Privacy Policy

1. Introduction

TrueMetrics ("we," "our," or "us") provides server-side conversion tracking services for Shopify merchants. This Privacy Policy describes how we handle data when you install and use our application on your Shopify store.

By using TrueMetrics, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Merchant Information

When you install TrueMetrics, we collect:

• Store domain name
• Store owner email address
• Shopify API credentials (access tokens)
• Platform configuration data (GA4, Meta, TikTok credentials you provide)
• App usage statistics

2.2 Protected Customer Data (PII)

We collect only the minimum data required to provide attribution tracking services:

• Customer email addresses: Encrypted at rest using AES-256-GCM encryption, hashed before transmission to advertising platforms
• Customer IDs: Shopify customer identifiers for identity resolution
• Order IDs: For purchase attribution tracking

Data minimization: We do NOT collect phone numbers, addresses, payment information, or other unnecessary personal data.

2.3 Consent Data

We collect and respect customer consent preferences via Shopify's Customer Privacy API:

• Marketing consent status
• Analytics consent status
• Platform-specific consent (GA4, Meta, TikTok)
• Consent change history and timestamps
• Consent method (e.g., Shopify Privacy API)

2.4 Tracking Identifiers

We collect and process analytics tracking identifiers:

• Google Analytics client IDs (_ga cookie)
• Meta Pixel identifiers (fbp, fbc cookies)
• TikTok click IDs (ttclid parameters)
• Session IDs for tracking customer journeys (30-day expiration)

Consent enforcement: Tracking data is only sent to platforms when customer has provided explicit consent via Shopify's consent banner.

3. How We Use Your Information

3.1 Primary Purpose

We use the collected data exclusively to:

• Send purchase conversion events to Google Analytics 4, Meta (Facebook), and TikTok on your behalf
• Track event delivery status and provide error reporting
• Monitor and improve the performance of our service
• Provide customer support

3.2 Data Processing

When processing order data:

• Customer emails and phone numbers are hashed (SHA-256) before transmission to advertising platforms
• Data is transmitted via secure HTTPS connections
• We use event deduplication to prevent double-counting
• Data is only sent to platforms you have explicitly configured and enabled

4. Data Sharing and Disclosure

4.1 Third-Party Services

We share data with the following third parties, only as necessary to provide our services:

• Google Analytics 4: Purchase event data (if you enable GA4 tracking)
• Meta (Facebook): Purchase event data via Conversions API (if you enable Meta tracking)
• TikTok: Purchase event data via Events API (if you enable TikTok tracking)
• Shopify: We use Shopify's APIs to access your store data
• Google Cloud Platform: Our infrastructure provider for hosting and database services

4.2 What We Do NOT Do

We will never:

• Sell your data or customer data to third parties
• Use your data for advertising purposes unrelated to our service
• Share your data with unauthorized parties
• Use customer data for our own marketing purposes

5. Data Storage and Retention

5.1 Storage Location

All data is stored securely on Google Cloud Platform servers located in the United States.

5.2 Data Retention Policy

We enforce strict data retention limits in compliance with GDPR and Shopify requirements:

• Customer Consent Records: 395 days (13 months + 30-day grace period)
• User Sessions: 30 days from last activity
• Tracking Data: 24 hours (temporary processing only)
• Audit Logs: 90 days for security and compliance monitoring
• Database Backups: 90 days (encrypted with GPG)
• Account Data: Retained until app uninstallation or deletion request

Automated cleanup: Expired data is automatically deleted through daily cleanup processes. No manual intervention required.

