Shopify app · by Lambda House
StoreBack takes point-in-time snapshots of your shop's catalog content and 60-day order metadata, and uploads them file-by-file into a folder we create inside your Drive. Media is stored once and shared across backups, so repeat runs upload almost nothing. Read-only on the Shopify side. No customer PII. No marketing pixels. No data resale.
A focused, narrow tool. Each backup is a self-contained, point-in-time folder in your own Drive — JSON entries plus a manifest.json index, with media bytes deduped into a shared folder. Yours to keep for as long as you want.
Products, variants, collections, pages, blogs, articles, metaobjects, files, theme settings, locations, inventory, translations, publications, markets, policies, delivery profiles, discounts.
Line items, totals, taxes, discounts, fulfillment + financial status, timestamps, currency, tags, order number. No customer link, address, email, or phone — by query, by scope.
One folder per backup, plus a shared media/ folder where each image is stored once and reused across runs. We use the drive.file scope — we can only see files we create. Everything else in your Drive is invisible to us.
On our side, snapshot bodies live for 30 minutes — just long enough to push to your Drive or for you to download directly. After that an automatic sweeper deletes them. Long-term retention is yours.
Click "Back up now" from inside the Shopify admin, or set a daily / weekly schedule. Concurrency capped at 1 in-flight backup per shop; the 3 most-recent stay in the 30-min window.
Per-category opt-in for "backup succeeded", "backup failed", and "Drive reauth needed". Every email has an "unsubscribe from all" link. No marketing.
Four steps. The Drive connection step is optional — without it, snapshots are still produced, but only for the 30-minute window.
Standard OAuth on the Shopify side. We request only read scopes that match the data above — no read_customers, no read_all_orders.
One-tap Google OAuth. We request drive.file only — access limited to the files we create.
Trigger manually or set a schedule. StoreBack queries Shopify, writes the snapshot into a per-run folder under your shop, and uploads any new media bytes alongside it. Progress is visible per file; partial runs resume cleanly.
Each snapshot folder in your Drive carries a manifest.json that names every entity file and every referenced media sha — self-describing without unpacking. Restore re-applies catalog state from any snapshot; Export transforms a snapshot into a portable bundle (CSV, JSONL, or per-entity files) for external tools.
For Google's OAuth verification reviewers and for merchants who want the full picture before connecting Drive.
https://www.googleapis.com/auth/drive.filemedia/ folder where each image is uploaded
once and reused across runs. The drive.file scope restricts us at the API level
to only the files our app creates — we cannot see, list, read, or modify any other file in
your Drive. This is the narrowest scope Google offers for write access; we deliberately do
not request drive or drive.readonly.
The boundary is enforced by scope, by query, and by code — not by promise.
media/)read_customers scoperead_all_orders scopedrive.file prevents itPostgreSQL on Hetzner Online GmbH (Falkenstein, Germany). Application logs include shop domain + operation id — no tokens, no request/response bodies. TLS in transit; AES-256-GCM at rest for credentials.
Snapshot folders live under one per-shop folder we create in your Drive, under your control. We never read them back or copy them anywhere. Delete them whenever you want — that's the end of the line.
customers/data_request · customers/redact · shop/redact — all three handled, HMAC-verified. We have nothing customer-keyed to redact; shop/redact wipes the shop's record inline.
Uninstalling from Shopify admin scrubs the access token on our side immediately. Snapshot bodies are already gone (30-min sweeper). Your Drive folder stays in your Drive — your call whether to keep it.
Questions about scope, privacy, or how a specific entity type is serialized? We answer email.