Privacy Policy

Last updated: January 20, 2025

1. Information We Collect

When you use Offero : Make an Offer, we collect the following information:

1.1 Shop Information

• Shop Domain: Your Shopify store domain
• Settings: App configuration, discount limits, counter-offer settings
• Authentication: OAuth access tokens (encrypted)

1.2 Customer Offer Data

• Personal Information: Customer name and email address
• Offer Details: Product ID, original price, offered price, quantity
• Technical Data: IP address, user agent, timestamp
• Status: Offer status (pending, accepted, rejected, counter-offered)

1.3 Analytics Data

• Aggregated statistics (total offers, acceptance rate, conversion rate)
• Daily metrics (offers submitted, accepted, rejected per day)
• Revenue generated from accepted offers
• Average discount percentages

1.4 Usage Data

• How you interact with the app (features used, settings changed)
• Button visibility rules (products/collections selected)
• Email template customizations
• Popup trigger configurations

2. How We Use Your Information

We use the collected information to:

• Provide the Service: Process customer offers and generate discount codes
• Send Notifications: Email customers about accepted offers and counter-offers
• Analytics: Track offer performance and provide statistics
• Anti-Spam: Prevent abuse with rate limiting and customer blocking
• Improve the App: Enhance features and user experience
• Customer Support: Help resolve issues and answer questions
• Compliance: Meet legal and regulatory requirements

3. Data Storage and Security

Your data is stored securely using industry-standard practices:

• Encryption: All database connections use SSL/TLS encryption
• Access Controls: Role-based access and authentication
• Secure Hosting: Enterprise-grade cloud infrastructure
• Regular Backups: Automated daily backups with encryption
• Security Audits: Regular vulnerability scanning

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share data only in these specific cases:

• With Your Consent: When you explicitly authorize sharing
• Service Providers: Email delivery services (for offer notifications)
• Legal Requirements: When required by law or legal process
• Protection of Rights: To protect our rights, safety, or property
• Business Transfers: In case of merger, acquisition, or asset sale

5. Your Rights (GDPR Compliance)

If you are in the EU/EEA, you have the following rights:

• Right to Access: Request a copy of all data we store about you
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Portability: Export your data in a machine-readable format
• Right to Objection: Object to certain data processing activities
• Right to Restriction: Limit how we process your data

To exercise these rights, contact us at [email protected]

6. Data Retention

We retain your data as follows:

• Active Shops: Data retained while app is installed
• After Uninstall: 48-hour grace period for re-installation
• Final Deletion: All data deleted within 48 hours of uninstall (GDPR requirement)
• Backup Retention: Encrypted backups purged after 30 days
• Analytics: Aggregated data may be retained anonymously for service improvement

7. Customer Data Processing

When customers submit offers on your store, we process their data as a data processor on your behalf. You remain the data controller and are responsible for:

• Obtaining proper consent from customers
• Providing privacy notices on your website
• Handling data subject requests (access, deletion, etc.)
• Complying with applicable privacy laws

8. Cookies and Tracking

We use the following cookies and tracking technologies:

• Session Cookies: Maintain your login session (required)
• Preference Cookies: Remember your settings and choices
• Analytics Cookies: Understand how you use the app (anonymized)

We do not use third-party advertising cookies or trackers.

9. Email Communications

We send emails for:

• Transactional: Offer acceptance notifications (cannot opt-out)
• Service Updates: Important app changes and updates
• Security Alerts: Security-related notifications

You can customize email templates in the app settings. Customers receive emails only when their offers are accepted.

10. Third-Party Services

We integrate with:

• Shopify: For store data, authentication, and discount code creation
• Email Service: For sending offer acceptance notifications

These services have their own privacy policies and we share only necessary data.

11. Children's Privacy

Our service is not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

12. International Data Transfers

Your data may be processed in countries outside your own. We ensure appropriate safeguards are in place, including:

• Standard contractual clauses
• Adequacy decisions by the EU Commission
• Compliance with Privacy Shield principles (where applicable)

13. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

• Notify you within 72 hours of discovery
• Describe the nature of the breach
• Explain measures taken to address it
• Provide guidance on protective steps you can take

14. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of material changes via:

• Email notification to your shop email
• In-app banner notification
• Updated "Last modified" date at the top of this page

Continued use after changes constitutes acceptance of the updated policy.

15. Contact Us

For any questions about this Privacy Policy, data requests, or privacy concerns:

• Email: [email protected]
• Subject Line: "Privacy Request - Offero"
• Response Time: Within 48 hours