Privacy Policy

1. Introduction

AutoPiloit ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Shopify application and services.

By installing or using AutoPiloit, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information from Shopify

When you install AutoPiloit, we collect the following information from your Shopify store:

• Store information (store name, domain, contact email)
• Product data (product names, descriptions, images, pricing)
• Order information (order details, customer purchase history)
• Customer data (names, email addresses, purchase behavior)
• Analytics data (store traffic, conversion rates, sales metrics)

2.2 Automatically Collected Information

We automatically collect certain information when you use our app:

• Log data (IP address, browser type, access times)
• Device information (device type, operating system)
• Usage data (features used, settings configured)
• Cookies and similar tracking technologies

2.3 Information You Provide

We collect information you directly provide to us:

• Account registration information
• Payment and billing information
• Communication preferences
• Support and feedback messages
• Custom settings and configurations

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: To provide, maintain, and improve AutoPiloit's conversion optimization features
• Analytics and Optimization: To analyze customer behavior and optimize your store's performance
• Personalization: To customize and enhance user experience based on your store's data
• Communication: To send service updates, technical notices, and support messages
• Payment Processing: To process subscription payments and manage billing
• Security: To detect, prevent, and address technical issues and fraudulent activity
• Legal Compliance: To comply with legal obligations and enforce our terms
• Product Development: To develop new features and improve existing functionality

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We may share your information with third-party service providers who perform services on our behalf:

• Cloud hosting providers (data storage and processing)
• Payment processors (subscription and billing management)
• Analytics services (performance monitoring and optimization)
• Customer support tools (help desk and communication)
• Email service providers (transactional and marketing emails)

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas).

4.4 With Your Consent

We may share your information with third parties when we have your explicit consent to do so.

4.5 What We Do NOT Do

We do NOT:

• Sell your personal information to third parties
• Share your customer data with competitors
• Use your data for unrelated marketing purposes
• Provide your information to data brokers

5. Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy. Specifically:

• Active Accounts: We retain data while your account is active or as needed to provide services
• After Uninstall: We retain certain data for up to 90 days after app uninstallation for account recovery purposes
• Legal Obligations: We may retain data longer if required by law or for legitimate business purposes (e.g., fraud prevention, dispute resolution)
• Aggregated Data: We may retain anonymized and aggregated data indefinitely for analytics and product improvement

Upon request, we will delete or anonymize your personal information, except where retention is required by law.

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Industry-standard encryption for data in transit (TLS/SSL) and at rest
• Regular security audits and vulnerability assessments
• Access controls and authentication mechanisms
• Employee training on data protection and privacy
• Incident response and breach notification procedures
• Regular backups and disaster recovery plans

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

You have the right to request access to the personal information we hold about you and receive a copy in a portable format.

7.2 Correction and Updates

You can update your account information directly through the app settings or by contacting us to correct inaccurate data.

7.3 Deletion

You have the right to request deletion of your personal information. You can uninstall the app or contact us to request data deletion.

7.4 Restriction and Objection

You may request that we restrict processing of your information or object to certain processing activities.

7.5 Withdraw Consent

Where we rely on consent to process your information, you have the right to withdraw that consent at any time.

7.6 Opt-Out of Marketing

You can opt out of receiving marketing communications by following the unsubscribe instructions in our emails or updating your preferences in the app.

To exercise any of these rights, please contact us at the email address provided below. We will respond to your request within 30 days.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of our services:

• Essential Cookies: Required for the app to function properly
• Analytics Cookies: Help us understand how you use our services
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our services.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer your information internationally, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by regulatory authorities
• Data processing agreements with service providers
• Compliance with applicable data protection frameworks

10. Children's Privacy

AutoPiloit is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

11. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of the sale of personal information (note: we do not sell personal information)
• Right to non-discrimination for exercising your CCPA rights

To exercise these rights, please contact us using the information provided below.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR):

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restriction of processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making and profiling

We process your personal data based on the following legal grounds:

• Contract performance (to provide our services)
• Legitimate interests (to improve our services and ensure security)
• Legal obligations (to comply with applicable laws)
• Consent (where explicitly provided)

You also have the right to lodge a complaint with a supervisory authority in your jurisdiction.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

• Posting the updated policy on this page with a new "Last updated" date
• Sending an email notification to your registered email address
• Displaying a prominent notice in the app

Your continued use of AutoPiloit after any changes indicates your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

14. Shopify-Specific Information

As a Shopify app, AutoPiloit complies with Shopify's API Terms of Service and data protection requirements:

• We use Shopify APIs only as permitted by Shopify's terms
• We protect merchant and customer data in accordance with Shopify's requirements
• We comply with Shopify's data deletion and retention policies
• We honor data subject requests (access, deletion, etc.) as required by Shopify

When you uninstall AutoPiloit, we will delete or anonymize your store data within 90 days, unless retention is required by law.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 30 days.

16. Data Processing Agreement

For customers who require a Data Processing Agreement (DPA) for GDPR or other regulatory compliance, please contact us at the email address above. We are committed to working with you to ensure compliance with applicable data protection laws.