← Back to Home

1. Information We Collect

1.1 Information You Provide Directly

• Account Information: When you install our app, we collect your Shopify store information, including store name, email address, and basic store details.
• Configuration Data: Settings and preferences you configure within our app.
• Contact Information: Email address and other contact details when you reach out for support.

1.2 Information Collected Through Shopify's APIs

We collect the following information through Shopify's APIs to provide our UTM tracking and analytics services:

• Order Data: Order information including order ID, total amount, products purchased, and timestamps for conversion tracking and attribution
• Product Information: Product names, SKUs, categories, and pricing for analytics and reporting purposes
• Customer Data: Customer email addresses, names, and order history for attribution analysis (processed in accordance with data protection requirements)
• Store Analytics: General store performance metrics and traffic data

1.3 Information Collected Automatically

• UTM Parameters: Source, medium, campaign, term, and content parameters from your marketing campaigns
• Analytics Data: Website visitor behavior, page views, conversion events, and e-commerce transactions
• Geographic Information: General location data based on IP addresses (country, region, city level)
• Device Information: Browser type, device type, operating system, and user agent strings
• Referrer Data: Information about the websites that refer traffic to your store
• Usage Logs: Automated logs relating to your use of our app for troubleshooting and service improvement

1.4 Information Collected from Merchants' Customers

We may collect information directly from your store's customers through:

• Tracking Technologies: Cookies and similar technologies to track UTM parameters and campaign attribution
• Behavioral Data: Information about how customers visit and navigate your store for analytics purposes

2. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: To provide UTM tracking, analytics, and reporting services.
• Performance Analysis: To analyze marketing campaign performance and provide insights.
• Conversion Tracking: To track and attribute conversions to specific marketing campaigns.
• App Improvement: To improve our app's functionality and user experience.
• Customer Support: To provide technical support and respond to your inquiries.
• Security: To detect, prevent, and address technical issues and security threats.

3. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

3.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our app, such as:

• Cloud hosting providers (for data storage and processing)
• Analytics services (for app performance monitoring)
• Customer support tools

3.2 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety.

3.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

4. Data Security

We implement appropriate technical and organizational security measures to protect your information:

• Encryption: Data is encrypted in transit and at rest using industry-standard protocols.
• Access Controls: Strict access controls limit who can access your data.
• Regular Audits: We conduct regular security audits and assessments.
• Secure Infrastructure: Our systems are hosted on secure, compliant cloud infrastructure.

5. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

• Analytics Data: Retained for up to 2 years for historical analysis and reporting.
• Account Information: Retained while your account is active and for 30 days after app uninstallation.
• Legal Compliance: Some data may be retained longer if required by law.

6. Your Rights and Choices

We provide the same privacy rights for all personal data, regardless of where you are located. You have the following rights:

6.1 Data Subject Rights

• Access: Request access to your personal information we hold and receive a copy of your data
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal requirements and data retention obligations)
• Portability: Request a copy of your data in a portable, machine-readable format
• Restriction: Request restriction of how your personal data is processed
• Objection: Object to certain types of data processing
• Opt-out: Opt-out of certain data processing activities, including marketing communications

6.2 Mandatory Compliance Webhooks

As required by Shopify, we have implemented mandatory compliance webhooks to handle data subject requests:

• Data Requests (customers/data_request): When customers request their data from a store owner, we will provide the requested customer data within 30 days
• Customer Data Deletion (customers/redact): When store owners request customer data deletion, we will delete or anonymize the specified customer data within 30 days
• Shop Data Deletion (shop/redact): When a shop is deleted, we will delete all associated shop data within 30 days

6.3 How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within 30 days and may require verification of your identity before processing your request.

7. Cookies and Tracking Technologies

Our app uses cookies and similar tracking technologies to:

• Track UTM parameters and campaign attribution
• Analyze user behavior and website performance
• Provide personalized experiences
• Ensure proper app functionality

You can control cookie settings through your browser, but disabling cookies may affect app functionality.

8. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contractual Necessity: Processing necessary to provide our app services and fulfill our contract with you
• Legitimate Interests: Processing for our legitimate business interests, such as improving our services, security, and analytics
• Consent: Where you have provided specific consent for certain processing activities
• Legal Obligation: Processing required to comply with legal obligations, including data protection laws

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States where our servers are located. We ensure appropriate safeguards are in place for international transfers, including:

• Standard Contractual Clauses: We use European Commission-approved standard contractual clauses for transfers from the EEA
• Adequacy Decisions: We rely on adequacy decisions by relevant authorities where available
• Data Processing Agreements: We maintain appropriate data processing agreements with our service providers
• Security Measures: We implement additional security measures for international data transfers

If you are located in the European Economic Area (EEA), United Kingdom, or other regions with specific data transfer requirements, we ensure that transfers comply with applicable data protection laws.

10. Children's Privacy

Our services are not intended for children under 13 years of age (or under 16 in the European Economic Area). We do not knowingly collect personal information from children under these ages. If we become aware that we have collected such information, we will take steps to delete it promptly.

11. Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our data protection practices and ensure compliance with applicable privacy laws. You can contact our DPO regarding any data protection matters at contact@sparkcoder.com.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending an email notification to your registered email address
• Providing notice through our app interface
• For material changes, providing at least 30 days' notice before the changes take effect

Your continued use of our services after any changes constitutes acceptance of the updated Privacy Policy.

13. Compliance with Shopify Requirements

As a Shopify app, we comply with:

• Shopify's App Store Requirements and Guidelines
• Shopify's API Terms of Service
• Shopify's Privacy Requirements for Apps
• Shopify's Protected Customer Data Requirements
• Applicable data protection laws (GDPR, CCPA, CPRA, Virginia CDPA, Colorado CPA, etc.)
• Mandatory compliance webhook requirements