Privacy Policy
How we collect, use, and protect data in our Shopify app
Last updated2026-03-18
1. Introduction
This Privacy Policy explains how UPCODE SRL ("we", "us", "our"), a company incorporated in Romania, collects, uses, stores, and protects information through our Shopify application (the "App"). The App provides an AI-powered chat widget that Shopify merchants ("Merchants") embed on their storefronts to serve their customers ("End Users").
We act in different capacities depending on the data involved:
  • Data Controller — for data we collect directly from Merchants (shop information, app configuration).
  • Data Processor — for data we process on behalf of Merchants relating to their End Users (chat messages, contact information submitted through the widget). In this role the Merchant is the Data Controller and we process data under their instructions and for their benefit.
This policy applies to both Merchants who install the App and to End Users who interact with the chat widget on Merchant storefronts. By installing or using the App you agree to this policy.
2. Data We Collect
2a. Merchant data (we are the Data Controller)
  • Shop identity: Shopify store domain, store name, and Shopify-provided account identifiers.
  • App configuration: Chatbot settings, welcome message, FAQ entries, support email address, font and color preferences, and any product/catalog data indexed for AI responses.
  • App usage data: Feature usage statistics used to operate and improve the service.
  • Usage data: Number of AI queries processed and active chat sessions.
2b. End User data collected on behalf of Merchants (we are the Data Processor)
The following data is collected from End Users who interact with the chat widget and is stored exclusively for the benefit of the Merchant whose storefront they visited:
  • Chat messages and AI responses: The questions End Users type and the AI-generated answers. These are stored in conversation logs visible to the Merchant.
  • Session identifiers: Randomly generated UUIDs created per browser session. These are stored in session storage only and are not linked to any persistent user account or tracking profile.
  • Page URL: The storefront URL where the chat was initiated, to provide context to the Merchant.
  • Order numbers and phone numbers for identity verification: When an End User requests order status or initiates a return, they may provide an order number and phone number. Phone numbers are used solely to verify identity against the Merchant's order records and are redacted from stored logs — they are not retained in our database.
  • Contact information voluntarily submitted (email address and/or phone number): When the AI cannot fully answer a query, the widget may prompt the End User to optionally leave their email and/or phone number so the Merchant can follow up. This information is submitted voluntarily, clearly disclosed at the point of collection, and stored in our database exclusively for the Merchant's use. The Merchant can view this information in their admin dashboard and mark leads as contacted. End Users may request deletion of this data as described in Section 7.
2c. What we do NOT collect
  • We do not collect payment card numbers or financial account details.
  • We do not use cookies for tracking or advertising.
  • We do not build advertising profiles or sell any data to third parties.
  • We do not collect data from End Users for any purpose beyond providing the service to the Merchant.
3. How We Use Data
  • To operate the AI chat service: Chat messages and store product/FAQ context are sent to our AI provider (OpenAI) to generate responses. See Section 5 for details on AI processing.
  • To provide order and return features: Order numbers and phone numbers are used transiently to verify identity against Shopify order data. Phone numbers are not stored after verification.
  • To store conversation history for Merchants: Chat logs are retained for 2 days and automatically deleted when expired.
  • To store contact leads for Merchants: Email/phone numbers submitted via the contact capture form are stored for up to 2 days (matching the chat session lifetime) and displayed in the Merchant's admin dashboard. The Merchant is responsible for using this data in compliance with applicable law.
  • To operate the service: Basic app state is maintained to deliver features correctly to each store.
  • To communicate with Merchants: We may send transactional emails (e.g. service updates) to the Merchant's registered email. We do not send marketing emails without separate consent.
  • To improve the service: Aggregated, anonymized usage statistics may be used to improve the App. No individual chat content is used to train AI models.
4. Legal Basis for Processing (GDPR)
As a company established in Romania, we are subject to the EU General Data Protection Regulation (GDPR). Our legal bases for processing personal data are:
  • Contract performance (Art. 6(1)(b)): Processing Merchant account data and app configuration is necessary to deliver the service under our agreement with the Merchant.
  • Legitimate interests (Art. 6(1)(f)): Processing End User chat messages to generate AI responses serves the legitimate interest of both the Merchant (providing customer support) and the End User (receiving answers). Our interest is balanced against End User rights by minimizing data retained, automatically expiring logs, and redacting sensitive identifiers.
  • Consent (Art. 6(1)(a)): Collection of End User contact information (email/phone) via the contact capture form is based on the End User's freely given, specific, and informed consent at the time of submission. The widget clearly discloses the purpose before the End User submits their details.
  • Legal obligation (Art. 6(1)(c)): Retention of any records required to comply with Romanian or applicable law.
