Privacy Policy
Last updated:
SmartOffer AI ("we", "our", or "us") is a Shopify application that helps merchants recover abandoned carts using AI-generated personalized discount offers. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data and your customers' data.
By installing and using SmartOffer AI from the Shopify App Store, you ("Merchant") agree to the practices described in this policy.
1. Information We Collect
1.1 Merchant Information
When you install SmartOffer AI, we collect and store:
- Your Shopify store domain (e.g.,
yourstore.myshopify.com) - OAuth access token (encrypted) required to call Shopify APIs on your behalf
- Your subscription plan and billing status
- Product catalog data (product IDs, prices, inventory) fetched via Shopify API
- COGS (Cost of Goods Sold) data that you optionally upload
1.2 Storefront Visitor Data (via Web Pixel)
SmartOffer AI installs a Shopify Web Pixel on your storefront to capture cart abandonment signals. The pixel collects:
- Storefront events:
product_viewed,checkout_started,search_submitted - Cart contents (product IDs, variant IDs, quantities, prices) — no payment details
- An anonymized session identifier (see Section 2)
- Timestamps and store domain
We do not collect names, email addresses, physical addresses, or payment card numbers through the Web Pixel. Customer email addresses are only received via Shopify's Flow integration when a discount offer is triggered, and are used solely to deliver the offer.
1.3 AI-Generated Offer Data
We store the results of our AI risk and discount-decision pipeline:
- Risk scores and risk levels associated with anonymized sessions
- Offer decisions (whether to send an offer, discount percentage)
- Discount codes generated and their redemption status
- Cart value at the time of abandonment
2. Data Anonymization
We take privacy-by-design seriously. All session identifiers captured by the Web Pixel are immediately anonymized using HMAC-SHA256 with a server-side secret before being stored in our database. This means:
- Raw session IDs and browser fingerprints are never stored
- Anonymized IDs cannot be reversed to identify individual shoppers
- All risk scores and offer logs are keyed by anonymized identifiers only
We honor the Global Privacy Control (GPC) and Do Not Track (DNT) browser signals. Sessions with these signals set will not have behavioral data processed for offer generation.
3. How We Use Information
We use the information we collect to:
- Detect cart abandonment signals and score abandonment risk
- Generate personalized discount offers calibrated to your product margins
- Trigger Shopify Flow automations to deliver offers via your email platform
- Provide you (the merchant) with analytics on offer performance
- Bill your subscription through the Shopify Billing API
- Maintain application security and debug operational issues
We never sell merchant or shopper data to third parties. We do not use shopper data for advertising or cross-merchant profiling.
4. Data Retention
We retain data for the minimum period necessary to provide the service:
| Data Type | Retention Period |
|---|---|
| Pixel events (anonymized) | 90 days |
| Risk scores (anonymized) | 90 days |
| Offer logs (anonymized) | 90 days |
| Discount codes (used / expired) | 90 days after expiry |
| Merchant access tokens | Until app uninstall |
| Subscription records | 7 years (financial compliance) |
An automated cleanup job runs nightly to delete records past their retention period.
5. Your Rights (GDPR & CCPA)
We comply with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Shopify merchants and their customers have the following rights:
5.1 For Merchants
- Access: Request an export of all data we hold associated with your store
- Deletion: Request deletion of all your store's data at any time
- Portability: Receive your data in a machine-readable format
5.2 For Your Customers (via Shopify Mandatory Webhooks)
SmartOffer AI implements all three of Shopify's mandatory privacy compliance webhooks:
- customers/data_request — When a customer requests their data, we identify and export all records associated with their anonymized identifier
- customers/redact — When a customer requests erasure, we permanently delete all matching records from our database
- shop/redact — 48 hours after your store uninstalls the app, all remaining store data is purged from our systems
5.3 CCPA Opt-Out
Shoppers who signal opt-out preferences via Global Privacy Control (GPC) or Do Not Track (DNT) browser headers will not have their behavioral data processed for cart recovery purposes.
To exercise any of these rights, contact us at privacy@smartoffer.ai. We will respond within 30 days.
6. Data Sharing and Third Parties
We do not sell, rent, or share your data with third parties except as follows:
- Shopify: We access your store data through Shopify's APIs under the scopes you authorized during installation. Your data is also subject to Shopify's Privacy Policy.
- Infrastructure providers: We use Railway (hosting) and a managed PostgreSQL database. These providers process data only to operate the service and are bound by data processing agreements.
- Legal requirements: We may disclose information if required by law or to protect against fraudulent or illegal activity.
We do not share any merchant or shopper data with advertising networks, analytics resellers, or other Shopify apps.
7. Security
We implement industry-standard security measures to protect your data:
- All data in transit is encrypted using TLS 1.2+
- All Shopify webhooks are verified using HMAC-SHA256 signature validation
- Access tokens are stored encrypted and never logged
- Session identifiers are anonymized using HMAC-SHA256 before storage
- API endpoints use strict authentication and CORS policies
- Cron job endpoints are protected by secret tokens and fail closed in production
If you believe there has been a security incident, please contact us immediately at privacy@smartoffer.ai.
8. Shopify API Access Scopes
SmartOffer AI requests only the Shopify API scopes necessary for its core functionality:
| Scope | Purpose |
|---|---|
| read_products / write_products | Fetch product catalog for margin calculations |
| read_orders | Calculate Average Order Value for offer calibration |
| read_customers | Resolve customer identity for GDPR data requests |
| read_inventory | Track inventory levels for offer eligibility |
| write_discounts / read_discounts | Create and manage personalized discount codes |
| read_pixels / write_pixels | Install and configure the Web Pixel extension |
| read_customer_events | Receive storefront behavioral events from the pixel |
9. Children's Privacy
SmartOffer AI is a business-to-business (B2B) application directed to merchants. It is not intended for use by, and we do not knowingly collect information from, individuals under the age of 18.
10. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you through a notice within the SmartOffer AI dashboard or by email. Your continued use of the app after such notice constitutes acceptance of the updated policy. The "Last updated" date at the top of this page reflects the most recent revision.
11. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us: