Privacy Policy

The Gist

Below is our privacy poicy for By the Numbers (“The App”). If you have an issue, always feel free to email us at support@bythenumbersapp.com and we’ll do our best to resolve it in a fair and timely fashion.

The App provides reporting, forecasting and predictions over orders and customers (“the Service”) to merchants who use Shopify to power their stores. This Privacy Policy describes how personal information is collected, used, and shared when you install or use the App in connection with your Shopify-supported store.

Personal Information the App Collects

When you install the App, we are automatically able to access certain types of information from your Shopify account:

  • Using the Order API to obtain orders
  • Using webhooks to surface changes to the merchants Shop such as location, preferred currency, email and preferred shop name
  • Using webhooks to receive changes to order states
  • Billing information for the Shopify merchant

Additionally, we collect the following types of personal information from you and/or your customers once you have installed the App: Information about you and others who may access the App on behalf of your store, such as your name, address, email address, phone number, and billing information; Information about individuals who purchase from your store, such as their IP address, web browser details, time zone, and order details.

Google APIs

The App’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

OpenAI APIs

To enhance the insights we provide, By the Numbers utilizes OpenAI’s API. This involves securely sending relevant data to OpenAI to generate context-aware analyses and insights. Data sent to OpenAI is handled in accordance with strict security protocols to ensure your privacy and data security.

Data Protection and Security

We are committed to protecting the privacy and security of the personal information we collect. We employ the following data protection mechanisms to safeguard sensitive data:

  1. Encryption: All personal data, including sensitive information such as billing details, is encrypted both in transit and at rest using industry-standard encryption protocols (e.g., TLS/SSL and AES-256 encryption). This ensures that unauthorized parties cannot access the data while it is being transmitted or stored.

 

  1. Access Control: We implement strict access control mechanisms to ensure that only authorized personnel have access to sensitive data. This includes role-based access controls (RBAC), requiring authentication and secure login credentials.

 

  1. Data Minimization: We limit the collection of personal information to the data that is necessary to provide our services. Sensitive information is only collected and processed to the extent required for operational and legal purposes.

 

  1. Data Anonymization and Masking: Where possible, we anonymize or mask sensitive data (e.g., customer order details, IP addresses) to reduce the risk of misuse or accidental exposure.

 

  1. Audit Logging: All access to sensitive data is logged and monitored to detect any unauthorized access or suspicious activity. Regular audits are conducted to ensure compliance with data protection regulations.

 

  1. Compliance with GDPR and CCPA: We comply with all applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Our data processing practices include ensuring that customers have access to their rights to view, correct, delete, or limit the processing of their personal information.

 

Sensitive Data Handling

By the Numbers does not collect or process sensitive personal data (such as health, financial, or government-issued identification numbers) unless required by law. If such data is collected, it is subject to enhanced security measures as outlined above.

Cookies

For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org. “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps. “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.

How Do We Use Your Personal Information?

We use the personal information we collect from you and your customers in order to provide the Service and to operate the App. Additionally, we use this personal information to: Communicate with you; Optimize or improve the App; and Provide you with information or advertising relating to our products or services.

Sharing Your Personal Information

We do not share data with third parties except for integration with OpenAI as described above. We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant, or other lawful request for information we receive, or to otherwise protect our rights.

Your Rights

If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us.

Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the merchant’s Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.

Data Retention

We will maintain your Order Information for our records until you ask us to delete this information.

Changes

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

Scroll to Top