5. AI Processing and Third-Party Providers
OpenAI
Chat messages and store context (product descriptions, FAQ content, system instructions) are transmitted to OpenAI, L.L.C. (United States) to generate AI responses. OpenAI processes this data as a sub-processor under our agreement with them. OpenAI's API terms prohibit using API inputs to train their models. Chat content sent via the API is not used by OpenAI to improve their models. Data sent to OpenAI may be temporarily retained by OpenAI for abuse monitoring (typically up to 30 days) per their data usage policies. International transfers to OpenAI (US) are covered by standard contractual clauses and/or OpenAI's data processing addendum.
We do not send payment information, order numbers, or phone numbers to OpenAI. Phone numbers are redacted before any data reaches AI systems.
Shopify
Authentication and app installation are managed through Shopify's platform. Shopify acts as a data controller for Merchant account data it collects directly. Refer to Shopify's Privacy Policy for their data practices.
MongoDB Atlas
App data (chat logs, configuration, contact leads) is stored in MongoDB Atlas. Data is stored within regions compliant with applicable data residency requirements.
6. Data Retention
  • Chat logs (messages and AI responses): Automatically deleted after 2 days from creation. Deletion is enforced via automatic database TTL — no manual action is required.
  • Contact leads (email/phone submitted via widget): Retained for 2 days from submission, then automatically deleted alongside the associated chat session. End Users may request earlier deletion (see Section 7).
  • App configuration and Merchant account data: Retained while the App is installed. Deleted or anonymized within 30 days of app uninstall, except where retention is required for legal or accounting obligations.
  • Merchant account data (shop domain, configuration): Retained while the App is installed. Deleted or anonymized within 30 days of app uninstall.
  • Phone numbers for verification: Not stored. Redacted immediately after the verification check is performed.
7. Your Rights Under GDPR
If you are located in the EU/EEA or UK, you have the following rights regarding your personal data. Merchants may exercise rights over their own account data directly by contacting us. End Users who submitted contact information via the chat widget may request its deletion by contacting us with sufficient detail to identify the submission (storefront URL, approximate date, and the email/phone submitted).
  • Right of access (Art. 15): Request a copy of personal data we hold about you.
  • Right to rectification (Art. 16): Request correction of inaccurate personal data.
  • Right to erasure (Art. 17): Request deletion of your personal data where no overriding legal basis for retention exists.
  • Right to restriction (Art. 18): Request that we restrict processing of your data in certain circumstances.
  • Right to data portability (Art. 20): Request a machine-readable export of data you have provided to us.
  • Right to object (Art. 21): Object to processing based on legitimate interests.
  • Right to withdraw consent (Art. 7(3)): Where processing is based on consent (contact capture form), you may withdraw consent at any time by requesting deletion.
  • Right to lodge a complaint: You have the right to lodge a complaint with your local supervisory authority. In Romania, the supervisory authority is the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP).
To exercise any of these rights, contact us at support@upcode.cc. We will respond within 30 days.
8. Merchant Responsibilities
Merchants who use the App are independently responsible for:
  • Disclosing to their End Users that an AI-powered chat widget is active on their storefront and that conversation data (including voluntarily submitted contact information) is collected and viewable by the Merchant.
  • Maintaining their own privacy policy that covers the use of this App and the data it collects on their behalf.
  • Complying with applicable data protection laws (including GDPR, CCPA, and others) when accessing and using End User data (including contact leads) provided through the App.
  • Using contact information submitted by End Users only for the stated purpose of following up on unresolved support queries, and not for unsolicited marketing without appropriate consent.
  • Entering into a Data Processing Agreement with us if required by applicable law. Contact us at support@upcode.cc to request our standard DPA.
9. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include encrypted data transmission (HTTPS/TLS), access controls, and automated data expiry. In the event of a data breach that is likely to result in a risk to individuals' rights, we will notify the relevant supervisory authority within 72 hours and affected Merchants without undue delay.
10. International Data Transfers
Chat data is transmitted to OpenAI (United States) as described in Section 5. Such transfers are safeguarded by standard contractual clauses (SCCs) adopted by the European Commission, or other lawful transfer mechanisms. No other international transfers of personal data take place outside the EEA unless separately disclosed.
11. Children's Privacy
The App is not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has submitted personal data through the widget, please contact us immediately at support@upcode.cc.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated to Merchants via the App or by email at least 7 days before taking effect. Continued use of the App after the effective date constitutes acceptance of the updated policy. The current version is always available at this URL.
13. Contact and Data Controller Details
For privacy inquiries, data access requests, or to report a concern:
  • Company: UPCODE SRL
  • Country: Romania
  • Email: support@upcode.cc
For Data Processing Agreement requests or to report a security incident, please use the same contact details and mark your subject line accordingly.