Primy LogoGet Started

Privacy Policy for Primy Apps

Effective Date: 5/29/2025

At Primy Apps (“we,” “us,” “our”), your privacy and trust are our highest priorities. This Privacy Policy outlines how we collect, use, store, and share personal data when you install or interact with any of our Shopify apps, including the Primy Form Builder, through your Shopify-supported store.

We believe in building technology that empowers Shopify merchants without compromising the privacy or rights of their customers.

1. Data We Collect

a. Data from Shopify

Upon installation of our app, we access specific data from your Shopify store via authorized API scopes. The data accessed may include:

  • Store details and metadata
  • Theme configuration and asset references
  • Products and collections
  • Orders and checkout metadata
  • Customer information, including protected customer fields (upon permission)

b. Protected Customer Data

We request access to Name, Email, Phone, and Address only when necessary to support your business needs. These fields are essential for:

  • Creating Shopify customers from form submissions
  • Sending confirmation emails or autoresponders
  • Syncing with CRM, marketing, or newsletter tools
  • Enabling conditional logic or autofill in future form sessions

2. Data We Collect Directly

We also collect information directly from you as the app user or merchant admin, such as:

  • Full name, email address, phone number
  • Business/store name and contact address
  • App usage history and settings
  • IP address, browser type, time zone, and device details
  • Session activity, form creation metrics, feature use
  • Billing data (as applicable)
  • Marketing preferences

3. How We Use the Information

Your data is used solely to deliver the services, features, and experiences associated with our Apps. These include:

  • Delivering core app functionality
  • Creating or updating Shopify customer records
  • Enabling autoresponder emails or integrations
  • Managing your account and subscriptions
  • Troubleshooting and technical support
  • Improving UX, performance, and app reliability
  • Detecting fraud, misuse, or policy violations
  • Complying with legal and Shopify obligations

4. Lawful Bases for Processing (GDPR/CPRA)

We collect and process your personal data under one or more of the following lawful bases:

  • Your consent, as obtained through the Shopify installation process
  • Contractual necessity, to deliver services outlined in our Terms of Service
  • Legitimate interest, such as fraud prevention, usage analytics, or app improvement
  • Legal obligations, to comply with applicable laws or Shopify's platform requirements

5. Subprocessors

We engage third-party service providers (subprocessors) to assist in hosting, analytics, and customer support. These subprocessors are bound by strict confidentiality and data protection obligations:

SubprocessorPurpose
AWS (Amazon)Hosting, database, encryption
Google AnalyticsUsage analytics and insights
Meta/FacebookOptional retargeting campaigns

6. Data Security

We implement layered security protocols, including:

  • Data encryption at rest and in transit
  • Role-based access control (RBAC)
  • IP restrictions for administrative systems
  • Regular security audits and patching
  • Shopify webhook compliance for data deletion and masking

Your customer data is private, encrypted, and never exposed to unauthorized parties.

7. Data Retention

We retain personal data only as long as necessary to:

  • Fulfill the purpose for which it was collected
  • Comply with legal, regulatory, or contractual obligations
  • Resolve disputes and enforce agreements

8. International Data Transfers

By using our Apps, you understand and agree that your data may be processed outside your jurisdiction. Specifically, data may be stored in Canada, United States, and Ireland where our cloud infrastructure is hosted. Transfers comply with applicable data protection laws and include appropriate safeguards, such as standard contractual clauses.

9. Your Rights

Depending on your jurisdiction (e.g., under GDPR, CPRA, or PIPEDA), you may have the right to:

  • Access the personal data we hold about you
  • Correct or delete your data
  • Object or restrict certain processing
  • Withdraw your consent at any time
  • Request a copy of your data (data portability)
  • File a complaint with a data protection authority

10. Children's Privacy

Our Apps are not directed at children under the age of 18. We do not knowingly collect personal information from minors. If you believe we have collected such information, please notify us immediately at support@primy.io, and we will promptly remove the data.

11. Limitation of Liability

While we implement industry-leading safeguards, no digital transmission or storage method is 100% secure. You agree to use our Apps at your own risk. Primy Apps shall not be liable for any indirect, incidental, or consequential damages arising out of data breaches, loss, or unauthorized access, except as required by law.

12. Updates to this Privacy Policy

We may update this Privacy Policy to reflect operational, legal, or platform changes. Any modifications will be posted on this page with an updated “Effective Date.” We recommend reviewing this Policy periodically to stay informed.

13. Contact Us

For inquiries, concerns, or data requests, please contact:

Primy Apps

Email: support@primy.io

Website: https://primy.io