Privacy policy
CartCraft Pte Ltd (UEN: 202417742K) (“CartCraft,” “we,” “our,” or “us”) is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our Shopify apps. Please read this Privacy Policy carefully.
When you use our contact forms, subscribe to our newsletter, become our customer by purchasing our Shopify apps, or engage with any other services or products we offer, we may collect personally identifiable information. This includes, but is not limited to:
2.2 – We use Plausible Analytics on our website to gather anonymized information about visitor behavior, such as page views and referral sources. Plausible Analytics does not use cookies and does not collect any personally identifiable information. This data helps us improve our website and optimize the user experience.
2.3 – Shopify App Data When you install and use our Shopify apps, we may collect certain information through the Shopify API, such as your shop URL, email address, and data related to your shop. This information is used to provide and improve our app functionality.
We retain the data collected through our Shopify apps for 30 days after the app is uninstalled from your shop. If you wish to have your data deleted sooner, please contact us, and we will promptly remove your data from our systems.
Data collected through Freshdesk and Slack is retained for as long as necessary to resolve your support inquiries and improve our services. If you wish to have your data deleted sooner, please contact us, and we will promptly remove your data from our systems.
For our other products or services, we may retain data for a longer period if necessary for customer support inquiries or other legitimate business interests, including legal documentation purposes. However, we do not share this data and are happy to delete it upon request. Please contact us if you would like your data to be removed, and we will ensure it is deleted from our systems.
Plausible Analytics
We use Plausible Analytics, a privacy-focused web analytics tool, to collect anonymized website usage data. Plausible Analytics does not use cookies and does not collect any personally identifiable information. The data collected includes aggregated information such as total page views, referral sources, and approximate geolocation based on anonymized IP addresses. This data helps us understand how our website is used and improves its performance and user experience.
Plausible Analytics Privacy Policy: https://plausible.io/data-policy
Our Shopify apps use Stripe as the payment processor. The payment is handled directly by Shopify, and we only receive the funds. Stripe’s privacy policy can be found at https://stripe.com/privacy.
Freshdesk and Slack
We use Freshdesk for our customer support and ticketing system. When you submit a support request, Freshdesk processes and stores the information you provide, such as your contact details and support inquiries. This data helps us assist you with your support requests and improve our customer service.
We integrate Freshdesk with Slack to notify our support staff in real-time about incoming support tickets. Slack processes and stores these notifications, which may include your contact details and support inquiry information. Both Freshdesk and Slack treat your data confidentially and implement appropriate security measures in compliance with applicable data protection laws and regulations.
•Freshdesk Privacy Policy: https://www.freshworks.com/privacy/
•Slack Privacy Policy: https://slack.com/intl/en-sg/trust/privacy/privacy-policy
We use Amazon Web Services (AWS) for hosting our email servers and general servers. AWS processes and stores data on our behalf in their data centers, some of which are located outside of Singapore. AWS ensures appropriate security measures are in place for international data transfers in compliance with applicable laws and regulations. AWS implements technical and organizational security measures in accordance with industry standards such as ISO 27001, 27017, and 27018. We have data processing agreements and standard contractual clauses in place with AWS to ensure the protection of your data.
We use Raidboxes, located in Germany, for website hosting services. Raidboxes complies with GDPR requirements for data processors, ensuring a high standard of data protection and security. This includes implementing strong encryption methods, strict access controls, and data minimization practices. Raidboxes also provides GDPR-compliance. Their privacy policy can be found at https://raidboxes.io/legal/privacy-policy/
We use the Borlabs Cookie Consent Manager to obtain user consent for the use of cookies and cookie-based applications. Borlabs processes data in accordance with GDPR standards, ensuring user privacy and data protection. Borlabs implements robust security measures, including data encryption and user consent logs, to safeguard personal data. More information can be found in their privacy policy: https://borlabs.io/privacy-policy/
We use GetResponse, an email marketing platform, for collecting email addresses through sign-up forms on our website, sending newsletters and notifications about app releases or updates, categorizing leads based on app interests or customer status, and sending targeted notifications to specific lead categories. Data is transferred to GetResponse servers in the USA. GetResponse implements security measures in accordance with GDPR standards, and we have a data processing agreement in place with them. Users have the rights to access, rectify, erase, restrict processing, and object to the processing of their data.
– GetResponse Privacy Policy: https://www.getresponse.com/legal/privacy
We use Google Analytics to analyze website usage and improve performance. Google Analytics collects data such as your IP address, location, browser type, and pages visited. This data is used to analyze trends, track user movements, and gather demographic information. Users can opt-out of Google Analytics data collection through browser settings or plugins. The cookie consent manager also assists with opt-out options.
Google Analytics stores the collected data on servers located in various countries, including the United States. To ensure a level of protection comparable to the PDPA, Google implements the following measures:
We use Facebook Pixel for marketing and ad optimization. Facebook Pixel tracks website interactions and collects data for marketing purposes. Data is transferred to Meta Platforms Inc. in the USA, which is certified under the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework.
We use Microsoft Azure for providing AI services, and other cloud computing services. Azure processes and stores data on our behalf in accordance with data processing agreements and standard contractual clauses. Microsoft ensures appropriate security measures for international data transfers and treats your data confidentially.
By using our services, you consent to the processing of your data by these third-party service providers in accordance with their respective privacy policies. We ensure that appropriate data processing agreements, standard contractual clauses, and security measures are in place to protect your data and comply with applicable data protection laws and regulations, such as the GDPR and the PDPA.
Some of the third-party services we use may process data outside of Singapore. We ensure that appropriate safeguards are in place for international data transfers in compliance with the Personal Data Protection Act (PDPA) and other applicable laws and regulations. This includes the use of standard contractual clauses and ensuring that recipients provide a comparable level of protection to the PDPA.
Freshdesk and Slack may process and store data on servers located outside of Singapore. We ensure that appropriate safeguards are in place for international data transfers in compliance with the PDPA and other applicable laws and regulations. This includes using standard contractual clauses and ensuring that recipients provide a comparable level of data protection.
We implement reasonable security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure.
Cookies and Opt-Out
Cookies and Opt-Out
Since Plausible Analytics does not use cookies or collect personal data, it does not require opt-out via the cookie consent manager.
Our website and apps are intended solely for use by businesses and business customers. We sell our products and services exclusively to businesses (B2B) and do not target children under the age of 13. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from children, we will promptly delete such data.
If you believe that we might have information from or about a child under 13, please contact us immediately at contact@cartcraft.io so that we can take the necessary steps to delete the information.
Contact Us If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Data Protection Officer at:
CartCraft Pte Ltd
1 North Bridge Road,
#B1-35,
High Street Centre,
Singapore (179094)
Email: contact@cartcraft.io
This Privacy Policy was last updated on 01.11.2024
Stay connected with us for any inquiries or support needs. Fill out the form below or reach us directly through our contact details.
