Privacy Policy

1. Introduction

Pixelify ("we", "our", "us") provides a Shopify application that enables merchants to connect their stores with Facebook's advertising infrastructure. This Privacy Policy describes how we collect, use, process, and disclose information when you install and use our application.

Legal Entity: Warewe Consultancy Pvt. Ltd.
Contact: support@warewe.online

2. Information We Collect

2.1 From Shopify

• Store Information: Shop domain, store name, store owner email, and store currency. Used to identify your account and provide localized service.
• Access Tokens: Encrypted OAuth tokens that authorize our app to access your store data. These are stored encrypted at rest and can be revoked at any time via Shopify Admin.
• Event Data: Purchase, add-to-cart, and page view events. We only collect event metadata necessary for pixel tracking (product IDs, prices, timestamps). We do not collect customer names, addresses, or payment details.

2.2 From Facebook/Meta

• Business Account Information: Business ID, business name, and associated ad accounts. Used to establish the connection between your store and Facebook.
• Pixel Configuration: Pixel IDs, event mapping settings, and conversion tracking parameters. Stored to maintain your tracking configuration.
• Access Tokens: Short-lived Facebook access tokens that are automatically refreshed. Used to authenticate API requests to Facebook's Graph API.

2.3 Technical Data

• Log Data: Error logs and performance metrics collected for debugging and service improvement. Retained for 7 days.
• Usage Analytics: Anonymous feature usage statistics to help us understand how merchants interact with our app.

3. How We Use Information

• Service Provision: To connect your Shopify store with your Facebook Business account and enable pixel tracking functionality.
• Event Transmission: To send conversion events from your store to your Facebook pixel for advertising optimization and analytics.
• Configuration Management: To store and sync your pixel settings and business account preferences.
• Support: To investigate and resolve technical issues, and to communicate important service updates.
• Improvement: To analyze usage patterns and improve application performance and user experience.

4. Data Storage & Security

4.1 Infrastructure

• Database: Supabase PostgreSQL, hosted in US East (Virginia). All data is encrypted at rest using AES-256.
• Hosting: Vercel Edge Network, with automatic TLS 1.3 encryption for all data in transit.
• Backups: Automated daily backups retained for 30 days, encrypted and stored in geographically separate facilities.

4.2 Security Measures

• All access tokens are encrypted using industry-standard encryption algorithms
• Database access restricted to authorized services via network policies
• Regular security audits and dependency scanning
• Automated secret rotation for internal credentials
• All employee access requires multi-factor authentication

5. Third-Party Services

We utilize the following sub-processors to deliver our service. Each processor has been vetted for security compliance and operates under written data processing agreements consistent with this policy:

Note: We do not engage in the sale of personal information to third parties, nor do we use customer data for advertising purposes beyond the explicit functionality of transmitting conversion events to the merchant's own Facebook pixel.

6. Data Retention

Upon uninstallation of the Pixelify application, we initiate automated deletion of all store-specific data within 30 days. Anonymized aggregate statistics may be retained for product improvement purposes.

7. Your Rights

Subject to applicable law, you have the following rights regarding your personal information:

• Right to Access: Request a copy of the personal information we hold about your store.
• Right to Rectification: Request correction of inaccurate or incomplete information.
• Right to Deletion: Request deletion of your personal information. Uninstalling the application initiates this process automatically.
• Right to Data Portability: Receive your data in a structured, machine-readable format (JSON).
• Right to Object: Object to processing based on legitimate interests.

To exercise these rights, contact privacy@pixelify.app. We respond to all verified requests within 30 days.

8. Compliance & Certifications

• GDPR: We act as a data processor for Shopify merchants who are data controllers. Our processing activities are covered by Standard Contractual Clauses.
• CCPA: We do not sell personal information. California residents may exercise their rights as described in Section 7.
• Shopify Platform: Our app complies with Shopify's privacy and data use requirements for listed applications.
• Meta Platform Terms: Our use of Facebook APIs complies with Meta's Platform Terms and applicable policies.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. Material changes will be notified via email to the registered store owner and through the Shopify App dashboard at least 14 days before they become effective.

The current version of this policy will always be available at https://pixelify-2-0.vercel.app/privacy-policy.

10. Contact Information

For privacy inquiries, data subject requests, or questions about this policy: