Privacy Policy

Last updated: May 23, 2026

ShopsWired ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the ShopsWired platform, including our website, APIs, and related services (the "Service").

This policy applies to both Merchants (individuals or businesses operating stores on our platform) and Customers (end-users who browse or purchase from those stores).

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, billing address, payment information, and business details when you register as a Merchant.
• Store Content: Product listings, media, descriptions, pricing, plugin code, theme files, and other content you upload to the Platform.
• Customer Data (Merchant-Provided): Customer names, email addresses, shipping addresses, and order histories that Merchants collect through their stores.
• Communications: Information you provide when contacting our support team or participating in surveys.

1.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent on pages, and general interaction patterns with the dashboard and storefront.
• Device & Browser Information: IP address, browser type, operating system, device identifiers, and screen resolution.
• Log Data: Server logs including request timestamps, HTTP methods, URLs, response codes, and referral URLs.
• Cookies & Similar Technologies: We use strictly necessary cookies for authentication and session management. See Section 6 for details.

1.3 Information from Third Parties

• Payment Processors: We receive transaction confirmation and limited billing data from payment gateways (e.g., Stripe, Square) to process orders and prevent fraud.
• Domain Providers: DNS verification data for custom domain setup.

2. How We Use Your Information

We use the information we collect to:

• Provide & Operate the Service: Host your store, process orders, render themes, execute plugins, and deliver assets via our CDN.
• Process Payments: Facilitate payment processing and subscription billing through our payment partners.
• Maintain Security: Detect, prevent, and respond to fraud, abuse, security incidents, and violations of our Terms of Service.
• Improve the Platform: Analyze usage patterns and performance metrics to improve features, fix bugs, and optimize infrastructure.
• Communicate: Send transactional emails (order confirmations, billing receipts), service announcements, and, with your consent, marketing communications.
• Comply with Legal Obligations: Meet legal, regulatory, and tax reporting requirements.

3. How We Share Your Information

We do not sell your personal information. We may share information in the following circumstances:

• Service Providers: We share data with trusted third-party service providers who assist in operating the platform, including cloud hosting (Google Cloud Platform), CDN delivery, payment processing, and email delivery. These providers are contractually bound to use data only for the purposes we specify.
• Payment Gateways: Order and billing data is shared with payment processors to complete transactions.
• Merchant-to-Customer: When a Customer places an order, their shipping and contact information is shared with the relevant Merchant to fulfill the order.
• Wired Network: When products are syndicated across the ShopsWired network, limited product and order data may be shared between participating Merchants as necessary to fulfill cross-shop orders.
• Legal Requirements: We may disclose information if required by law, subpoena, court order, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Retention

• Active Accounts: We retain your account and store data for as long as your account is active.
• After Cancellation: Store data is retained for 30 days after account cancellation to allow for recovery. After this period, data is permanently deleted from our systems.
• Backups: Backup copies may persist for up to 90 days after deletion before being purged from backup systems.
• Legal Holds: Data required for legal compliance, dispute resolution, or fraud prevention may be retained longer as permitted by law.

5. Data Security

We implement industry-standard security measures to protect your data, including:

• TLS/SSL encryption for all data in transit
• Encryption at rest for sensitive data stored in our databases
• Strict access controls and role-based permissions for internal systems
• Regular security audits and vulnerability assessments
• Automatic SSL provisioning for all custom domains
• Secret management with encrypted storage for plugin API keys and credentials

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Cookies & Tracking

ShopsWired uses a minimal set of cookies:

• Session Cookies: Essential for authentication, cart management, and checkout functionality. These are strictly necessary and cannot be disabled.
• Preference Cookies: Store settings like language or currency preferences.

We do not use third-party advertising cookies or cross-site tracking pixels on the core Platform. Merchants may install third-party analytics or advertising plugins on their own storefronts; such usage is governed by the Merchant's own privacy policy.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention obligations.
• Portability: Request a machine-readable export of your data.
• Objection: Object to certain processing activities, including direct marketing.
• Restriction: Request that we limit the processing of your data under certain circumstances.
• Withdraw Consent: Where processing is based on consent, withdraw consent at any time without affecting prior lawful processing.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days (or sooner if required by applicable law).

8. Merchants as Data Controllers

Merchants operating stores on ShopsWired act as independent data controllers for the personal data of their Customers. ShopsWired acts as a data processor on behalf of Merchants for Customer data collected through their stores.

As a Merchant, you are responsible for:

• Publishing a compliant privacy policy on your storefront
• Obtaining necessary consents from your Customers for data collection and processing
• Responding to data subject requests from your Customers
• Ensuring any plugins you install that process Customer data comply with applicable privacy laws

9. International Data Transfers

ShopsWired operates infrastructure in the United States. If you are located outside the United States, your data may be transferred to and processed in the U.S. We rely on Standard Contractual Clauses (SCCs) and other legally recognized transfer mechanisms to ensure your data is protected in accordance with applicable data protection laws when transferred internationally.

10. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us at [email protected] and we will promptly delete it.

11. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• The right to know what personal information we collect, use, and disclose
• The right to request deletion of your personal information
• The right to opt out of the sale of personal information (we do not sell personal information)
• The right to non-discrimination for exercising your CCPA rights

12. European Residents (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following applies:

• Legal Basis: We process personal data based on contractual necessity (to provide the Service), legitimate interests (to improve and secure the Platform), and consent (for marketing communications).
• Data Protection Officer: For GDPR-related inquiries, contact us at [email protected].
• Supervisory Authority: You have the right to lodge a complaint with your local data protection authority.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Platform at least 30 days before taking effect. The "Last updated" date at the top of this policy indicates when the latest revision was made.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

• Email: [email protected]
• General: [email protected]