PRIVACY POLICY - EcomAppify

Last Updated: February 2026

INTRODUCTION

EcomAppify ("we," "us," "our," or "Company") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and safeguard your data when you use our platform, website, and services.

By using EcomAppify, you agree to this Privacy Policy. If you don't agree, please don't use our services.

1. INFORMATION WE COLLECT

1.1 Information You Provide

Account Registration: Name, email, phone, business name, password, business address
Payment Information: Billing address, credit card details, invoice records, subscription tier
Store Integration: Shopify/WordPress credentials, API keys, products, inventory, pricing
App Configuration: Brand name, logo, colors, app descriptions, customization settings
Support Communications: Emails, chat messages, support tickets, feedback
Marketing Data: Newsletter preferences, survey responses, interests

1.2 Information Collected Automatically

Device Information: Device type, OS, browser, IP address, device IDs
Usage Data: Pages visited, features used, time spent, clicks, uploads
Location: Approximate location based on IP address (not GPS)
Performance Data: Load times, errors, crashes, metrics
Cookies & Tracking: Session IDs, preferences, analytics tokens

1.3 Store Integration Data

When you connect Shopify or WordPress, we receive:

Product catalogs, descriptions, images, prices
Customer names and emails (order notifications only)
Order history and transaction data
Store analytics and metrics

Important: We do NOT store customer payment card information. Payment processing is handled by Shopify, WordPress, or your payment gateway.

2. HOW WE USE YOUR INFORMATION

We use your data to:

Create and manage your account
Build, publish, and maintain your mobile app
Sync your store data in real-time
Process payments and manage subscriptions
Provide customer support
Optimize platform performance
Fix bugs and security issues
Send account notifications and updates
Respond to support requests
Send billing emails and confirmations
Analyze usage for improvements
Detect fraud and prevent unauthorized access
Monitor account security
Comply with legal obligations
Enforce Terms of Service
Protect against cyber threats
Send newsletters and product updates (with consent)
Show personalized ads (with consent)
Measure marketing effectiveness

3. DATA SHARING WITH THIRD PARTIES

3.1 We Share Data With:

Service Providers: Hosting (AWS, Google Cloud), email services, payment processors
E-Commerce Platforms: Shopify, WordPress, WooCommerce (to sync your store)
App Stores: Apple App Store, Google Play Store (to publish your app)
Analytics Providers: Google Analytics, Mixpanel (to track performance)
Payment Processors: Stripe, PayPal, 2Checkout
Marketing Partners: Facebook, Google Ads, Meta (for advertising)
Legal/Compliance: Law enforcement, courts if required by law

3.2 What We DON'T Share:

Your store API credentials or passwords
Customer payment card information
Private business information without consent
Data with competitors or unrelated businesses
Personal information for marketing purposes

3.3 All third-party providers:

Sign Data Processing Agreements (DPAs)
Must protect your data with security measures
Can only use data for specified purposes
Cannot disclose to unauthorized parties
Must delete data upon request

4. COOKIES AND TRACKING

4.1 Cookies We Use:

Essential: Keep you logged in, authentication, security (Session to 1 year)
Analytics: Track behavior, improve features (2 years)
Marketing: Personalized ads, campaign performance (1-2 years)
Third-Party: Social media, external analytics (Varies)

4.2 Other Tracking:

Web beacons (track page views, email opens)
Pixels (monitor actions, conversions)
Local storage (data on your device)
Device fingerprinting (security purposes)

4.3 Control Your Cookies:

Block cookies in browser settings
Delete cookies anytime
Opt out of Google Analytics: https://tools.google.com/dlpage/gaoptout
Manage ads: https://adssettings.google.com
Enable "Do Not Track" in browser (not all sites honor it)

Note: Blocking essential cookies may affect platform functionality.

5. DATA SECURITY

5.1 Our Security Measures:

SSL/TLS Encryption: All data in transit is encrypted
Data Encryption: Data at rest is encrypted with AES-256
Secure Servers: Enterprise-grade hosting infrastructure
Access Controls: Strict authentication and authorization
Two-Factor Authentication: Optional 2FA for accounts
Regular Audits: Security assessments and penetration testing
PCI DSS Compliance: Payment card data security standards
Employee Training: Regular security awareness training
Incident Response: 24/7 monitoring and rapid response

5.2 What You Should Do:

Use strong, unique passwords
Enable two-factor authentication
Don't share login credentials
Log out from public devices
Report suspicious activity immediately

6. YOUR PRIVACY RIGHTS

6.1 You Have the Right To:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request data deletion (with exceptions)
Portability: Export your data in standard formats
Restrict: Limit how we use your data
Withdraw Consent: Stop marketing communications anytime
Object: Oppose certain data processing activities

6.2 How to Exercise Rights:

Email us at privacy@ecomappify.com with:

Your full name and account email
Clear description of your request
Any relevant details

We'll respond within 30 days (may extend to 60-90 days for complex requests).

6.3 Unsubscribe:

Click "Unsubscribe" in any marketing email or update preferences in your account settings.

7. DATA RETENTION

Account Data: Retained while you're a customer + 6 months after cancellation
Payment Records: Retained for 7 years (legal/tax requirements)
Analytics Data: Aggregated and anonymized after 24 months
Support Tickets: Deleted after 2 years
Marketing Data: Deleted when you unsubscribe
Cookies: Clear automatically based on expiration dates
Backup Data: May retain for up to 30 days for recovery purposes

You can request data deletion anytime. Some data may be retained for legal compliance.

8. CHILDREN'S PRIVACY

EcomAppify is NOT intended for children under 18
We don't knowingly collect data from minors
If we discover we've collected data from a child, we'll delete it immediately
Parents/guardians who believe a child's data was collected can contact us

9. INTERNATIONAL DATA TRANSFERS

EcomAppify operates globally. Your data may be transferred to, and stored in, countries outside the UAE, including:

United States
European Union
Canada
Other countries where we have service providers

These countries may have different privacy laws than the UAE. By using EcomAppify, you consent to these transfers.

For EEA/UK residents: We comply with GDPR and transfer data with appropriate safeguards (Standard Contractual Clauses).

10. GDPR, CCPA, AND LOCAL PRIVACY LAWS

10.1 GDPR (EU Users):

You have rights including access, correction, deletion, portability, and objection. We process data based on:

Contract (providing services)
Consent (marketing, analytics)
Legal obligations (compliance)
Legitimate interests (security, improvement)

10.2 CCPA (California Residents):

You have rights to know, delete, opt-out of sale, and non-discrimination. We don't "sell" personal information for marketing purposes.

10.3 UAE Data Protection Laws:

We comply with UAE privacy regulations and local data protection requirements.

11. THIRD-PARTY LINKS

Our website may contain links to third-party sites (Shopify, WordPress, etc.). We're not responsible for their privacy practices. Review their privacy policies before sharing information.

12. CHANGES TO THIS POLICY

We may update this Privacy Policy anytime. Changes are effective immediately when posted. If changes are significant, we'll notify you via email or platform announcement.

Your continued use of EcomAppify after changes means you accept the updated policy.