Square Apps Privacy Policy

Legal docs

Privacy Policy
Data Processing Agreement
Terms of Use
Merchant Agreement

Who we are

Appsolve (“Company”), having its registered headquarters at 14 Bogdan Voda Str., Bucharest 010936, Romania, processes personal data in compliance with the applicable legal regulations on the protection of natural persons with regard to the processing of personal data.

Introduction

This Privacy Policy describes why and how we at Appsolve process personal data in different situations. It provides you with information about your rights when we act as a personal data Controller.

We may process personal data in relation to:

  • Merchants using Shopify and their representatives, customers, and users
  • Other partners and (potential) clients
  • Anyone contacting us
  • Visitors to Appsolve websites and pages

This Privacy Policy aims to help you better understand how we collect, use, and share personal data. If we change our privacy practices, we may update this Privacy Policy accordingly.

General information on processing personal data

  • Personal data means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, including by identifiers such as name, identification number, location data, online identifier, or other factors specific to the individual’s identity.
  • Processing refers to any operation or set of operations performed on personal data, whether by automated means, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, alignment, restriction, erasure, or destruction.
  • Controller means the person or entity that determines the purposes and means of processing personal data.
  • Processor is the person or entity that processes personal data on behalf of the controller.
  • Recipient refers to any person or entity to whom the personal data is disclosed.

The main categories of data processed

The categories of data processed by Appsolve depend on the specific use cases and include:

  • Identity data: Such as name and surname.
  • Contact details: Such as email address, mobile phone number, and instant messaging accounts.
  • Data relating to representation: Including information pertaining to individuals representing legal entities (e.g., position held, place of work).
  • Access data: Information collected when accessing Appsolve pages or website.
  • User information: Data collected when using our products or services, including user account information shared via social media platforms.

Information from merchants

Privacy matters! If you are a merchant, you must ensure your customers understand how you and Appsolve collect and process their personal information. Accordingly, you agree to post an up-to-date and accurate Privacy Policy on your storefront that complies with applicable laws. You must also obtain consent from your customers for the use and access of their personal information by Appsolve and any third parties.

What information do we collect from merchants?

We collect your name, email address, and phone number. We utilize this information to provide our services, including verifying identity, contacting you, and advertising/marketing.

We may also collect data about the Appsolve websites you visit, how you access your account, and details about your device, including your IP address.

Personal information shared with us about your customers via Shopify’s API is utilized strictly to deliver our services and is not shared with third parties.

Information from customers

We collect personal information about your customers shared by you via Shopify's API, including ID, name, email, phone number, shipping, and billing address.

This information is exclusively used to provide our services to merchants.

Information from Appsolve website visitors and support users

As visitors to Appsolve websites, we collect:

  • Device and browser information
  • Network connection details
  • IP address
  • Personal information via messaging features or contact forms

From support chat users, we gather names, email addresses, device and browser information, and chat transcripts.

Cookies and similar tracking technologies

Cookies are small pieces of data sent to your browser and stored on your device. We use cookies to improve your experience and analyze usage of our services. Data is processed for the purposes mentioned in the Cookies Policy related to that page/site.

Types of data processing

Our company processes personal data for the purposes stated in this Privacy Policy and for each purpose one or more data processing operations may be used such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. This Privacy does not cover any processing carried out by our Company in the name of its clients.

Purposes for which personal data are processed

The Company processes personal data for multiple purposes. The methods of processing, the legal basis for processing, retention periods, and other such aspects may be different, depending on each purpose.

Appsolve processes personal data for multiple purposes, including:

  • Delivering and improving our products and services.
  • Managing customer, supplier, and partner relationships.
  • Fulfilling contractual obligations.
  • Ensuring compliance with legal requirements.
  • Analytics and service improvement.
  • Direct marketing communications, with consent.
  • Economic-financial-administrative management.
  • Exercising or defending our legal rights in court.
  • Statistics

Legal basis on which data processing is based

The legal bases of the processing take into account the provisions of the applicable normative acts regarding the processing of personal data and the provisions of the applicable legislation in the Company’s field of activity.

