on your location, you may have the right to access, correct, or delete the data we hold about your store. To exercise any of these rights, email us at hello@noomua.com and we will respond within a reasonable timeframe.

7. Changes and contact

We may update this policy as the app or legal requirements change. Material changes will be noted with an updated date at the top of this page. Continued use of Viewly3D after changes are posted constitutes acceptance of the updated policy.

For privacy questions or data requests, contact hello@noomua.com. Please include “Viewly3D Privacy” in your subject line.

Viewly3D Terms← Back to Viewly3DView on App Store →