1. BluePeacock’s Roles & Responsibilities

This Privacy Policy does not apply to Personal Data that we process as a service provider (or an equivalent role such as a 'processor' under certain laws) on behalf of our customers. Our customers may use BluePeacock’s cloud products and services to manage their own data, including integrating their websites and applications with our platform, offering their products and services, and sending communications. In these cases, the customer is solely responsible for the collection, use, and processing of such Personal Data.

BluePeacock does not control or decide what Personal Data our customers collect or process through our services. If you receive access to BluePeacock’s cloud services through a customer’s subscription, the customer determines what information is shared with us. This may include contact information (such as your name, email address, or phone number) and professional details (such as your job title or department). BluePeacock processes this data strictly under the direction of the customer, in accordance with our agreements, and in compliance with applicable laws.

If you have questions regarding how your data is handled within a customer’s use of our services, please contact the customer directly. BluePeacock is not responsible for how our customers collect, use, or share your information, and their privacy practices may differ from those outlined in this Policy. Unless otherwise specified in this Privacy Policy or another disclosure, we act solely as a service provider or processor, and the customer remains the data controller responsible for your Personal Data.

2. Personal Information the App Collects

When you install the App, we are automatically able to access certain types of information from your Shopify account:

• A. Shopify API Access:
  • read_gift_cards: Allows the App to read existing gift card details to ensure accurate imports and prevent duplicates.
  • write_gift_cards: Allows the App to create new gift cards on your behalf as requested during the import process.
  • Shop Details: Information about your store, such as domain, name, email address, and location.
• B. Data Collected Independently from Shopify APIs:

  BluePeacock does not collect personal information from you or your customers independently. We do not collect names, addresses, IP addresses, or browser details from your store visitors.

  • Gift Card Importer Specifics: For our Gift Card Importer app, we store information related to the history of imports (Store/Shop Name, the name of the file uploaded, total cards, success count, error count, and timestamp of import). We do NOT store any customer data, nor do we store the actual contents of the uploaded files.

3. Information You Provide

When you use our Services, we may collect personal information to deliver and improve those Services. We will clearly explain why we need your information when we request it, and whether providing such information is mandatory or voluntary. Your decision to share personal information is at your discretion, but some features may require it for access.

We may collect information such as your name, email address, postal address, phone number, and any other details you provide when you interact with us. This includes activities like submitting inquiries, requesting service information, completing surveys, providing feedback, downloading resources, or registering for events. BluePeacock does not sell your personal information to third parties.

If you authorize us to collaborate with a third party on your behalf, we may share the necessary information to fulfill your request. Our use and sharing of your data always adhere to this Privacy Policy and applicable legal frameworks.

Information You Provide to Us:

• A. Account Signup: For the Gift Card Importer app, we do not require a separate account signup beyond your Shopify store installation. We do not collect names, company names, or passwords.
• If you attend an event, such as a webinar or seminar, we may collect additional contact and professional details through various methods, including:
  • Registering for the event.
  • Scanning your attendee badge or submitting a business card.
  • Filling out forms to download materials or request information.
  • Participating in surveys, contests, or providing customer support inquiries.
• B. Contract and Payment Data: We may collect contract information, including signatures, and use secure payment services to process transactions. This may include your billing name, billing address, and limited payment card information. We do not store full credit card numbers. With your consent, we may securely store encrypted payment details for future transactions through our Payment Gateway Service Providers.
• C. Interactions with BluePeacock: If you participate in BluePeacock events (in-person or virtual) or agree to be recorded during calls or video meetings, we may capture audio, video, and images for documentation and internal use. You will be informed in advance if recording will occur. Participation implies your consent unless otherwise specified.
• D. Testimonials: With your explicit permission, we may use your name and other details in testimonials to showcase customer experiences with our Services. You will have the opportunity to review and approve any testimonial before it is published on our website or other platforms.