Data processing is conducted relying on the following legal bases:

  • Necessary for performance of a contract.
  • Compliance with legal obligations.
  • Pursuing legitimate interests of the Company or a third party.
  • Consent provided by the data subject, where required by law.
  • Management of our relations with potential customers, clients, or partners:
    • for managing the risks related to our activity
    • managing the notifications/complaints in connection with our services
    • to improve our products and/or services,
    • to ascertain the exercise or defense of our rights in court

How long do we keep personal data?

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable law.

Specific retention periods include:

  • Duration of the contract or legal relationship.
  • As required by law (e.g., for accounting records).
  • Until completion of our obligations to the customer or until opt-out is requested for marketing communications.
  • Until the withdrawal of consent for data processed based solely on consent.
  • For archiving as mandated by law or Company policy.

In the absence of specific legal requirements, we retain personal data for a minimum of 3 years following the last contact or relationship termination. Any data retention policies are subject to review and may be extended when necessary for legal claims.

Your rights and how to exercise them

Appsolve is committed to facilitating the exercise of your rights under applicable data protection laws. You can exercise your rights by contacting us through the information provided below.

If we receive a request, we may ask for additional information to verify your identity before processing it. We will strive to respond promptly and within legal timelines (usually within 30 days).

Appsolve is committed to upholding your rights regarding your personal data. These rights include:

The right to access:

You have the right to obtain confirmation as to whether we process your personal data. If we do, you can request information about:

  • Purposes of processing.
  • Categories of personal data concerned.
  • Recipients or categories of recipients to whom your data has been disclosed.
  • The expected retention period for your personal data
  • The existence of the right to rectification or deletion of personal data.
  • The right to lodge a complaint with a supervisory authority.
  • Information on the source of your data if not collected directly from you.
  • Details about any automated decision-making processes, including profiling.

The right to rectification:

You have the right to request the rectification of inaccurate personal data without undue delay. You may also complete incomplete data by providing an additional statement.

The right to deletion:

You have the right to request the deletion of your personal data under certain circumstances, such as:

  • The data are no longer necessary for the purposes for which they were collected.
  • You withdraw consent upon which the processing is based, and no other legal basis for processing exists.
  • You object to processing based on legitimate interests pursued by us or a third party.
  • The data have been processed unlawfully.
  • Compliance with a legal obligation requires deletion.

The right to restrict processing:

You have the right to request restriction of processing in certain situations, including:

  • You contest the accuracy of your data, during the time we verify its accuracy.
  • The processing is unlawful, and you request restriction instead of deletion.
  • You no longer need the data for the purposes of processing, but need them for the establishment, exercise, or defense of legal claims.
  • You have objected to processing based on legitimate interests, pending a verification of legitimate grounds.

The right to data portability:

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit those data to another controller without obstruction. This applies if processing is based on your consent or is necessary for the performance of a contract.

The right to object:

You can object to the processing of your personal data when it is carried out for the purposes of legitimate interests pursued by us or a third party. You can also object to processing for direct marketing purposes.

The right to withdraw consent:

If processing is based on your consent, you can withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

The right to submit a complaint:

If you believe that your personal data has been processed unlawfully, you can submit a complaint to us via email or letter. Additionally, you have the right to contact a supervisory authority concerning your complaint.

Categories of recipients of personal data

Appsolve may disclose personal data to the following categories of entities:

  • Public authorities: Including tax authorities and law enforcement agencies.
  • Service providers: Such as cloud providers and IT service firms, who process data on our behalf and per our instructions.
  • Partners: With whom we collaborate to provide our services.

For data transfers outside the European Economic Area (EEA), we ensure that adequate protection is in place, complying with applicable regulations concerning international data transfers.

Consequences of refusal to provide personal data

You are not obligated to provide personal data, but please note that refusal to provide necessary information may prevent us from fulfilling contractual obligations or delivering requested services.

If you have questions or seek clarification about this Privacy Policy, please reach out to us directly.

Contact information for data protection purposes

For inquiries regarding this Privacy Policy or to exercise your data protection rights, please contact us:

Changes to this privacy policy

This Privacy Policy may be updated from time to time. You are encouraged to review this Privacy Policy periodically for any changes. Continued use of our services after changes signifies acceptance of the updated policy.

By using our services, you acknowledge that you have read and understood this Privacy Policy and the information provided regarding personal data processing.