Privacy Policy

Last updated: February 12, 2025

This Privacy Policy describes how DuoTrio Apps ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use our websites, Shopify applications, and related services (collectively, the "Services"). This policy applies to all applications developed and published by DuoTrio Apps on the Shopify App Store and any associated websites.

By installing, accessing, or using any of our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this policy, please do not use our Services.

1. Information We Collect

1.1 Information You Provide Directly

When you interact with our Services, you may voluntarily provide us with certain information, including:

• Account Information: Your name, email address, and contact details when you create an account, contact support, or subscribe to our communications.
• Communication Data: Any information you include in emails, support tickets, or other correspondence with us.
• Feedback and Survey Data: Responses to surveys, reviews, or feedback forms you voluntarily complete.

1.2 Information Collected Through Shopify

When you install one of our Shopify apps, we may access certain information from your Shopify store as authorized by Shopify's API permissions. This may include:

• Store Information: Store name, domain, address, email, currency, timezone, and Shopify plan details.
• Product Data: Product titles, descriptions, prices, images, variants, inventory levels, collections, and tags.
• Order Data: Order details, customer purchase history, transaction information, fulfillment status, and shipping information.
• Customer Data: Customer names, email addresses, shipping/billing addresses, phone numbers, and purchase history as necessary for the app's functionality.
• Theme and Storefront Data: Theme settings, templates, and storefront configuration as required by theme app extensions.
• Discount and Pricing Data: Discount codes, price rules, automatic discounts, and related configurations.

The specific data accessed depends on the individual app you install and the permissions it requests. Each app's Shopify listing details the exact permissions required.

1.3 Information Collected Automatically

When you use our Services, we may automatically collect certain technical information, including:

• Usage Data: Features used, actions taken within the app, frequency and duration of usage, and error reports.
• Device and Browser Information: Browser type and version, operating system, device type, screen resolution, and language preferences.
• Log Data: IP address, access times, pages viewed, referring URLs, and interaction data.
• Cookies and Similar Technologies: We may use cookies, local storage, and similar technologies for authentication, preferences, and analytics purposes (see Section 6).

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Service Delivery and Operations

• To provide, maintain, and improve our Shopify applications and related services.
• To process and fulfill the core functionality of each app (e.g., managing bundles, processing discounts, generating labels, etc.).
• To authenticate your identity and manage your account.
• To process billing and subscription management through Shopify's billing system.

2.2 Communication

• To respond to your inquiries, support requests, and feedback.
• To send important service-related notices, such as updates, security alerts, and changes to our terms or policies.
• To provide onboarding guidance and feature announcements related to our apps.

2.3 Improvement and Analytics

• To analyze usage patterns and trends to improve our Services.
• To diagnose technical issues, debug errors, and optimize performance.
• To develop new features and products based on aggregated usage insights.

2.4 Legal and Compliance

• To comply with applicable laws, regulations, and legal processes.
• To enforce our Terms of Use and other agreements.
• To protect the rights, property, and safety of DuoTrio Apps, our users, and the public.

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following circumstances:

3.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our Services, including:

• Hosting and Infrastructure: Cloud hosting providers that store and process data on our behalf.
• Analytics: Services that help us understand how our apps are used (data is anonymized and aggregated where possible).
• Error Monitoring: Services that help us detect, diagnose, and fix technical issues.

These providers are contractually obligated to use your information only as necessary to provide their services to us and are required to maintain appropriate security measures.

3.2 Shopify

As our apps operate within the Shopify platform, certain data is shared with and processed by Shopify in accordance with Shopify's Privacy Policy. Billing for our apps is processed through Shopify's billing system.

3.3 Legal Requirements

We may disclose your information if required to do so by law, or if we believe in good faith that such disclosure is necessary to:

• Comply with a legal obligation, subpoena, court order, or governmental request.
• Protect and defend the rights or property of DuoTrio Apps.
• Prevent or investigate possible wrongdoing in connection with our Services.
• Protect the personal safety of users of the Services or the public.