4. Information We Automatically Collect

The Gift Card Importer app does not automatically collect tracking information such as IP addresses or cookies from your store's end-users. We do not utilize any automated decision-making or profiling based on user behavior.

5. Information We Receive from Third Parties

We do not receive or process personal information about your customers from third-party sources. Any information from Shopify is handled strictly via their API according to the permissions granted during installation.

6. Use of Collected Information

We use the store email address provided via Shopify strictly for operational communication regarding the App's performance and status. We do not use any personal information for marketing, behavioral advertising, or third-party profiling.

7. Sharing of Personal Information

BluePeacock does not share personal information with third parties for marketing or advertising purposes. We only disclose information when required by law or to respond to valid legal requests from public authorities.

8. Legal Bases for Processing Personal Data

(for United Kingdom and European Economic Area and other relevant jurisdictions)

If you are located in the United Kingdom, the European Economic Area (EEA), or any other jurisdiction with similar data protection laws, we only process your Personal Data when we have a valid legal basis under applicable regulations. The specific legal bases depend on the products and services your organization has purchased, how you interact with our websites and systems, and your participation in BluePeacock events. We process your Personal Data only in the following circumstances:

• a. When it is necessary to operate and provide our products and services, deliver customer support, enable personalized features, and maintain the security and integrity of our systems.
• b. When it serves a legitimate interest of BluePeacock - which is not overridden by your rights - such as for research and development, delivering information about services that may benefit you, and protecting our legal rights.
• c. When you have given explicit consent for a specific purpose.
• d. When it is necessary to comply with a legal obligation.

If you have consented to our use of your Personal Data for a specific purpose, you may withdraw that consent at any time; however, this will not affect any processing that has already occurred. If we process your data based on our legitimate interests, you have the right to object, although doing so may mean that you can no longer use certain products or services.

When we de-identify Personal Data for further use, we commit to maintaining its de-identified status and will not attempt to re-associate it with your identity - except as necessary to verify that our de-identification measures meet legal requirements.

9. Your Rights, Choices and Correcting Your Personal Information

You have specific rights regarding the personal information BluePeacock holds about you. We commit to providing these rights no matter where you live.

• a. Right to Access: You may request access to and obtain a copy of the personal data we hold about you, including details such as the data’s source, the purposes for its use, the retention period, and the recipients with whom it is shared.
• b. Right to Rectification: You can ask us to update your personal data or correct any inaccuracies. Depending on how your data is used, you may also request that we add supplementary information to your record.
• c. Right to Erasure: Under certain conditions - such as when your data is no longer necessary for its original purpose - you have the right to request that we delete your personal information.
• d. Right to Restriction of Processing: You may ask us to limit the processing of your data, for example, if you contest its accuracy or if you have objected to its use while we determine whether we have overriding legitimate grounds.
• e. Right to Data Portability: You can request that we transfer your personal information to another party in a structured, commonly used, and machine-readable format, where the processing is based on your consent or automated decision-making.
• f. Right to Object: In certain circumstances - such as for direct marketing - you have the right to object to the processing of your personal data.
• g. Right to Complain: If you believe that we are not handling your personal data in accordance with applicable laws, you have the right to lodge a complaint with the relevant supervisory authority, where one exists.
• h. Shopify Data Requests (Webhooks): As a Shopify App provider, we comply with Shopify's mandatory privacy webhooks. If a store customer requests access to or deletion of their data via Shopify, we will process the request accordingly. Please note that for our Gift Card Importer app, we do not store customer personal data. When a merchant uninstalls our app and requests shop data deletion via Shopify, we complete the deletion within Shopify's required timeframes, and automatically purge import histories within 1 month.

10. Data Retention

We retain your personal information only as long as we have a legitimate business need to do so - for example, to comply with legal, tax, or accounting requirements, enforce our agreements, or fulfill our legal obligations.

When there is no longer a legitimate reason to keep your personal data, we will delete or anonymize it. In cases where deletion is not immediately possible (for instance, if your data is stored in backup archives), we will securely store it in isolation from further processing until it can be properly removed.

