Privacy Policy

1. Information We Collect

When you install and use the App, we collect certain information from you (the "Merchant") and process limited information regarding your customers (the "Buyers").

A. Information We Collect from Merchants:

Upon installation, we automatically collect the following information from your Shopify account via Shopify’s APIs:

• Store Information: Your shop domain (myshopify.com URL and custom domains), store name, store email address, currency, and timezone.
• Merchant Account Data: Information necessary to authenticate you and manage your subscription, managed entirely through Shopify's Billing API.
• Usage Data: Logs of your interactions with the App's dashboard (e.g., rules created, bots activated) to help us troubleshoot and improve our service.

B. Information We Collect from Buyers:

To provide the "gift with purchase" functionality (such as BOGO rules and cart value evaluations) on your storefront, our App interacts dynamically with your Buyers' active shopping carts. We process:

• Cart Data: Product IDs, Variant IDs, quantities, subtotals, and total cart value.
• Strict Limitations: We DO NOT collect, process, or store sensitive Personally Identifiable Information (PII) from your Buyers. We do not access customer names, physical addresses, email addresses, phone numbers, passwords, or payment details. The App operates strictly on anonymized cart state data.

2. How We Use Your Information

We use the collected data strictly for the following operational and administrative purposes:

• To Provide the Service: To evaluate real-time cart conditions against your configured rules and seamlessly trigger automated offers and gifts.
• For Customer Support: To troubleshoot technical issues, respond to your inquiries, and provide tailored assistance based on your store's configuration.
• For Analytics and Improvement: To monitor App performance, detect bugs, and enhance the user interface and functionality of the App.
• To Communicate: To send you critical transactional updates, policy changes, or important notices regarding your use of the App.

3. Sharing Your Information

We respect your privacy. We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

• With Shopify: To authenticate your installation, validate billing, and synchronize your App settings with your Shopify admin.
• With Service Providers: We use trusted third-party cloud hosting providers (e.g., secure database and server infrastructure) to operate the App. These providers are contractually obligated to protect your data and use it solely to provide the underlying infrastructure.
• For Legal Compliance: We may disclose your information if required to do so by law, or in response to a valid request by public authorities (e.g., a court or government agency).

4. Data Security

We implement industry-standard security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. All data transmitted between your Shopify store, our App, and our secure databases is encrypted using SSL/TLS protocols. However, please note that no method of transmission over the internet or electronic storage is 100% secure.

5. Data Retention and Deletion

We retain your Store Information and App configuration rules only for as long as the App is actively installed on your Shopify store.

If you choose to uninstall the App, your configuration data and store details will be permanently purged from our active databases within 48 hours, in accordance with our data retention policy and Shopify's guidelines.

6. Your Rights and GDPR/CCPA Compliance

If you are a resident of the European Economic Area (EEA) or California, you have specific rights regarding your personal data, including the right to access, correct, update, or request deletion of your data.

Shopify Mandatory Privacy Webhooks:

We fully comply with Shopify’s data protection requirements and mandatory privacy webhooks:

• Customers Data Request (customers/data_request): Because we do not store identifiable buyer data, we have no personal buyer data to provide. Webhooks received will be acknowledged with a standard compliance response.
• Customers Redact (customers/redact): We do not store identifiable buyer data. Webhooks received will be immediately acknowledged.
• Shop Redact (shop/redact): Upon receiving a request to delete a shop's data (triggered 48 hours after App uninstallation), we will permanently erase your store’s information and configuration rules from our database.

7. International Data Transfers

Our App's infrastructure is hosted on secure cloud servers. Your information may be transferred to, and maintained on, computers located outside of your state, province, or country where the data protection laws may differ. By using the App, you consent to this transfer, ensuring that we apply appropriate safeguards to protect your data internationally.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by updating the "Effective Date" at the top of this policy and, if necessary, via email or an in-app notification.