Privacy Policy

Cart Insights Privacy Policy

Cart Insights ("the App") provides shopping cart activity data ("the Service") to merchants who use Shopify to power their stores. This Privacy Policy describes how personal information is collected, used, and shared when you install or use the App in connection with your Shopify-supported store. You can also read more about our practices on the Protected Customer Data Compliance page.

Personal Information the App Collects

When you install the App, it is automatically able to access certain types of information from your Shopify account as well as request data that is sent by Shopify to the App.

The following Shopify API access permissions are requested upon installation of the App so that it can function:

• read_products: in order to display a shop's customer cart activity, the App requests product data via the Shopify API such as the product title, variant image URL, and variant title.
• read_customers: in order to display customer data in the context of customer cart activity within the App.
• read_orders: in order to display order data in the context of customer cart activity within the App, namely to show when a cart converted into an order and to be able to create a link to view the order in the Shopify Admin console.

Data Retention

Data collected and stored by the App is automatically deleted from our database after it is not used by the App or updated by subsequent same customer activity for 62 days. CSV reports that are generated by a merchant are automatically deleted from AWS storage after 92 days.

How Do We Use Your Personal Information?

We use the personal information we collect from you and your customers in order to provide the Service and to operate the App. Additionally, we use this personal information to communicate with you; optimize, troubleshoot, or improve the App; and provide you with information relating to our products or services.

Sharing Your Personal Information

Information about the shop that has installed the App, and information about any customer activity and data collected by the App is never shared with any third parties.

Finally, we may also share your personal information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

GDPR Compliance

The App is compliant with Shopify GDPR Mandatory Webhooks as described here: https://help.shopify.com/en/api/guides/gdpr-resources

• GDPR customers/redact: Requests deletion of customer data.
• GDPR shop/redact: Requests deletion of shop data.
• GDPR customers/data_request: Requests to view stored customer data.

Your Rights

If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us using the contact information below.

Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.

Changes

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

Contact Us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at info@onspruce.com or by mail using the details provided below:

Data Protection Officer Contact Information:
K. Gorshkov
kg@onspruce.com
onspruce solutions
9 Lake Street
Kirkland, WA 98033
US