Privacy Policy

1. Introduction

Welcome to DataFuse ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Shopify analytics platform.

2. Information We Collect

2.1 Information You Provide

• ▸Account Information: Email address, name, and authentication details through Clerk
• ▸Payment Information: Billing details processed securely through Stripe (we do not store credit card information)
• ▸Shopify Store Data: Store name, domain, and access credentials for data synchronization

2.2 Shopify Data We Access

With your explicit permission, we access the following data from your Shopify store:

• ▸Orders and order history
• ▸Products and inventory levels
• ▸Customer information (names, emails, order history)
• ▸Fulfillment and shipping data
• ▸Refund information

2.3 Automatically Collected Information

• ▸Usage Data: How you interact with our platform, features used, and performance metrics
• ▸Device Information: Browser type, IP address, operating system
• ▸Cookies: Essential cookies for authentication and session management

3. How We Use Your Information

We use your information to:

• ▸Provide and maintain our analytics services
• ▸Synchronize data from your Shopify store
• ▸Generate insights, forecasts, and AI-powered recommendations
• ▸Process payments and manage subscriptions
• ▸Send service-related notifications (trial ending, payment failed, etc.)
• ▸Improve our platform and develop new features
• ▸Detect and prevent fraud or security issues
• ▸Comply with legal obligations

4. How We Share Your Information

We do not sell your personal information. We may share your information with:

• ▸
  Service Providers:

  • • Clerk (authentication)
  • • Stripe (payment processing)
  • • Neon/PostgreSQL (database hosting)
  • • Vercel (hosting and infrastructure)
  • • OpenAI (AI-powered features)
• ▸Legal Requirements: When required by law or to protect our rights
• ▸Business Transfers: In the event of a merger, acquisition, or sale of assets

5. Data Security

We implement industry-standard security measures including:

• ✓Encryption of data in transit (TLS/SSL)
• ✓Encryption of sensitive data at rest
• ✓Secure authentication through Clerk
• ✓Regular security audits and monitoring
• ✓Access controls and principle of least privilege

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as:

• ▸Your account is active
• ▸Needed to provide services to you
• ▸Required to comply with legal obligations
• ▸Necessary to resolve disputes or enforce agreements

You can request deletion of your data at any time by contacting us. We will delete your data within 30 days unless we are required to retain it by law.

7. Your Rights

Depending on your location, you may have the following rights:

• ▸Access: Request access to your personal information
• ▸Correction: Request correction of inaccurate data
• ▸Deletion: Request deletion of your data
• ▸Data Portability: Request a copy of your data in a machine-readable format
• ▸Opt-out: Opt-out of marketing communications
• ▸Restriction: Request restriction of processing

To exercise these rights, please contact us using the information below.

8. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), we process your data based on:

• ▸Consent: You have given clear consent for specific purposes
• ▸Contract: Processing is necessary to fulfill our contract with you
• ▸Legal Obligation: Processing is required by law
• ▸Legitimate Interest: Processing is in our legitimate business interests

9. CCPA Compliance (California Users)

California residents have the right to:

• ▸Know what personal information is collected
• ▸Know whether personal information is sold or disclosed
• ▸Opt-out of the sale of personal information (we do not sell your data)
• ▸Request deletion of personal information
• ▸Not be discriminated against for exercising these rights

10. Children's Privacy

DataFuse is not intended for users under the age of 18. We do not knowingly collect information from children under 18. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place for such transfers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of DataFuse after changes constitutes acceptance of the updated policy.