Privacy
Policy.

1. Introduction

GlowUp ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use our Shopify application.

2. Information We Collect

2.1 Store Information

When you install GlowUp, we collect:

• Shop domain and basic shop information
• Shop owner name and email address
• Authentication tokens for Shopify API access

2.2 Order & Customer Data

To facilitate the review collection flow, we access:

• Order details (order ID, product names, customer email)
• Customer first name (used in email personalization)
• Submitted photos and reviews provided voluntarily by customers

2.3 Usage Data

We may collect:

• App usage statistics and feature interactions
• Email delivery and engagement metrics (open rates, clicks)
• Error logs and debugging information

3. How We Use Your Information

We use the collected information to:

• Send automated review collection emails to your customers
• Store and display approved before/after photos on your store
• Generate promo codes for approved submissions
• Provide analytics on collection performance
• Authenticate your shop and provide secure access
• Improve our app and develop new features
• Provide customer support

4. Data Storage and Security

We implement industry-standard security measures to protect your data:

• Application data is stored securely on Railway infrastructure
• Customer photos are stored on Cloudflare R2 with signed URLs
• All communications are encrypted using HTTPS/TLS
• Access tokens are stored encrypted in our database
• Background jobs are processed via BullMQ with Redis

5. Data Sharing

We do not sell, trade, or rent your data to third parties. We may share data only:

• With Shopify, as required to provide app functionality
• With Resend, our email delivery provider
• With Cloudflare, for photo storage (R2)
• With our hosting provider (Railway) for app operation
• When required by law or legal process

6. Data Retention

We retain your data for as long as you use our app. When you uninstall the app:

• Your shop data and customer photos are deleted within 30 days
• Access tokens are immediately invalidated
• Email sending is stopped immediately
• You can request immediate deletion by contacting us

7. Your Rights (GDPR Compliance)

If you are in the EU, you have the right to:

• Access: Request a copy of your data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data
• Portability: Request transfer of your data
• Object: Object to processing of your data

GlowUp implements all Shopify mandatory webhooks (customers/data_request, customers/redact, shop/redact) to handle privacy requests automatically.

8. Cookies and Tracking

Our app uses essential cookies for authentication and session management. Email open tracking uses a small tracking pixel for analytics purposes. We do not use third-party tracking cookies or advertising trackers.

9. Children's Privacy

Our app is intended for use by merchants (business users) and not directed at children under 13. We do not knowingly collect information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at:

• Email: tsp.pricescan@gmail.com
• Address: 1 rue des violettes, France