Privacy Policy

1. Introduction

Cart Sync ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Shopify application.

2. Information We Collect

We collect information that you provide directly to us when you use Cart Sync:

• Store Information: Your Shopify store domain, store name, and store owner contact information
• Customer Data: Customer IDs and cart data necessary for cart synchronization across devices
• Product Data: Product information required to maintain cart contents
• Order Data: Order information to trigger cart clearing upon purchase completion
• Usage Data: Information about how you use our app, including features accessed

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our cart synchronization services
• Synchronize shopping carts across multiple devices for your customers
• Send you technical notices, updates, and support messages
• Monitor and analyze usage patterns to improve our app
• Comply with legal obligations and enforce our terms

4. Data Storage and Security

We store your data securely using industry-standard practices:

• Database: Data is stored in a secure PostgreSQL database (Supabase) with encryption at rest
• Hosting: Our application is hosted on Render.com with SSL/TLS encryption
• Access Control: Limited access to data with authentication and authorization controls
• Data Retention: Cart data is automatically cleared after order completion or 30-day expiration

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information only in the following circumstances:

• With Shopify: As required for app functionality through Shopify's platform
• Service Providers: With trusted third-party service providers (Render.com, Supabase) who assist in operating our app
• Legal Requirements: When required by law or to protect our rights and safety
• Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Your Rights (GDPR Compliance)

Under GDPR and other privacy laws, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing of your data
• Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us using the information provided below. We have implemented GDPR-compliant webhooks to handle data requests and deletion automatically.

7. Cookies and Tracking

We use session cookies and Shopify's session tokens for authentication purposes. We do not use third-party cookies for tracking or advertising.

8. Data Retention

We retain your data only as long as necessary to provide our services:

• Cart Data: Cleared automatically after order completion or 30-day expiration
• Shop Data: Retained while app is installed and deleted upon app uninstallation
• Session Data: Expired and deleted according to Shopify's session management

9. Children's Privacy

Cart Sync is intended for use by Shopify merchants and is not directed to children under 13. We do not knowingly collect personal information from children under 13.

10. International Data Transfers

Your data may be transferred and processed in regions including the European Union (database hosted in EU-Central) and the United States (application hosting). We ensure appropriate safeguards are in place for such transfers.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: support@aldrichify.com
Website: https://cart-sync-xxom.onrender.com

For GDPR-related requests, we will respond within 30 days as required by law.

13. Shopify-Specific Information

Cart Sync is a Shopify application. Your use of Shopify and its services is governed by Shopify's Privacy Policy and Terms of Service. We access and process your data in accordance with Shopify's API Terms of Service and Partner Program Agreement.

Shopify API Scopes Used:

• read_customers, write_customers: To synchronize cart data for your customers
• read_products: To maintain accurate cart contents
• read_orders: To trigger cart clearing on order completion
• read_inventory: To ensure product availability in synchronized carts