Transparency
Exactly how we use the Etsy API.
We believe sellers — and Etsy — deserve a precise account of what an app does with their data. Here is ours, in full.
Permissions we request
Paamship requests two OAuth scopes — and only these two:
transactions_rRead paid orders and receipts so we can fulfil them — items, quantities, and the shipping address.
transactions_wWrite the shipment tracking number back to the order once a parcel ships, so the buyer is notified by Etsy.
Data we access
- Order & receipt line items
- Shipping address on the order
- Order totals (for record-keeping)
- Shipment tracking we write back
Data we never touch
- Buyer email addresses
- Listings
- Billing & finances
- Other shops
Explicitly out of scope
- Buyer email addresses
- We do not request the buyer_email field and do not store buyer email addresses.
- Listings
- We never create, edit, or delete listings (no listings_r / listings_w).
- Billing & finances
- We never access billing, payment account, or finance data.
- Other shops
- A shop’s token is only ever used for that shop. We never access data for shops that didn’t authorise us.
How we comply with Etsy’s API Terms of Use
- Official API only
- All Etsy data is retrieved through the official Etsy Open API v3. We never screen-scrape or use internal/legacy endpoints.
- Caching policy
- Order data is processed and stored as the canonical fulfilment record. We do not re-display stale Etsy listing content, in line with Section 1 of the API Terms of Use.
- OAuth for private data
- All private member data is accessed strictly via OAuth 2.0 (PKCE) tokens granted by the shop owner, who can revoke access at any time.
- Attribution
- We prominently display the required Etsy trademark notice and clearly distinguish Paamship from Etsy.
- Least privilege
- We request only transactions_r and transactions_w — the minimum scopes shipping requires.
The term "Etsy" is a trademark of Etsy, Inc. This application uses the Etsy API but is not endorsed or certified by Etsy, Inc.