This Privacy Policy has been updated on July 23, 2024

Recsify Technologies Private Limited (doing business as Recsify, hereinafter- “we”, “us”, “Recsify”) is the Indian company which provides different Shopify Apps to Users of shopify.com through a Software as a Service (SaaS) model.

Introductions

We at Recsify have created a Privacy Policy that aims to help you understand what data we collect, what we use it for and how you can exercise your rights. Reading Privacy Policy is important so we hope you will give it time and attention.

For us the privacy and security of our customers, clients and visitors are of paramount importance. We are committed to protecting the data you share with us. This privacy policy explains how we process information that can be used to directly or indirectly identify an individual (“Personal Data”) collected through use of our apps and Customer’s websites or provided by Shopify.

Also our site does not sell your personal information to third parties. A “sale” of Personal Information under the CCPA is defined broadly to include the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means” the Personal Information of a Consumer to another business or third party “for monetary or other valuable consideration.” If we decide to sell our website or App(s) (our business), we will inform you about this, so you can forbid us to transfer your personal data together with our business. If so, we will delete your data from the databases prior to a business transfer.

For the purposes of this policy, we define the term “Customer” as a person which have concluded the installation of any of Recsify Apps through shopify.com, the term “Customer’s Client” as any individual who interacts directly with Customer without interacting directly with us and the term “Visitor” as an individual who visits our website (https://recsify.com) or Shopify AppStore page and fills our contact form.

We adhere to the following principles in order to protect your privacy:

principle of purposefulness – we process personal data fairly and in a transparent manner only for the achievement of determined and lawful objectives, and they shall not be processed in a manner not conforming to the objectives of data processing;

principle of minimalism – we collect personal data only to the extent necessary for the achievement of determined purposes and do not keep personal data if it is no longer needed;

principle of restricted use – we use personal data for other purposes only with the consent of the data subject or with the permission of a competent authority;

principle of data quality – we update personal data shall be up-to-date, complete and necessary for the achievement of the purpose of data processing;

principle of security – security measures shall be applied in order to protect personal data from unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures;

principle of individual participation – the persons shall be notified of data collected concerning him or her, the persons shall be granted access to the data concerning him or her and the persons have the right to demand the correction of inaccurate or misleading data.

1. Data We Collect

1.1. Customers

1.1.1. In order to provide services to our Customers we collect its personally identifiable information.

1.1.2. After concluded the installation of any of Recsify Apps at Shopify App store, Shopify provides us with information such as name, company name, email address, address and other relevant data. This information is used by us to identify the Customers and provide them with services, mailings, notification, support and marketing actions, and to meet other contractual obligations.

1.1.3. If you no longer wish to receive promotional emails, you may opt out of them by replying to one of such emails or send us an email with a request.

1.1.4. We are processing your Personal Data in order to fulfill contracts we might have with you for purposes to provide our services to you (including support, communication, marketing etc.). When we share such information with our contractors (which may be located outside of the European Economic Area) in order to provide high quality support services in emergency cases, we rely on your consent and your request to do so. Processing of Personal Data for marketing purpose is also relied on consent obtained from you. We use such data in ways you would reasonably expect and which have a minimal privacy impact.

1.1.5. You can withdraw your consents at any time by sending the email with your withdrawal and your Personal Data will be deleted in 48 hours.

1.2. Customer’s Clients

1.2.1. Customers may collect, store and process Personal Data of their own Clients via Recsify Apps on their websites. We have no direct relationship to the individuals whose Personal Data is processed in this case. Each Customer is responsible for providing a notice to its Clients and third persons concerning the purpose for which Customer collects their Personal Data and how this Personal Data is processed.

1.2.2. We may be a processor with respect to such Personal Data and act on behalf of Customer. In this case we could process such Personal Data as email address, geolocation data and IP-address.

1.2.3. We do not collect information from children under 13 years. And we do not collect sensitive data. If we learn that we have Personal Data of a child under age 13, we will remove it. If you believe we have Personal Data about a child under the age of 13, please notify us.