3.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

4. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including:

• Active Use: While your Shopify app is installed and active, we retain the data necessary for the app to function.
• After Uninstallation: Upon uninstalling one of our apps, we will delete or anonymize your store data within 30 days, unless retention is required by law or for legitimate business purposes (such as resolving disputes or enforcing our agreements).
• Support Records: Communication records may be retained for up to 12 months after your last interaction for quality assurance and training purposes.
• Aggregated Data: Anonymized and aggregated data that cannot be used to identify you may be retained indefinitely for analytical purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS/SSL protocols.
• Encryption of sensitive data at rest.
• Regular security assessments and code reviews.
• Access controls and authentication mechanisms to limit data access to authorized personnel.
• Secure coding practices following industry standards and Shopify's security guidelines.

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee its absolute security.

6. Cookies and Tracking Technologies

Our Services may use the following types of cookies and similar technologies:

• Essential Cookies: Required for the basic functionality of our apps, such as authentication and session management. These cannot be disabled.
• Functional Cookies: Used to remember your preferences and settings within our apps.
• Analytics Cookies: Help us understand how our apps are used, which features are popular, and where users encounter issues. This data is collected in aggregate form.

We do not use advertising or marketing tracking cookies. We do not track users across third-party websites.

You can control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of our Services.

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

7.1 For All Users

• Access: You may request a copy of the personal information we hold about you.
• Correction: You may request that we correct any inaccurate or incomplete personal information.
• Deletion: You may request that we delete your personal information, subject to certain exceptions.
• Data Portability: You may request a copy of your data in a structured, commonly used, and machine-readable format.
• Objection: You may object to the processing of your personal information in certain circumstances.

7.2 For EEA, UK, and Swiss Residents (GDPR)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR), including:

• The right to restrict processing of your personal information.
• The right to withdraw consent at any time (where consent is the legal basis for processing).
• The right to lodge a complaint with a supervisory authority in your jurisdiction.

Our legal bases for processing your information include: performance of a contract (providing our Services), legitimate interests (improving our Services), consent (where applicable), and compliance with legal obligations.

7.3 For California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what personal information is collected, used, shared, or sold.
• Delete personal information held by us and by extension our service providers.
• Opt-out of the sale or sharing of personal information. (Note: We do not sell your personal information.)
• Non-discrimination for exercising your privacy rights.

7.4 Exercising Your Rights

To exercise any of the rights described above, please contact us at support@duotrioapps.com. We will respond to your request within 30 days (or sooner if required by applicable law). We may need to verify your identity before processing your request.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We ensure appropriate safeguards are in place for such transfers, including:

• Standard contractual clauses approved by the European Commission.
• Ensuring our service providers maintain adequate levels of data protection.

9. Children's Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to delete that information promptly. If you believe we may have collected information from a child under 16, please contact us at support@duotrioapps.com.

10. Third-Party Links and Services

Our Services may contain links to third-party websites, services, or applications. This Privacy Policy does not apply to those third-party services. We are not responsible for the privacy practices of third-party services and encourage you to review their respective privacy policies before providing any personal information.

11. Shopify-Specific Provisions

11.1 Shopify App Store

Our apps are distributed through the Shopify App Store. Your installation and use of our apps is also subject to Shopify's Terms of Service and Shopify's Privacy Policy.

11.2 Data Processing

We process store and customer data solely as a data processor on behalf of the Shopify merchant (the data controller). Merchants are responsible for obtaining any necessary consents from their customers for the use of apps that access customer data.

11.3 App Permissions

Each of our apps requests only the minimum Shopify API permissions necessary for its functionality. You can review the required permissions on each app's Shopify App Store listing before installation.

11.4 Webhook and API Data

Our apps may receive data through Shopify webhooks and API calls. This data is processed in real-time for the app's functionality and is subject to all data protection measures described in this policy.

11.5 GDPR Compliance for Shopify

Our apps comply with Shopify's mandatory GDPR webhooks, including:

• Customer Data Request: We respond to requests for customer data by providing all stored data related to the specified customer.
• Customer Data Erasure: We honor requests to delete customer data by removing all stored data related to the specified customer.
• Shop Data Erasure: Upon receiving a shop data erasure request (typically after app uninstallation), we delete all data associated with the store within 30 days.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this page.
• Provide notice through our apps or via email for significant changes.
• Where required by law, obtain your consent before applying changes.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: support@duotrioapps.com
• Company: DuoTrio Apps

We will respond to your inquiry within a reasonable timeframe and no later than 30 days from receipt.