Privacy Policy - Direct Checkout Links App
Last Updated: 5/31/2025
Effective Date: 5/31/2025
📋 1. Introduction
Direct Checkout Links ("we," "our," or "the App") is a Shopify application that enables merchants to create direct checkout links and optimize their checkout process. This Privacy Policy explains how we collect, use, process, and protect information when you use our App.
By installing and using our App, you agree to the collection and use of information in accordance with this policy.
We collect the following information from Shopify merchants:
Store Information:
- Shop domain and name
- Shopify store ID
- Installation timestamp
- App permissions granted
Product Data:
- Product IDs, titles, and handles
- Product variants and pricing
- Product images and descriptions
- Inventory levels
- Product availability status
Usage Data:
- Generated checkout links
- Link generation timestamps
- Export requests and formats
- Feature usage analytics
Billing Information:
- Subscription status and plan details
- Trial periods and expiration dates
- Payment status (processed by Shopify)
- Billing history
- Browser type and version
- Operating system
- IP address (for security purposes)
- App usage logs and error reports
- Performance metrics
We do NOT directly collect personal information from your customers. However, we may process:
Indirect Processing:
- Anonymous checkout link usage (via generated links)
- Product interaction data (when customers use our links)
- General analytics (aggregated, non-personal)
3.1 Core App Functionality
- Generate and manage direct checkout links
- Scan and identify single-variant products
- Provide global auto-checkout toggle functionality
- Export product data for advertising purposes
3.2 Service Improvement
- Analyze app usage to improve features
- Debug and fix technical issues
- Optimize performance and user experience
- Develop new features based on usage patterns
3.3 Billing and Support
- Process subscription payments (via Shopify)
- Manage trial periods and billing cycles
- Provide customer support and technical assistance
- Send important service updates
3.4 Legal Compliance
- Comply with applicable laws and regulations
- Respond to legal requests and court orders
- Protect against fraud and security threats
- Enforce our Terms of Service
🔒 4. Data Storage and Security
4.1 Data Storage
- Database: PostgreSQL with encrypted connections
- Location: Secure cloud infrastructure
- Backup: Regular automated backups with encryption
- Retention: Data retained as long as app is installed
4.2 Security Measures
- Encryption: All data transmitted via HTTPS/SSL
- Access Control: Role-based access with authentication
- Monitoring: 24/7 security monitoring and logging
- Updates: Regular security patches and updates
4.3 Data Protection
- Industry-standard encryption for data at rest
- Secure API connections with Shopify
- Regular security audits and assessments
- Employee access limited to necessary functions
🔄 5. Data Sharing and Disclosure
5.1 We Do NOT Sell Your Data
We never sell, rent, or trade merchant or customer data to third parties.
5.2 Limited Sharing Scenarios
We may share information only in these circumstances:
With Shopify:
- As required for core app functionality
- To process billing through Shopify's systems
- For app review and compliance purposes
Service Providers:
- Cloud hosting providers (with strict data agreements)
- Analytics services (aggregated, non-personal data only)
- Customer support tools (encrypted, access-controlled)
Legal Requirements:
- When required by law or legal process
- To protect our rights and prevent fraud
- In case of emergency to protect safety
5.3 Facebook Ads Integration
- Product export features generate files for Facebook advertising
- No personal data is included in exports
- Only product catalog information (IDs, titles, prices, images)
- Merchants control what data to export
🏪 6. Merchant Rights and Control
6.1 Your Rights
As a merchant, you have the right to:
- Access: Request copies of your stored data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your data (upon app uninstall)
- Portability: Export your data in common formats
- Restriction: Limit certain processing activities
6.2 Data Control
- Installation Control: You choose to install/uninstall the app
- Feature Control: You control which features to use
- Export Control: You decide what product data to export
- Settings Control: You manage all app settings and preferences
6.3 Uninstalling the App
When you uninstall our app:
- Active subscriptions are cancelled
- Generated links become inactive
- Store connection is terminated
- Data is marked for deletion within 30 days
🛡️ 7. End User Privacy Protection
7.1 Minimal Data Processing
- We don't collect personal information from your customers
- Checkout links redirect to Shopify's secure checkout
- No tracking cookies or pixels from our app
- Customer data remains with Shopify
7.2 Your Customers' Rights
Your customers maintain all privacy rights regarding:
- Their personal information (processed by Shopify)
- Checkout and payment data (handled by Shopify)
- Order history and preferences (stored by Shopify)
7.3 Compliance Assistance
We help you comply with privacy regulations by:
- Minimizing data collection
- Providing clear documentation
- Supporting your privacy policy requirements
- Enabling easy data deletion
🌍 8. International Data Transfers
8.1 Data Location
- Primary servers located in secure data centers
- Data may be processed in different jurisdictions
- All transfers comply with applicable privacy laws
8.2 Safeguards
- Adequate protection measures for international transfers
- Standard contractual clauses where required
- Compliance with GDPR, CCPA, and other regulations
📊 9. Cookies and Tracking
9.1 Our Use of Cookies
We use minimal cookies for:
- App authentication and session management
- Storing user preferences and settings
- Basic analytics (aggregated, non-personal)
9.2 Third-Party Cookies
- Shopify may set cookies for their platform functionality
- We don't control third-party cookies
- Refer to Shopify's privacy policy for their practices
⚖️ 10. Legal Compliance
10.1 GDPR Compliance (EU/UK)
- Lawful basis for processing: Legitimate interest and contract performance
- Data subject rights fully supported
- Data Protection Officer available upon request
- Privacy by design principles followed
10.2 CCPA Compliance (California)
- Transparent data collection practices
- Consumer rights supported
- No sale of personal information
- Opt-out mechanisms available
10.3 Other Jurisdictions
We comply with applicable privacy laws in all jurisdictions where we operate.
🔄 11. Policy Updates
11.1 Notification of Changes
- We'll notify you of material changes via email
- Updates posted in the app interface
- Continued use constitutes acceptance of changes
11.2 Version Control
- Previous versions available upon request
- Clear indication of what changed
- Reasonable notice period for significant changes
12.1 Privacy Questions
For privacy-related questions or requests:
Email: support@cartsmiths.com
12.2 Data Protection Officer
For GDPR-related inquiries: Email: support@cartsmiths.com
12.3 Response Time
- We respond to privacy requests within 30 days
- Urgent security matters addressed within 72 hours
- General inquiries answered within 5 business days
13.1 Children's Privacy
Our app is designed for business use and not intended for children under 13. We don't knowingly collect information from children.
13.2 Data Breach Notification
In case of a data breach, we will:
- Notify affected merchants within 72 hours
- Provide details of the incident and our response
- Assist with any required customer notifications
13.3 Regular Reviews
This privacy policy is reviewed and updated regularly to ensure:
- Accuracy of information
- Compliance with new regulations
- Reflection of current practices
✅ 14. Summary
What We Collect: Store and product data necessary for app functionality
What We Don't Collect: Personal information from your customers
How We Use It: To provide app features and improve our service
How We Protect It: Industry-standard security measures and encryption
Your Control: Full control over installation, settings, and data export
Our Commitment: We're committed to protecting your privacy and helping you maintain your customers' trust while providing valuable checkout optimization features.
This privacy policy is designed to be transparent and comprehensive. If you have any questions or concerns, please don't hesitate to contact us.