5.3 Data Encryption

Encryption at Rest:

• Customer email addresses encrypted using AES-256-GCM
• 64-character hex encryption key (256-bit)
• Automatic encryption/decryption via Prisma Client Extensions
• Database backups encrypted with GPG (AES-256-CBC)

Encryption in Transit:

• All data transmitted over TLS 1.2+ (HTTPS)
• Customer emails hashed (SHA-256) before transmission to advertising platforms
• No plain-text PII transmitted to third parties

6. Data Security

We implement enterprise-grade security measures exceeding Shopify's Protected Customer Data requirements:

6.1 Encryption

• At Rest: AES-256-GCM encryption for all customer email addresses
• In Transit: TLS 1.2+ for all network communications
• Backups: GPG encryption (AES-256-CBC) for all database backups

6.2 Access Controls

• Database access restricted to authorized personnel only
• Production database requires VPN/SSH tunnel access
• No direct database access from public internet
• Shopify OAuth authentication (no separate password system)
• API credentials stored in environment variables (not in code)

6.3 Audit Logging

• Comprehensive audit logging of all PII access
• Every customer email read/write operation logged
• Logs include: timestamp, user, action, field, shop ID
• Audit logs retained for 90 days
• Failed access attempts logged and monitored

6.4 Security Incident Response

• Documented security incident response policy
• Clear breach notification procedures (within 72 hours for GDPR)
• Customer notification templates ready
• Recovery and remediation procedures documented

6.5 Infrastructure Security

• Separate test and production environments
• No production data in development environments
• Regular security updates and monitoring
• Automated encrypted backups with 90-day retention

7. Your Rights and Choices

7.1 Customer Consent Controls

We respect and enforce customer consent preferences:

• Shopify Privacy API Integration: Customer consent managed via Shopify's native consent banner
• Regional Compliance: Opt-in required in EU/UK (GDPR), opt-out available in California (CCPA)
• Platform-Specific Consent: Separate consent for GA4, Meta, and TikTok tracking
• Consent Changes: Honored immediately when customers update preferences
• Opt-Out Support: Customers can withdraw consent at any time via Shopify banner

7.2 Merchant Access and Control

As a merchant, you have the right to:

• Access all data we store about your store and customers
• Request correction of inaccurate data
• Request deletion of your data and customer data
• Export your data via our admin dashboard
• Withdraw customer consent on their behalf
• Disable specific platform tracking (GA4, Meta, TikTok) at any time
• Review all customer consent records and audit logs

7.3 Data Processing Agreement

A GDPR-compliant Data Processing Agreement (DPA) is available:

• Electronic signature supported within the app
• Covers EU Standard Contractual Clauses
• Defines data processing purposes and responsibilities
• Available at any time in the app dashboard

7.4 Uninstalling the App

When you uninstall TrueMetrics:

• We stop processing new order data immediately
• All tracking and consent collection ceases instantly
• Your account and configuration data are retained for 30 days (for reinstallation purposes)
• After 30 days, all data is permanently deleted unless you request immediate deletion
• Shopify's data deletion webhooks are fully supported

7.5 Data Deletion Requests

To request immediate data deletion:

• Email: truemetricsapp@gmail.com
• Response time: Within 72 hours
• Deletion timeframe: Within 30 days of verification
• Confirmation: You will receive written confirmation when deletion is complete

8. GDPR Compliance

TrueMetrics is fully compliant with the General Data Protection Regulation (GDPR) for merchants and customers in the European Economic Area (EEA):

8.1 Legal Basis for Processing

• Consent: Customer tracking only occurs with explicit consent via Shopify's consent banner (opt-in required in EU/UK)
• Contract: Merchant data processed to fulfill our service agreement
• Legitimate Interest: Analytics and service improvement (with appropriate safeguards)

8.2 Data Subject Rights

All GDPR rights are fully supported:

• Right to Access: View all data we hold about you
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we process your data
• Right to Data Portability: Export your data in machine-readable format
• Right to Object: Object to automated decision-making (N/A - we don't make automated decisions)
• Right to Withdraw Consent: Customers can withdraw consent at any time

8.3 Data Protection Officer

For GDPR-related inquiries, contact our privacy team at truemetricsapp@gmail.com

8.4 Data Processing Agreement

• Available in the app dashboard
• Covers EU Standard Contractual Clauses
• Electronic signature supported
• Defines roles: Merchant (Controller), TrueMetrics (Processor)

8.5 Breach Notification

• Data breaches reported within 72 hours as required by GDPR Article 33
• Affected merchants and customers notified immediately
• Documented security incident response policy in place

9. CCPA Compliance

For California residents, we comply with the California Consumer Privacy Act (CCPA):

9.1 California Consumer Rights

• Right to Know: What personal information we collect, use, and share
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of data sharing via Shopify consent banner
• Right to Non-Discrimination: Equal service regardless of privacy choices

9.2 Categories of Personal Information Collected

• Identifiers: Email addresses, customer IDs, order IDs
• Commercial Information: Purchase history, order details
• Internet Activity: Session data, tracking identifiers, referrer information

9.3 Do Not Sell My Personal Information

We do NOT sell personal information. We share data only with platforms you explicitly configure (GA4, Meta, TikTok) solely for attribution tracking purposes.