1.2.4. While processing Personal Data of our Customer’s Clients, we rely on our contract between us and our Client to the processing of Personal Data for purposes to provide our services to our Customer. We act for the benefit of our Customer as this processing is necessary for proper functioning of our App integrated in our Customer’s websites.

1.2.5. When we share such information with our contractors (which may be located outside of the European Economic Area) in order to provide high quality support services in emergency cases, we rely on Customer’s consent and Customer’s request to do so.

2. Сompliance with General Data Protection Regulation (GDPR), Estonian legislation and California Consumer Privacy Act (CCPA) and Brazil’s General Data Protection Law (Lgpd (Lei Geral De Proteção De Dados))

2.1. For Visitors, Customers and Customer’s Clients located in the European Economic Area (EEA) privacy rights are granted and all processing of Personal Data is performed in accordance with regulations and rules following the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and the national legislation of the Republic of Estonia.

2.2. For Visitors, Customers and Customer’s Clients located in California all processing of Personal Data is performed in accordance with regulations and rules following the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq. (“CCPA”)

2.3. For Visitors, Customers and Customer’s Clients located in Brazilia, all processing of Personal Data is performed in accordance with regulations and rules following the Lei Geral de Proteção de Dados (“LGPD”).

2.4. We process Personal Data both as a Processor and as a Controller, as defined in the GDPR:

● Recsify with whom you as a Customer has entered into an agreement when installing the Apps will be the Controller for Customer data as outlined above in “Customer” section.

● Also Recsify will be the Controller for Visitor data, as outlined above in “Visitor” section.

2.5. For Customer’s Client data, as outlined in the “Customer’s Client” section, the Customer will be the Controller in accordance with Directive and GDPR, and Recsify will be the Processor.

2.6. The processing and transfer of personal data is carried out in accordance with the requirements set out in the Personal Data Protection Act and Electronic Communications Act of the Republic of Estonia.

3. Data access, data correction, data deletion, data portability and withdrawal of the consent

3.1. Visitors and Customers can review, correct, update, delete or transfer their personally identifiable information. For that, contact us directly at support@recsify.com. We will acknowledge your request within seventy-two (72) hours and handle it promptly and as required by law.

3.1.1. Right to access. Any Visitors and Customers may contact us to get confirmation as to whether or not we are processing Customer’s/Visitor’s personal data. Where we do process Customer’s/Visitor’s personal data, we will inform Customer/Visitor of what categories of personal data we process regarding him/her, the processing purposes, the categories of recipients to whom personal data have been or will be disclosed and the envisaged storage period or criteria to determine that period.

3.1.2. Right to withdraw consent. In case our processing is based on a consent granted by the Customer/Visitor, the Customer/Visitor may withdraw the consent at any time by contacting us or by using the functionalities of our Services.You can withdraw your consents at any time by replying the email with your withdrawal and your Personal Data will be deleted in 48 hours. Withdrawing a consent may lead to fewer possibilities to use our Services.

3.1.3. Right to object. In case our processing is based on our legitimate interest to run, maintain and develop our business, any Customer/Visitor has the right to object at any time to our processing. We shall then no longer process Customer’s/Visitor’s personal data unless for the provision of our Services or if we demonstrate other compelling legitimate grounds for our processing that override Customer’s/Visitor’s interests, rights and freedoms or for legal claims. Notwithstanding any consent granted beforehand for direct marketing purposes, any Customer/Visitor has the right to prohibit us from using his/her personal data for direct marketing purposes, by contacting us or by using the functionalities of the Services or unsubscribe possibilities in connection with our direct marketing messages.

3.1.4. Right to restriction of processing. Any Customer/Visitor has the right to obtain from us restriction of processing of Customer’s/Visitor’s personal data, as foreseen by applicable data protection law, e.g. to allow our verification of accuracy of personal data after Customer’s/Visitor’s contesting of accuracy or to prevent us from erasing personal data when personal data are no longer necessary for the purposes but still required for Customer’s/Visitor’s legal claims or when our processing is unlawful. Restriction of processing may lead to fewer possibilities to use our Services.

