Privacy Policy - Sumo: Product Page Blocks

1 Introduction

Welcome to Sumo: Product Page Blocks ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Shopify application.

By installing and using our app, you agree to the terms of this Privacy Policy. If you do not agree with these terms, please do not use our app.

2 Information We Collect

We collect the following types of information:

Store Information

Shop domain and name
Store owner email address
Shopify access tokens (for API access)
Billing and subscription information

Product Information

Product titles, descriptions, and metadata
Product images and variant details
Product tags, vendor, and type information
Product sales data (for bestseller badge assignment)

Block Configuration Data

Product block settings and styling preferences
AI-generated content (product benefits, color swatch patterns)
Countdown timers, promo codes, and promotional settings
Trust badges, certifications, and size chart configurations
Custom CSS and JavaScript provided by the store owner

Analytics Data

Block view counts and page impressions
Aggregated usage metrics

Note: We do not collect any personal data from your customers. All analytics data is aggregated and anonymized. No customer names, emails, addresses, or any other personally identifiable information is collected.

3 How We Use Your Information

We use the collected information to:

Provide, maintain, and improve our app functionality
Display product page blocks on your storefront (benefits, badges, countdown timers, social proof, and more)
Generate AI-powered product benefits and color swatch patterns
Provide analytics and insights about block performance and conversions
Automatically assign bestseller badges based on sales data
Process billing and subscriptions through Shopify
Send important updates about our service
Provide customer support

4 Third-Party Services

We use the following third-party services:

Shopify: For app hosting, billing, and store data access (products, locations, discounts)
OpenAI: For AI-powered content generation (product data may be sent to generate benefit descriptions and color swatch patterns)
Amazon Web Services (AWS): For secure data hosting and storage

These services have their own privacy policies, and we encourage you to review them.

Regarding AI: When you use our AI features, relevant product information (title, description, tags) is sent to OpenAI to generate content. This data is processed in accordance with OpenAI's data usage policies and is not used to train their models.

5 Data Storage and Security

Your data is stored on secure servers hosted by Amazon Web Services (AWS) in the United States. We implement industry-standard security measures including:

Encrypted data transmission (HTTPS/TLS)
Encrypted storage for sensitive credentials (API keys, access tokens)
Secure database storage with access controls
Regular security updates and monitoring
Limited employee access to production data

6 Data Retention

We retain your data for as long as you have our app installed. Upon app uninstallation:

Your block configurations and settings will be retained for 30 days (in case of reinstallation)
After 30 days, all your data will be permanently deleted
Analytics data is aggregated on a daily basis and raw event data is periodically purged
You may request immediate deletion by contacting us

7 Your Rights

You have the right to:

Access: Request a copy of your data
Correction: Request correction of inaccurate data
Deletion: Request deletion of your data
Portability: Request your data in a portable format
Withdraw Consent: Uninstall the app at any time

To exercise any of these rights, please contact us using the information below.

8 GDPR Compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). We process your data based on:

Your consent when installing the app
Contractual necessity to provide our services
Legitimate business interests

9 CCPA Compliance

For California residents, we comply with the California Consumer Privacy Act (CCPA). We do not sell your personal information to third parties.

10 Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically.