EasifyApps (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you use any of our apps (collectively, “the Apps”) or visit our website. We comply with the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws.
This policy applies to all users of our Apps and website, including individuals and businesses.
1. Data We Collect
Depending on the Easify app you use, we may process the following types of data:
Merchant Data:
- Store information (Shopify domain, contact email, store plan)
- App settings and configurations
Access Scopes: We request permission to the configured scopes during installation in accordance with Shopify’s API and permission model.
Customer Data (Processed on Behalf of the Merchant)
Depending on the features enabled in the app, we may process customer data strictly on behalf of the merchant, such as:
- Order-related data: Customizations tied to customer orders.
- Customer information (if required for app functionality):
- Name
- Phone number
- Shipping or billing address
Important:
We do not access or process payment information or customer contact details unless explicitly required by the app’s features and clearly documented in our app description and privacy terms.
The Easify app complies with Shopify’s Protected Customer Data requirements, and only requests access to such data where necessary and approved.
2. How We Collect Data
We collect data through the following methods, depending on how you use the Easify app:
Shopify API Integration
When you install and authorize the Easify app, we receive data from your store through Shopify’s API based on the permission scopes you grant. This includes:
- Store-level data (e.g., domain, email, plan)
- Product, order, and customer information (if relevant to the app’s functionality)
- App configuration and usage preferences
All data access is strictly limited to the scopes you approve during installation and managed securely in compliance with Shopify’s API access requirements.
Merchant-Provided Input
You may provide additional information directly through the app’s interface, such as:
- App settings and custom rules
- Manual input (e.g., product-specific options or UI configurations)
This data is stored only to enable the app’s core features and improve functionality.
Customer Interactions (Processed on Your Behalf)
If the Easify app includes features that interact with your customers (e.g., product customizations, upsells, or widgets), we collect relevant inputs from the customer during their interaction with your storefront, such as:
- Product option selections
- Order-linked metadata
- Customer name, email, phone, or address – only if required by the app and permitted by the store
This data is processed solely on your behalf and is not used for any independent purpose.
3. How We Use Your Data
We only process personal data as necessary to operate and improve the Easify app. Specifically, we use your data to:
- Deliver Core App Functionality
Enable features based on your store’s configuration, such as product options, dynamic content, or order enhancements. - Fulfill Merchant Settings and Preferences
Apply and store app settings, logic rules, and interface configurations you define. - Provide Support and Troubleshoot Issues
Access relevant store or order data when needed to investigate bugs, resolve issues, and respond to your support requests.
What We Do Not Do
- We do not use your data for advertising, marketing, or profiling.
- We do not sell, rent, or share your data with third parties for commercial purposes.
- We do not access customer payment or billing details.
All data is processed only to the extent required for the app’s intended functionality and in accordance with Shopify’s platform rules and UK GDPR obligations.
4. Data Location & Security
We are committed to protecting the confidentiality and integrity of your data.
Data Storage & International Transfers
We use secure server infrastructure to store and process data. Depending on your location and the services required, your data may be stored or processed on servers located outside of the United Kingdom, including in countries such as the United States.
To ensure that international data transfers comply with applicable data protection laws (such as the UK GDPR), we rely on:
- Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office (ICO) and/or European Commission
- Legally recognized safeguards for cross-border data transfers
Security Measures
We implement appropriate technical and organizational measures to protect personal data, including:
- Industry-standard encryption (at rest and in transit)
- Access control protocols to restrict data to authorized personnel only
- Ongoing monitoring and auditing of data infrastructure
- Internal data handling policies to prevent misuse or unauthorized access
We regularly review our data protection practices to ensure compliance with Shopify’s platform standards and applicable legal requirements
5. Sub-processors
We work with a limited number of trusted third-party service providers (sub-processors) to help us deliver, maintain, and support the Easify app. These sub-processors may process certain types of personal data on our behalf, strictly for the purposes of providing infrastructure or support services.
Our Sub-processors Include:
- Cloud infrastructure providers: Akamai, Runcloud — used for secure data hosting and computing.