Gift Card Importer App: For users of the Gift Card Importer app, any stored data related to import histories (such as file names, store names, and metric counts) is automatically deleted 1 month after the app is uninstalled.

For Subscriber Data processed on behalf of our Subscribers, we will retain the information for as long as you instruct us to, or as required by applicable law.

11. Security of Personal Information

We take extensive measures to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction. Our security practices include physical access controls, encryption, firewalls, intrusion detection systems, and continuous network monitoring - each tailored to the nature and scale of our data processing activities. Your data is treated as confidential at all times.

For more details about our security, please review our Terms of Service.

12. International Data Transfer

Your personal data may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your home jurisdiction and, in some cases, may offer less protection. For example, while our primary servers are located in the United States, Europe, and Australia, data is typically stored and processed in the U.S. However, at your request, we can relocate your data to servers in Europe or Australia. Additionally, your information might be processed in regions where our affiliates, partners, or third-party service providers operate.

We have implemented appropriate safeguards to ensure that your data remains protected in accordance with this Policy. These safeguards include adherence to the European Commission’s Standard Contractual Clauses, which govern transfers of personal data from the European Economic Area (EEA), the United Kingdom, or Switzerland.

13. General

• A. Data Processing Addendum
  To help you comply with your data protection obligations, we are prepared to sign a suitable Data Processing Addendum (DPA). You may request a DPA from BluePeacock or its affiliates, and upon receipt of your request, we will forward the appropriate document for your signature.
• B. Data Subject Requests
  If you are located in the European Economic Area and believe that we process your data on behalf of one of our customers, please contact that customer directly if you wish to access, rectify, erase, restrict, or object to the processing of your personal data - or to request data portability. We will cooperate with our customer to support your request within a reasonable timeframe.
• C. Children’s Personal Information
  Our websites are not directed at children. We do not knowingly collect personal data from children under the age of 16. If you are a parent or guardian and believe that your child has provided personal data without your consent, please contact us at info@bluepeacock.in so that we can promptly delete such information.
• D. Disclosures in Compliance with Legal Obligations
  We may be required by law to preserve or disclose your personal data and service-related information in order to comply with applicable legal obligations, regulations, legal processes, or governmental requests - including those related to national security.
• E. Enforcement of Our Rights
  We may disclose personal data and service information to third parties if we reasonably believe that such disclosure is necessary to prevent fraud, filter spam, investigate suspected illegal activities, enforce our agreements or policies, or protect the safety of our users.
• F. Compliance with this Privacy Policy
  We regularly review our practices to ensure that the personal information you provide is processed in accordance with this Privacy Policy. If you have concerns about our compliance or the way we handle your personal data, please contact us at info@bluepeacock.in. We will respond and, if necessary, coordinate with the relevant regulatory authorities to address your concerns.
• G. Blogs and Forums
  Our websites include publicly accessible blogs and forums. Please note that any personal information you share in these spaces may be used to contact you with unsolicited messages. We advise you to be cautious when disclosing personal information on these platforms, as BluePeacock is not responsible for the information you choose to share publicly. Your posts and profile information may remain visible even after you close your account. To request the removal of your information from our blogs or forums, please contact us at info@bluepeacock.in.

14. External Links on Our Websites

Our website may include links to third-party websites for your convenience and reference. Please note that we do not control these external sites, and we are not responsible for their content, privacy practices, or security measures. We encourage you to review the privacy policies and terms of use of any external site before providing any personal information.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or regulatory requirements. The date of the latest revision is indicated at the top of this page. It is your responsibility to review this policy periodically. We will not make any material changes that diminish the protection of your personal information without obtaining your consent.

16. Contact

If you have any questions or concerns about our privacy practices or this Privacy Policy, please contact us using one of the following methods:

Email: info@bluepeacock.in
Phone: +91 8796202939
Address: B-1001, Amar Courtyard, Hadapsar, Pune, India - 411028
Or fill out our contact form: Contact Us