Privacy Policy

This Privacy Policy explains how Shoble collects, uses, and protects information when you use our app "Shoble - B2B Leads" on the Shopify platform.

Information We Collect

a. From Shops

When a merchant installs our app, we may collect and store:

  • Session: We are tracking the active sessions of the shop.
  • Events: We establish a connection between the Customer events and your Shopify store.
  • Scores: Merchants can define their own scoring system for each customer event type.
  • Customers: We are querying the customer data from the Shopify store.
  • Product (Variants): We are querying the product data from the Shopify store.
  • Web Pixels: We are managing a Web Pixel extension for the Shopify store. This extension is used to track customer events.

b. From Merchants (Store Owners)

When a merchant installs our app, we may collect and store:

  • User Session: We are tracking the active sessions of the user.

c. From Customers (Store Visitors)

Our app may access customer data stored by the merchant's Shopify store, such as:

  • Customer Details: Contact information.
  • Customer Events
  • IP Address: We may use the IP address of the customer for tracking purposes and to create a relationship between the customer and an organization. This ip address is not stored and is only used during an HTTP request.

Personal Data Stored

To be more specific, we would likt to highlight all individual data fields we store.

Session

  • ID: Unique identifier for the session.
  • Shop Domain: Unique identifier for the shop.
  • State: The state of the session.
  • Is Online: Indicates whether the session is online.
  • Scope: The scope of permissions for the session.
  • Expires: The expiration date of the session.
  • Access Token: The access token for the session.
  • User ID: The user ID associated with the session (if available).
  • First Name: The first name of the user (if available).
  • Last Name: The last name of the user (if available).
  • Email: The email address of the user (if available).
  • Account Owner: Indicates whether the user is the account owner.
  • Locale: The locale or language preference of the user (if available).
  • Collaborator: Indicates whether the user is a collaborator (if available).
  • Email Verified: Indicates whether the user's email address is verified (if available).

Events

  • ID: Unique identifier for the event.
  • Shop: The shop associated with the event.
  • Shopify ID: Unique identifier from Shopify.
  • Name: Name of the event.
  • Type: Type of the event.
  • Timestamp: The time the event occurred.
  • Client ID: Identifier for the client.
  • Customer ID: Identifier for the customer (if available).
  • Document URL: URL of the document related to the event.
  • User Language: Language of the user during the event.
  • User Agent: User agent string of the client.
  • Organization ID: Identifier for the associated organization.
  • Geolocation: Includes continent, country, region, city, district, postal code, latitude, longitude, and timezone.
  • Products: List of products associated with the event.

Organization

  • ID: Unique identifier for the organization.
  • AS: Autonomous system identifier (unique).
  • Name: Name of the organization.
  • Events: List of events associated with the organization.

Event Product

  • ID: Unique identifier for the event product relation.
  • Product Variant ID: Identifier for the product variant.
  • Event ID: Identifier for the associated event.

Personal Data Processed

In addition to the stored data, we also process the following information:

Event & IP Address Tracking

Whenever a customer visits a shop, we are allowed to collect Customer Events and IP data using a Shopify Web Pixel in case the customer has accepted the cookies for Marketing and Analytics. The IP address is not stored and is only used during the HTTP request. The IP address is sent without any customer relationship to a 3rd party service (ip-api.com) to determine the network and location of the customer.

Customer Contact Information

We are storing references to the customer on each Event. By installing our app, the merchant agrees to share the customer data with us. Then we are able to query the customers contact information including:

  • First Name
  • Last Name
  • Email

Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of
  • Providing the app and its features to the merchant and their customers.
  • Complying with our legal obligations, resolving disputes, and enforcing our agreements.
We will delete all personal data after 48 hours if the app is uninstalled by the merchant.

Data Security

Web Service

We are serving our app on https://shoble.io. The app is hosted on a secure Nectup server and all data is transmitted over HTTPS. The service is built with Remix and meets all requirements of a Shopify app.

Data Storage

The data is stored in a encrypted PostgreSQL database. The database is hosted on the same server as the Web Service.

Data Protection Rights

The Right to Access

As a customer, you can request a copy of your personal data from the Shopify Store owner. The Store owner is able to request the data from us. We will provide the data in a machine-readable format according to the Shopify API:Shopify Help - Processing Customer Data Requests. As a store owner, you can request a copy of your personal data from us using the Contact information from our website. We will reach out to you and provide the data in a machine-readable format.

The Right to Rectification

You can request the correction of your personal data if it is inaccurate or incomplete. The Store owner is able to request the rectification from us.

The Right to Erasure

As a customer, you can request the deletion of your personal data from the Shopify Store owner. The Store owner is able to delete the data from us. We will delete the data according to the Shopify API:Shopify Help - Processing Customer Data Requests. As a store owner, you can simply uninstall the app from your store and we will delete all your data after 48 hours as documented in the Shopify API: Shopfy Dev - Privacy Law Compliance

The Right to Restrict / Object Processing

You can restrict the following data processing:
  • Tracking of Events & IP-Address: You can opt-out of the tracking by not accepting the cookies for Marketing and Analytics.
Feel free to contact us if you have any questions regarding the data processing.

The Right to Data Portability

You are entitled to receive the personal data sent to 3rd party services under the following conditions:
  • We do not store IP Addresses we have sent to 3rd party services. Therefore, we can provide you the resulting Event data only.

Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at info@shoble.io

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via the app.