3.1.5. Right to data portability. Any Customer/Visitor has the right to receive Customer’s/Visitor’s personal data from us in a structured, commonly used and machine-readable format and to independently transmit those data to a third party, in case our processing is based on Customer’s/Visitor’s consent and carried out by automated means.

3.1.6. How to use these rights. To exercise any of the above mentioned rights, User should primarily use the functions offered by our Services. If such functions are however not sufficient for exercising such rights, Customer shall send us a letter or email to the address set out below under Contact, including the following information: name, address, phone number, email address and a copy of a valid proof of identity. We may request additional information necessary to confirm User’s identity. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded.

3.2. You have the right to lodge a complaint with a supervisory authority if you think that we violate your rights. You could contact The Data Protection Inspectorate in Estonia via their website (http://www.aki.ee/).

3.3. If you are from California and dissatisfied with how we have used your personal information, you can complain to the Information Commissioner’s Office at casework@ico.org.uk . Also You have the right to lodge a complaint with a supervisory authority if you think that we violate your rights. You could contact The California Department of Justice (Department) via their website (https://www.oag.ca.gov/privacy/caloppa/complaint-form/privacy-notice).

3.4. If you are from Brazil, you can also file a complaint with Brazil’s National Data Protection Authority (ANPD) through its official channels.

4. Data Retention

4.1. We will retain Personal Data for as long as you, as Customer, use our Apps or as you, as Visitor, are continue to communicate with our support team. Your information will be deleted if you did not communicate with the support team for more than 12 months.

4.2. Personal Data of Customer’s Clients will be deleted as soon as Customer stops to use our App. Any data collected for the purpose of analytics will be deleted in 12 months after being collected.

5. Information Security

5.1. We care to ensure the security of personal data. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain technical, physical, and administrative security measures to provide reasonable protection for your Personal Data. When we or our contractors process Your information, we also make sure that your information is protected from unauthorized access, loss, manipulation, falsification, destruction or unauthorized disclosure. This is done through appropriate administrative, technical and physical measures.

5.2. We always use pseudonymisation as a method of securing the Personal Data we process as the Processor.

5.3. There is no 100% secure method of transmission over the Internet or method of electronic storage. Therefore, we cannot guarantee its absolute security.

5.4. We never process any kind of sensitive data and criminal offence data not as a Controller nor as a Processor. Also we never undertake profiling of personal data.

6. Contractors

6.1. We work with third party service providers who provide website, application development, hosting, maintenance, and other services for us. They may be located outside of the EEA. These contractors may have access to, or process Personal Data on behalf of us as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions.

6.2. We hereby guarantee that we have data processing agreements in place with our service providers, ensuring compliance with the GDPR and our contracts with them requiring to maintain the confidentiality of such information. All data transfers inside and outside of the EEA are being done in accordance with these data processing agreements.

6.3. All data transfers are performed in accordance with the highest security regulations. Transfer of Personal Data to countries outside of the European Economic Area may be possible only in the case, when we have obtained your consent for it.

6.4. For a complete list of contractors – contact us.

7. Application of this Privacy Policy

7.1. This Privacy Policy is applicable to our website and our Apps. Our website contains links to other websites. Once redirected to another website, this Policy is no longer applicable.

8. Acceptance of these Conditions

8.1. We assume that all Visitors and Customers have carefully read this document and agree to its content. If one does not agree with this privacy policy, they should refrain from using our website and Apps.

9. Changes and Updates to Our Privacy Policy

9.1. From time to time, we may update this Privacy Policy. We will notify you about material changes by either sending an email message to the email address you most recently provided to us or by prominently posting a notice on our Service. We encourage you to periodically check back and review this Policy so that you always will know what information we collect, how we use it, and with whom we share it.

10. Contact us!

10.1. If you have any questions, the practices of this Site, or your dealings with this website, please contact us at support@recsify.com.

Recsify Technologies Pvt Ltd

WeWork The Pavilion,

62/63 The Pavilion,

Church Street,

Karnataka,

560001