9.4 Exercising Your Rights

To exercise CCPA rights, contact: truemetricsapp@gmail.com

10. Shopify Protected Customer Data Compliance

TrueMetrics meets all 16 requirements of Shopify's Protected Customer Data policy:

Level 1 Requirements (All Apps)

• ✅ Data Minimization: Collect only essential data (email, customer ID, order ID, tracking IDs)
• ✅ Transparency: Clear disclosure of data collection in app listing and this privacy policy
• ✅ Purpose Limitation: Data used only for attribution tracking, no other purposes
• ✅ Consent Respect: Shopify Privacy API integration, consent checked before all tracking
• ✅ Opt-Out Support: Customers can withdraw consent via Shopify banner
• ✅ Automated Decision Rights: N/A - No automated decisions with legal effects
• ✅ Data Agreements: GDPR-compliant DPA available with electronic signature
• ✅ Retention Periods: Consents (395 days), Sessions (30 days), Tracking (24 hours)
• ✅ Encryption: AES-256-GCM at rest, TLS 1.2+ in transit

Level 2 Requirements (Sensitive PII)

• ✅ Encrypted Backups: GPG encryption (AES-256-CBC) for all database backups
• ✅ Separate Environments: Test and production fully separated
• ✅ Data Loss Prevention: Automated encrypted backups, 90-day retention
• ✅ Limited Staff Access: OAuth only, no staff accounts, restricted database access
• ✅ Strong Passwords: No password system (OAuth), strong DB credentials
• ✅ Access Logs: Comprehensive audit logging of all PII access (90-day retention)
• ✅ Security Incident Response: Documented policy with breach notification procedures

Compliance Status: 100% (16/16 requirements met)

11. Cookies and Tracking

TrueMetrics reads the following cookies from your customer's browsers:

• _ga: Google Analytics client ID (for GA4 tracking)
• _fbp, _fbc: Meta Pixel identifiers (for Meta tracking)
• ttclid: TikTok click ID (for TikTok tracking)
• Custom session cookies: For tracking customer journeys (30-day expiration)

Consent-based tracking: These cookies are read only when customer has provided explicit consent via Shopify's consent banner. No tracking occurs without consent.

12. Children's Privacy

TrueMetrics is not intended for use by individuals under 18 years of age. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately at truemetricsapp@gmail.com for immediate deletion.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Updating the "Last Updated" date at the top of this policy
• Sending an email notification to your registered email address
• Displaying a notice in the app dashboard

Continued use of TrueMetrics after changes constitutes acceptance of the updated policy.

Version history: Previous versions of this policy available upon request.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

• Privacy Inquiries: truemetricsapp@gmail.com
• General Support: truemetricsapp@gmail.com
• Data Deletion Requests: truemetricsapp@gmail.com
• DPA/Legal Inquiries: truemetricsapp@gmail.com
• Security Issues: truemetricsapp@gmail.com

Response Time: We respond to all privacy-related inquiries within 72 hours.

15. Shopify App Certification

As a certified Shopify app, we comply with all Shopify App Store Requirements:

• ✅ Shopify OAuth authentication (no separate login system)
• ✅ Minimal API scopes requested (only what's necessary)
• ✅ Shopify Protected Customer Data requirements (100% compliant)
• ✅ Customer data request and deletion webhooks fully supported
• ✅ GDPR compliance for EU/UK merchants and customers
• ✅ Shopify Privacy API integration for consent management
• ✅ Regular security updates and monitoring

Shopify Partner ID: [Your Partner ID]

App Review Status: Approved and compliant