Retail Marketing Automation for Facebook Messenger

Privacy Policy

Updated 5/24/2018

ShopMessage "the App” provides marketing automation on Facebook Messenger "the Service" to merchants who use Shopify to power their stores. This Privacy Policy describes how personal information is collected, used, and shared when you install or use the App in connection with your Shopify-supported store.

Personal Information the App Collects

For ShopMessage Customers

For you, as a business user using the product and browsing the site, we are the data controller and responsible to you. You can ask us to remove your data at any time by contacting us using the information below.

When you install the App, we are automatically able to access certain types of information from your Shopify account to deliver the Service

For end-users of ShopMessage Customers

As an ecommerce merchant, you’re considered a data controller under GDPR. That means you’re the frontline when it comes to explicit consent from your EU prospects and customers for how you plan on using their personal data. The ShopMessage platform includes tools to help merchants capture explicit consent and stay GDPR compliant.

We collect the following types of personal information from you and/or your customers once you have installed the App:

Information about you and others who may access the App on behalf of your store, such as your name, address, email address, phone number, and billing information; Information about individuals who visit your store, such as their IP address, web browser details, time zone, and information about the cookies installed on the particular device; shopping behavior including products viewed, cart updates, and purchases.

We collect personal information directly from the relevant individual using the following technologies: “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.

How Do We Use Your Personal Information?

We use the personal information we collect from you and your customers in order to provide the Service and to operate the App.

What third parties do we use and what do they have access to?

Here is a list of the third parties we use and how we use them:

Facebook Messenger. Our company uses the Facebook Messenger API to build Facebook Messenger experiences. Facebook has access to all information that comes through the bot. Here is their statement on Facebook Messenger and GDPR.

We use Amazon AWS for hosting. Here is their information on GDPR compliance.

Intercom. We use Intercom for customer support and to send targeting customer messages. It tracks certain behavior within the platform's admin interface and allows gives the customer support team and certain personal information such as an email address needed to give customer support. Here is their statement on GDPR.

Shopify. We offer an integration with Shopify for our customers. Here is their information about GDPR.

Sharing Your Personal Information

We may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Your Rights. If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.

Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you, or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.

International Data Transfer. The personal data we collect from you are being transferred to the United States and may be processed globally. When transferring your personal data outside of the European Economic Area ("EEA"), we will ensure a similar degree of protection if afforded to it by ensuring appropriate safeguards, as required by law, are in place. When transferring your data to the United States, we ensure that the entities to where the data are being transferred have joined the "EU/US Privacy Shield Framework" approved by the European Commission.

Data Retention. When you place an order through the Site, we will maintain your Order Information for our records for five years unless and until you ask us to delete this information.

Changes. We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

Contact Us. For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at [email protected]