Superstorefront Privacy Policy

This Privacy Policy describes how Superstorefront Inc. ("Superstorefront," "we," "us," or "our") collects, uses, and discloses information in connection with your use of our e-commerce platform and related services (the "Service"). This policy applies to information collected from our merchant customers ("Merchants") and their end-users (shoppers, "Customers") who interact with online storefronts powered by our Service.

1. Information We Collect

We collect various types of information to provide and improve our Service:

Information from Merchants:

Account and Business Information: When you register for a merchant account and use the Service, you provide information such as your business name, contact person's name, email address, phone number, business address, and payment information for your subscription fees.

Platform Usage Data: We collect information about how you access and use the Service, including your interactions with the platform features, login times, IP address, browser type, and operating system.

Information We Process on Behalf of Merchants (Customer Data):

When a customer places an order through your storefront powered by our Service, we process customer data on your behalf. This data includes the customer's name, email address, phone number, and order details (items purchased, quantity, price, time of order).

We also process transaction data via our integration with Stripe, but we do not receive or store sensitive payment card information.

Information Collected Automatically:

Usage Data: We may collect information about how the Service is accessed and used, which may include information about the devices used to access the Service.

Cookies and Tracking Technologies: We use essential cookies and similar tracking technologies (like pixels and web beacons) that are strictly necessary for the operation of the Service, to maintain security, and to ensure core functionality. These technologies are used to enable your login, manage your session, and provide the basic features of the Service. We do not use these technologies for marketing or analytics purposes that track your activity across other websites or services.

2. How We Use Information

We use the information we collect for the following purposes:

• To Provide and Maintain the Service: To operate your online storefront, manage inventory and orders, process transactions via Stripe, and provide the features and functionality of the platform.
• To Manage Your Account: To register your account, communicate with you about your account and the Service, and process your subscription payments.
• For Analytics and Insights: To analyze usage trends, monitor the effectiveness of the Service, and generate anonymized and aggregated insights and recommendations. When data is used for insights and recommendations shared with others, it is processed to remove identifying information about your specific store or your customers' personal data.
• To Improve and Develop the Service: To understand how our Service is used, troubleshoot issues, and develop new features and functionality.
• For Security and Fraud Prevention: To protect the integrity and security of the Service, prevent fraudulent activity, and deter scams and theft.
• To Communicate with You: To send you service-related announcements, technical notices, updates, support messages, and, with your consent where required, marketing or promotional communications.

3. How We Share Information

We may share information in the following circumstances:

With Third-Party Service Providers:

We share information with third parties who perform services on our behalf and under our instruction to support the Service. These include:

• Stripe: For payment processing, tax calculation, and merchant payouts. Your use of Stripe is subject to their terms and privacy policies.
• AWS (Amazon Web Services): Our cloud hosting provider, which stores the data processed by our Service.
• Postmark: For transactional email delivery.
• Other providers who assist with essential business operations, such as customer support tools. These providers are contractually obligated to protect your information and use it only for the purposes for which it was disclosed.

With Merchants (Your Customer Data):

As a data processor, we process customer data collected through your storefront and make it available to you (the Merchant) as the data controller for the purpose of fulfilling orders and managing your customer relationships.

With Other Merchants and Users (Anonymized & Aggregated Data):

As described in Section 2.3, we may share anonymized and aggregated insights and recommendations derived from the data on our platform. This shared data will not identify your specific store or your customers' personal information.

For Legal Reasons:

We may disclose information if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency request).

To Protect Our Rights:

We may disclose information when we believe it is necessary to protect our rights, property, or safety, or the rights, property, or safety of others.

Business Transfers:

In connection with a merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company, your information may be transferred as part of that transaction.

4. Data Security

We implement commercially reasonable technical and organizational measures to protect the information we collect and store against unauthorized access, alteration, disclosure, or destruction. This includes leveraging the security features provided by our cloud hosting provider (AWS) and other service providers. However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your merchant account information and the data associated with your store for as long as your account is active and for a limited period thereafter as necessary for our legitimate business purposes, to comply with legal obligations, resolve disputes, and enforce our agreements. Customer data processed on your behalf is retained according to our data retention policy and your instructions as the data controller, consistent with applicable laws.

6. Your Choices and Rights

Merchant Account Information:

You can access and update your merchant account information through the Service settings.

Customer Data:

As the data controller for your customer data, you are responsible for handling requests from your customers regarding their personal data (e.g., requests for access, correction, or deletion). We will assist you in responding to such requests to the extent required by applicable law and our agreement with you.

Cookies:

You can typically set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse essential cookies, please note that some parts of the Service may then be inaccessible or not function properly.

Data Export Upon Termination:

If you are a Merchant, upon termination of your agreement with Superstorefront, or at any time upon your written request, we will, within a reasonable timeframe, provide you with the ability to export Your Data in a standard, machine-readable format. This data export functionality will remain available for a period of thirty (30) days following the effective date of termination. After this 30-day period, or upon your earlier request, Superstorefront will delete Your Data from its active systems, subject to its data retention policies and legal obligations. Superstorefront reserves the right to charge a reasonable administrative fee for data export requests made after the initial 30-day post-termination period.

7. California Privacy Rights (For California Residents - CCPA/CPRA)

If you are a California resident, you have certain rights regarding your personal information under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). These rights include:

• Right to Know: You have the right to request that we disclose to you the categories and specific pieces of personal information we have collected about you, the categories of sources from which it is collected, the purposes for collecting or selling it, and the categories of third parties with whom we share it.
• Right to Delete: You have the right to request the deletion of your personal information that we have collected, subject to certain exceptions.
• Right to Correct: You have the right to request the correction of inaccurate personal information we maintain about you.
• Right to Opt-Out of Sale/Sharing: Superstorefront does not "sell" or "share" (for cross-context behavioral advertising) personal information as those terms are defined under CCPA/CPRA.
• Right to Limit Use and Disclosure of Sensitive Personal Information: You have the right to limit the use and disclosure of your sensitive personal information in certain circumstances.
• Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA/CPRA rights.

To exercise these rights, if you are a Merchant, please contact us using the "Contact Us" information below. If you are a Customer of a Merchant using our Service, please direct your request to the specific Merchant whose storefront you used. We will assist our Merchants in fulfilling such requests as required by law.

8. Children's Privacy

Our Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For material changes, we may also notify you via email or other reasonable means. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Superstorefront Inc.
8 The Green STE A
Dover, DE 19901
Email: support@superstorefront.co