Privacy Policy

Last updated: February 28, 2026

SaasyLlama ("we," "our," or "us") is committed to protecting the privacy of merchants, their customers, and all users who interact with our Shopify applications. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

1. Information We Collect

When you install and use our Shopify applications, we may collect the following types of information:

• Store Information: Your Shopify store name, domain, email address, and store owner details provided during app installation.
• Order and Customer Data: Order details, customer names, email addresses, shipping addresses, and product information as necessary to provide our app's functionality.
• Usage Data: Information about how you interact with our applications, including features used, pages visited within the app, timestamps, and performance metrics.
• API Data: Data accessed through Shopify's APIs as authorized by the permissions you grant during installation.
• Support Communications: Information you provide when contacting us for support, including email content and any attachments.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our Shopify applications and their core features.
• Process orders, fulfill requests, and deliver the services you've subscribed to.
• Communicate with you about your account, app updates, and respond to support inquiries.
• Analyze usage patterns to improve app performance, fix bugs, and develop new features.
• Detect and prevent fraud, abuse, and security issues.
• Comply with legal obligations and enforce our Terms of Service.

3. How We Share Your Information

We do not sell your personal information. We may share data in the following circumstances:

• Service Providers: We use trusted third-party services (e.g., hosting providers, analytics tools) to operate our applications. These providers are contractually obligated to protect your data.
• Shopify: Our apps operate within the Shopify platform, and data processing is governed by Shopify's own privacy practices and API terms.
• Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Retention and Deletion

We retain your data only for as long as necessary to provide our services and fulfill the purposes outlined in this policy. When you uninstall one of our applications:

• We will delete or anonymize your store and customer data within 30 days of uninstallation, unless retention is required by law.
• Aggregated, non-identifiable analytics data may be retained for product improvement purposes.
• You may request immediate deletion of your data by contacting us at the email address below.

5. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your personal data.
• Restriction: Request that we limit how we process your data.
• Portability: Request a machine-readable copy of your data.
• Objection: Object to our processing of your data for specific purposes.

To exercise any of these rights, please contact us at privacy@saasyllama.com.

6. Cookies and Tracking

Our applications may use essential cookies and similar technologies to maintain session state and ensure proper functionality. We do not use non-essential tracking cookies or third-party advertising trackers within our Shopify apps.

If we introduce any non-essential cookies in the future, we will update this policy and provide a consent mechanism in compliance with applicable regulations (including GDPR and CCPA).

7. Security

We implement industry-standard security measures to protect your data, including:

• Encryption of data in transit (TLS/SSL) and at rest.
• Regular security audits and vulnerability assessments.
• Access controls limiting data access to authorized personnel only.
• Secure coding practices aligned with OWASP guidelines.

8. International Data Transfers

Our services may involve the transfer of data outside of your country of residence, including to the United States. Where applicable, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data in compliance with GDPR and other regulations.

9. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected such data, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our applications after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

SaasyLlama
Email: privacy@saasyllama.com
Support: saasyllama.com/support