Privacy Policy

1. Information We Collect

1.1 Information You Provide to Us

We collect information that you voluntarily provide when using our Service:

• For Shopify Users: Merchant information including store name, email address, store URL, and business contact details collected through Shopify OAuth authentication.
• For Manual Integration Users: Website URL, business name, business email address, contact information, and any other details you provide during account setup or registration.
• Account Information: Username, password, billing information, and payment details necessary for subscription management.
• Communication Data: Any information you provide when contacting our support team, including email correspondence, chat messages, and support tickets.

1.2 Customer Review Data

We collect and process customer review information that you upload or integrate into our Service, which may include:

• Customer names and email addresses
• Review ratings, text, and timestamps
• Product information associated with reviews
• Order verification data (where applicable)
• Photos or media uploaded with reviews

1.3 Automatically Collected Information

• Usage Data: Plan type, subscription tier, product count, feature usage statistics, configuration preferences, and interaction patterns within the Service.
• Device Information: IP address, browser type and version, operating system, device identifiers, and referring URLs.
• Cookies and Tracking Technologies: We use cookies, web beacons, and similar tracking technologies to collect information about your browsing activities. You can control cookie preferences through your browser settings.
• Log Files: Server logs that include IP addresses, browser types, internet service providers, timestamps, and clickstream data.

1.4 Third-Party Integrations

If you connect third-party services (such as Shopify, WordPress plugins, or other e-commerce platforms) to our Service, we may receive information from those platforms in accordance with their terms and your privacy settings.

2. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide, operate, maintain, and improve our review management features, dashboard functionality, and customer support.
• Personalization: To customize your experience, display relevant review widgets, and tailor our Service to your specific needs.
• Communication: To send you important updates, security alerts, technical notices, policy changes, promotional materials (with your consent), and respond to your inquiries.
• Billing and Payments: To process subscription payments, send invoices, manage billing cycles, and comply with Shopify's App Store and billing requirements.
• Analytics and Improvement: To analyze usage patterns, measure Service effectiveness, conduct research, and develop new features.
• Security and Fraud Prevention: To detect, prevent, and address technical issues, fraudulent activities, and violations of our Terms of Service.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests.
• Business Operations: To facilitate mergers, acquisitions, or sale of assets (your information would be transferred as part of those transactions).

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), our legal basis for collecting and using your information depends on the specific data and context:

• Contractual Necessity: Processing is necessary to provide the Service you've requested and fulfill our contractual obligations.
• Legitimate Interests: We process data based on our legitimate business interests (such as improving our Service, ensuring security, and business analytics) while ensuring your rights are protected.
• Consent: Where required by law, we process data based on your explicit consent, which you can withdraw at any time.
• Legal Obligations: Processing is necessary to comply with legal and regulatory requirements.

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following circumstances:

4.1 Service Providers

We engage trusted third-party service providers to perform functions on our behalf, such as:

• Cloud hosting and infrastructure (AWS India)
• Payment processing and billing services
• Analytics and monitoring tools
• Email delivery and communication platforms
• Customer support systems

These service providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your data and use it only for the purposes we specify.

4.2 Business Transfers

If HyperInt is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required by law, court order, subpoena, or governmental request, or when we believe disclosure is necessary to:

• Comply with legal obligations
• Protect our rights, property, or safety, or that of our users or the public
• Detect, prevent, or address fraud, security, or technical issues
• Enforce our Terms of Service or other agreements

4.4 With Your Consent

We may share your information with third parties when we have your explicit consent to do so.

5. Data Storage, Security & Retention

5.1 Data Storage

All data is securely stored on encrypted servers hosted in India (AWS India region). We implement industry-standard security measures including encryption at rest and in transit, regular security audits, and access controls.

5.2 Security Measures

We implement comprehensive security measures to protect your information:

• SSL/TLS encryption for all data transmission
• AES-256 encryption for data at rest
• Multi-factor authentication for administrative access
• Regular security audits and penetration testing
• Firewall protection and intrusion detection systems
• Role-based access controls limiting data access to authorized personnel only
• Employee training on data security and privacy practices
• Secure backup and disaster recovery procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

5.3 Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

• Active Accounts: Data is retained while your account remains active and for the duration of any subscription period.
• Deleted Accounts: When you uninstall the app or cancel your subscription, your data remains accessible for 30 daysand is then permanently deleted from our systems.
• Backup Systems: Data in backup systems may be retained for up to 90 days for disaster recovery purposes.
• Legal Requirements: Certain information may be retained longer if required for legal, regulatory, tax, accounting, or audit purposes.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

6.1 General Rights

• Access: You can request access to the personal information we hold about you.
• Correction: You can request that we correct inaccurate or incomplete information.
• Deletion: You can request deletion of your personal information (subject to certain legal exceptions).
• Data Portability: You can request a copy of your data in a structured, machine-readable format.
• Objection: You can object to certain processing activities, including marketing communications.
• Restriction: You can request that we restrict processing of your information in certain circumstances.
• Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.

6.2 GDPR Rights (EEA Residents)

If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

6.3 CCPA Rights (California Residents)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information held by businesses
• Right to opt-out of the sale of personal information (Note: We do not sell personal information)
• Right to non-discrimination for exercising CCPA rights

6.4 Exercising Your Rights

To exercise any of these rights, please contact us at contact@hyperint.tech. We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your jurisdiction. When we transfer information internationally, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Data Processing Agreements with third-party service providers
• Compliance with applicable data transfer regulations

8. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from children without parental consent, we will take steps to delete that information.

9. Third-Party Links and Services

Our Service may contain links to third-party websites, applications, or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

10. Marketing Communications

We may send you marketing communications about our products, services, and promotions if you have opted in to receive them. You can opt out of marketing emails at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Contacting us at contact@hyperint.tech
• Updating your communication preferences in your account settings

Please note that even if you opt out of marketing communications, we will still send you transactional and service-related messages.

11. Data Breach Notification

In the event of a data breach that may compromise your personal information, we will notify you and relevant authorities as required by applicable law, typically within 72 hours of becoming aware of the breach. We will provide information about the nature of the breach, potential consequences, and measures taken to address it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Privacy Policy on this page with a new "Last Updated" date
• Sending you an email notification (if you have provided your email address)
• Displaying a prominent notice within the Service

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

13. Data Protection Officer

We have designated a Data Protection Officer (DPO) to oversee our privacy and data protection practices. If you have questions about this Privacy Policy or how we handle your personal information, you can contact our DPO at contact@hyperint.tech.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

15. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of India, without regard to its conflict of law provisions. Any disputes arising from or relating to this Privacy Policy shall be subject to the exclusive jurisdiction of the courts located in India.