Privacy Policy

Privacy and Data Protection Policy

This Privacy and Data Protection Policy (the “Policy”) outlines the practices and procedures implemented by IT-GEEKS (hereinafter referred to as “we,” “us,” or “our”) to ensure the protection of personal data collected and processed through our Easy Subscriptions App (the “App”) for Shopify merchants. This Policy reflects our commitment to comply with privacy and data protection rules and regulations and fulfill the requirements set forth by the Shopify Legal Team. By using our App, you (“merchant” or “you”) acknowledge and agree to the terms and conditions outlined in this Policy.

Processing Only Minimum Personal Data:

  • We will refrain from processing personal data that is not required for the delivery of our services through the App.
  • Personal data will not be stored or used for any secondary purposes unless explicitly agreed upon with the merchant or required by law.
  • Personal data will not be stored or used for any secondary purposes unless explicitly agreed upon with the merchant or required by law.

Informing Merchants:

  • We will clearly inform merchants about the specific personal data we collect and process through the App and provide the reasons for processing such data.
  • To process subscription orders and display relevant information in the merchant’s dashboard, we will need the following personal data from customers: name, email address, billing address, and shipping address.

Limited Processing:

  • We will strictly limit our processing of personal data to the stated purposes of displaying subscription-related information in the merchant’s dashboard.
  • Personal data will not be used for any other purpose without explicit consent from the merchant.

Customer Consent:

  • If we require personal information for secondary purposes such as marketing, we will obtain direct consent from the customer or provide an opportunity to opt out.
  • Customers have the right to withdraw their consent for us to contact them or collect, use, or disclose their information at any time by contacting us at
  • support@easysubscription.io

Opt-Out of Data Sharing:

  • We commit to never making customer data available to any third-party vendors intentionally or accidentally.
  • We do not offer any services that result in public disclosure of customer data.
  • Customers who opt-in can withdraw their consent for continued collection, use, or disclosure of their information at any time.

Automated Decision-Making:

  • Currently, we do not use customer data for automated decision-making processes.
  • In the future, if our services change and involve automated decision-making, customers will have the option to opt out.

Privacy and Data Protection Agreements:

  • We will establish privacy and data protection agreements with merchants to ensure mutual understanding and compliance with privacy and data protection requirements.

Data Retention

  • Once the App is uninstalled, we will retain personal data for a maximum of three (3) days.
  • Personal data will be securely deleted and removed from all servers at the end of the retention period.

Data Encryption:

  • We will utilize Cryptography Extensions, specifically the OpenSSL function, to encrypt and decrypt data at rest and in transit.
  • This encryption will ensure the confidentiality and integrity of personal data.

Data Backup Encryption:

  • We will use Cryptography Extensions, specifically the OpenSSL function, to encrypt and decrypt data backups.
  • Encrypted data backups will be stored securely to prevent unauthorized access.

Separation of Test and Production Data :

  • Test and production data will be kept separate to ensure the security and integrity of both data sets.

Data Loss Prevention :

We have implemented a robust data loss prevention strategy which includes technical controls, policies, and standards to prevent any unauthorized data extraction.
  • Personal data will be stored on primary and secondary servers located in geographically different locations within the USA.
  • This redundancy will help prevent data loss in the event of a server failure or other unforeseen circumstances.

Limit Staff Access to Protected Customer Data :

  • We will implement strict access controls to ensure that only authorized staff members have access to protected customer data.
  • Access to customer data will be granted based on the principle of least privilege, ensuring that staff members only have access to data necessary for their specific roles and responsibilities.
  • We will regularly review and update staff access permissions to maintain data confidentiality and prevent unauthorized access.

Require Strong Passwords for Staff Accounts:

  • We have implemented a strong password verification mechanism for all staff accounts involved in handling protected customer data.
  • Staff members will be required to create complex passwords that meet specific criteria, including a combination of uppercase and lowercase letters, numbers, and special characters.
  • Additionally, we have enabled two-factor authentication (2FA) for staff accounts to provide an extra layer of security and prevent unauthorized access.

Keep an Access Log to Protected Customer Data:

  • We will maintain a detailed access log that records all instances of staff members accessing protected customer data.
  • The access log will include information such as the date, time, staff member’s identity, purpose of access, and any actions performed on the data.
  • The access log will be regularly monitored and reviewed to detect any unauthorized access attempts or suspicious activities.

Implement a Security Incident Response Policy:

  • We have developed a comprehensive security incident response policy to effectively address and manage any security incidents or breaches involving protected customer data.
  • The policy includes predefined procedures for identifying, containing, investigating, and mitigating security incidents.
  • We will promptly notify affected merchants and relevant authorities in the event of a security incident, as required by applicable laws and regulations.
  • Regular security drills and simulations will be conducted to test the effectiveness of our security incident response procedures and make necessary improvements.
  • Lessons learned from security incidents will be used to continuously enhance our security measures and minimize the risk of future incidents.

Reviews

X
Add a Review

    Reviews

  • store-logo

    Daniel was fantastic! I had an urgent issue with one of the subscription features, and he jumped in right away to solve it. Not only did Daniel resolve the technical glitch, but he also offered some insights on improving the overall customer experience on my site. Exceptional service all around!

    On: December 26, 2024
  • store-logo (2)

    Awesome app! you get alot for your money, for a reasonable price infact. The team behind it will gladly customize the application for your spesific needs. Highly recommend! Only thing I would love to see in the future is more customisation for a multilingual store.

    On:
  • store-logo (3)

    The IT Geeks team is a real pleasure to work with. Their support team is very responsive, and they helped me successfully migrate my customer base. Great features for a very reasonable price. I highly recommend this new app for managing subscriptions for complex and custom-coded websites.

    On:
  • store-logo (4)

    Five stars! Easy subscriptions have helped me so much. Their app is super flexible compared to other more well known apps on the market and their support team are super capable and responsive which is a dream. I cant thank these guys enough, you have been truly great every step of the way. Thanks so much, Conal

    On:
  • store-logo (5)

    Easy Subscription is very easy to use as its name indicates, it has made my subscriptions management very easy. Since, I started using this app, I am able to set it up so quickly. When it comes to the support team, is has been super helpful and supportive since day one. I am really happy with it and would highly recommend if for the subscriptions services.

    On:
  • store-logo (1)

    The team at IT-GEEKS/Easy Subscription is fantastic. So easy to work with and really goes the extra mile to get it right. A+ customer service!

    On:
Scroll to Top