1. Introduction
This Privacy Policy describes how Deal Room ("we", "us", or "our") collects, uses, and shares information when you use our Shopify application (the "App"). We are committed to protecting your privacy and ensuring the security of your data.
2. Information We Collect
2.1 Shopify Store Data
When you install and use our App, we collect the following information from your Shopify store:
- Store Information: Store name, domain, currency, and contact details
- Abandoned Checkouts: Customer emails, cart contents, cart values, and timestamps
- Discount Codes: Discount codes created through our App and their usage metrics
- Customer Data: Email addresses and cart behavior for abandoned cart recovery
2.2 Klaviyo Integration Data
If you connect your Klaviyo account, we collect:
- API Credentials: Klaviyo API tokens for integration
- List Information: Klaviyo list IDs and names for customer exports
- Profile Data: Information synced between our App and Klaviyo
2.3 Usage Information
- App interaction logs and feature usage
- Performance metrics and error reports
- Settings and configuration preferences
3. How We Use Your Information
We use the collected information for the following purposes:
- Core Functionality: To provide abandoned cart recovery features, generate discount codes, and export customer lists to Klaviyo
- Analytics: To display dashboard statistics and insights about abandoned carts and recovery rates
- Service Improvement: To improve our App's features, performance, and user experience
- Support: To provide customer support and respond to your inquiries
- Communication: To send important updates about the App (with your consent)
4. Data Sharing and Disclosure
We do not sell your data. We may share your information only in the following circumstances:
- Klaviyo: Customer data is shared with Klaviyo only when you explicitly authorize the integration and initiate an export
- Service Providers: We use trusted third-party service providers (e.g., hosting services, database providers) who help us operate the App. These providers are bound by confidentiality agreements
- Legal Requirements: We may disclose information if required by law, court order, or legal process
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity
5. Data Storage and Security
We implement industry-standard security measures to protect your data:
- Encryption: Data is encrypted in transit using TLS/SSL and at rest
- Access Controls: Strict access controls limit who can view or modify your data
- Regular Audits: We conduct regular security audits and updates
- Data Centers: Data is stored in secure, SOC 2 compliant data centers
However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
6. Data Retention
We retain your data for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy. Specifically:
- Active Stores: Data is retained while you have the App installed
- After Uninstall: Upon uninstallation, we delete or anonymize your data within 30 days, except where retention is required by law
- Backup Data: Backup copies may be retained for up to 90 days for disaster recovery purposes
7. Your Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of the data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your data (subject to legal requirements)
- Portability: Request data in a portable format
- Objection: Object to certain processing activities
- Withdrawal: Withdraw consent where processing is based on consent
To exercise these rights, please contact us at the email address below.
8. Cookies and Tracking
Our App uses essential cookies and similar technologies to:
- Authenticate your session within Shopify
- Remember your preferences and settings
- Analyze App performance and usage patterns
We do not use third-party advertising cookies or trackers.
9. Children's Privacy
Our App is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.
10. International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Updating the "Last Updated" date at the top of this page
- Sending an email notification to registered users
- Displaying a prominent notice within the App
Your continued use of the App after changes become effective constitutes acceptance of the updated policy.
12. GDPR Compliance (EU Users)
If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):
- Legal Basis: We process your data based on contract performance, legitimate interests, or consent
- Data Protection Officer: You may contact our DPO for GDPR-related inquiries
- Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
13. CCPA Compliance (California Users)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information:
- Right to Know: You can request information about data we've collected
- Right to Delete: You can request deletion of your personal information
- Right to Opt-Out: We do not sell personal information, so no opt-out is necessary
- Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
We will respond to your inquiry within 30 days.