- Customer support platforms: Crisp — used to manage support communication between merchants and our team.
Data Protection Safeguards
All sub-processors are subject to:
- Strict contractual agreements, including Data Processing Agreements (DPAs) where required
- Compliance obligations under the UK General Data Protection Regulation (UK GDPR) and other applicable laws
- Technical and organizational security measures to ensure appropriate data protection
We review our sub-processors periodically and ensure that data is only shared with them to the extent necessary for their function. A full list of sub-processors can be made available upon request by contacting us at info@easifyapps.com
6. Data Retention
We retain personal and store-related data only for as long as necessary to:
- Provide the Easify app’s core functionality
- Comply with our legal obligations
- Resolve disputes and enforce our agreements
Once data is no longer required for these purposes, it is securely deleted or anonymized.
Merchant Control & Deletion Requests
As a merchant, you may request deletion of your app-related data at any time by:
- Uninstalling the app from your Shopify store (which triggers automated data removal within a defined retention window)
- Contacting our support team directly to request full deletion of stored data
We process deletion requests in accordance with Shopify’s Data Deletion Policy and our obligations under UK GDPR.
7. Your Rights (as a Merchant or Customer)
Under the UK General Data Protection Regulation (UK GDPR), you have the right to control how your personal data is collected, used, and shared. Subject to certain limitations and conditions, you may exercise the following rights:
- Right of Access
You have the right to request a copy of the personal data we hold about you and understand how we use it.
- Right to Rectification
You can request correction of any inaccurate or incomplete personal data we process about you.
- Right to Erasure (“Right to Be Forgotten”)
You may request deletion of your personal data where:
- It is no longer necessary for the purposes it was collected, or
- You withdraw consent (if processing is based on consent), or
- You object to processing and there are no overriding legitimate grounds
Note: We may retain certain data where required by law or for compliance purposes.
- Right to Restrict Processing
You may request that we limit processing of your data in specific circumstances (e.g., pending verification of data accuracy).
- Right to Data Portability
You may request to receive your personal data in a structured, commonly used, machine-readable format and have the right to transmit it to another data controller.
- Right to Object
You can object to our processing of your data where it is based on legitimate interests, and we will cease processing unless we have compelling legal grounds.
- Right to Withdraw Consent
If you have provided consent for processing, you may withdraw it at any time. This will not affect the lawfulness of processing carried out before withdrawal.
8. Data Processing Agreement (DPA)
We offer a standard Data Processing Agreement (DPA) to support merchants in meeting their legal obligations under the UK GDPR and related data protection laws.
Our DPA outlines the terms and responsibilities governing the processing of personal data when you use Easify apps. This includes:
- Roles and Responsibilities
Defines Easify Apps as the data processor and you (the merchant) as the data controller, in accordance with Article 28 of the UK GDPR. - Purpose and Scope of Processing
Specifies that personal data is processed solely for the purpose of providing app functionality, as determined by your store’s configuration and use. - Data Security Measures
Details the technical and organizational safeguards we use to protect personal data, including encryption, access controls, and incident response protocols. - Sub-processor Requirements
Describes how we engage trusted sub-processors under binding agreements, and ensures that they are subject to equivalent data protection obligations. - International Data Transfers
Clarifies the safeguards in place for transfers of personal data outside the UK, including the use of Standard Contractual Clauses (SCCs) and other approved mechanisms.
Need a DPA?
Email us at info@easifyapps.com, and we’ll promptly send you our standard DPA for review and signature.
9. Changes to This Policy
We may update this Privacy Policy from time to time to reflect:
- Changes in our data processing practices
- Updates to applicable laws and regulatory guidance
- Enhancements to our services or infrastructure
When we make material changes, we will:
- Provide notice via email (if you are a registered user), or
- Display a prominent notice within the app or on our website
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.
10. Contact Us
If you have any privacy-related questions, data access requests, or need documentation to support your compliance efforts, feel free to reach out.
Easify Apps Team
📧 Email
💬 Live Chat
Thank you for trusting EasifyApps with your data.
