Privacy Policy

Privacy Policy & Notice at Collection

Last updated: 28 Nov, 2025

This Privacy Policy and Notice at Collection (“Privacy Policy”) explains how Checkout Boost (“we”, “us”, or “our”) collects and uses data when you install or use our Shopify application (the “App”). It also describes your rights regarding your Personal Information. Please read carefully.

1. Scope & Applicability

• This Privacy Policy applies to merchants who install or use the App, and to any data processed on behalf of those merchants by Checkout Boost.
  

• If you uninstall the App, unless otherwise required by law, we delete store-specific data as described below.
  
  

2. What is “Personal Information” / “Data”

By “Personal Information” or “Personal Data” we mean any information that can identify, contact, or locate an individual — or data that, alone or in combination, qualifies as “personal data” under applicable law (for example: email addresses, IP addresses, device / browser identifiers, checkout- or order-related data, geo-location derived from IP, etc.).

3. What Data We Collect, When, and Why

We collect and process the following categories of data depending on how the App is configured and used:

• Merchant store data — when you install the App, we access information such as store name, store URL, product/variant/collection data, inventory, metafields, tags, and configuration settings needed to enable upsells, content blocks, discount & shipping/payment rules, and other features.
  

• Cart and checkout data — to support features like conditional upsells, checkout extensions, dynamic content blocks, shipping/payment method rules, discount rules, etc., we may process cart-level and checkout-level data such as: product IDs, variants, quantities, cart value, applied discounts, shipping zone/country/region, checkout attributes, shipping/payment selections, and other contextual metadata.
  

• Customer data (limited / scoped) — the App does not generally store full customer profiles. We access or process customer-related data only to the extent strictly required by configured features (e.g. shipping/payment rules, cart/checkout conditions). We do not use or share customer personal contact details unless explicitly required and authorized.
  

• AI feature data — if you activate AI-powered features (e.g. AI-generated upsell suggestions, AI-written content or product descriptions, AI-based rule suggestions), we may process: product names/descriptions/tags, checkout context metadata, merchant-provided text for rewriting, and other relevant non-sensitive data needed for AI processing.
  

• Usage & analytics data — to maintain and improve App performance, monitor usage, debug issues, and optimize features, we may process logs, usage metrics, performance data, and anonymized analytics.
  
  

We collect and process data only on the basis of contractual necessity (for App operation), legitimate interest (for performance, analytics, and feature improvement), or merchant consent (e.g. when enabling AI features).

4. How We Use Data

We use collected and processed data for the following purposes:

• To provide and enable the core functionality of Checkout Boost — upsells, checkout extensions, discount/shipping/payment rules, content blocks, conditional logic.
  

• To deliver optional AI-powered features (upsell suggestions, content rewriting, rule recommendations), where enabled.
  

• To monitor, maintain, and improve App performance, reliability, security, and scalability.
  

• To provide technical support and troubleshoot issues when merchants report problems.
  

• To comply with legal and regulatory obligations (if applicable).
  
  

We do not use your data for purposes beyond those above, nor do we sell or rent your data to third parties for marketing or advertising without explicit consent.

5. Data Sharing & Disclosure

We do not share or sell your data to advertisers, external marketers, or unrelated third parties. Data may be disclosed only in the following limited circumstances:

• To trusted third-party infrastructure or service providers (e.g. cloud hosting, secure AI-inference providers, analytics providers) only insofar as needed to provide the App’s functionality. All such providers are bound by confidentiality and data-security obligations.
  

• To the extent required by law, regulation, subpoena, or lawful request by public authorities.
  

• If we merge, are acquired, or undergo reorganization — in which case your data may be transferred only under obligations to preserve privacy.
  
  

6. Data Retention & Deletion

• We retain store-specific data, configuration, and minimally required data only for as long as the App remains installed and in active use or as required for legal/compliance reasons.
  

• Upon uninstallation, we remove all identifiable store data from our active systems within 48 hours (unless retention is required by law).
  

• We may retain aggregated or anonymized analytics data (which cannot identify any individual store or person) for internal performance metrics and improvement.
  
  

7. Security Measures

We implement industry-standard technical and organizational safeguards to protect data, including:

• Encryption in transit (HTTPS/TLS) and at rest.
  

• Strict access control; internal access only on a need-to-know basis.
  

• Secure server infrastructure, regular audits, monitoring, and incident response procedures.
  
  

While we strive for strong security, no system can guarantee absolute protection; we cannot guarantee that data will always remain secure.

8. Your Rights & Controls

Depending on the jurisdiction, you (as merchant) and — where relevant — your customers, may have rights regarding data we process, including:

• Accessing or exporting stored data.
  

• Requesting correction or deletion of data.
  

• Restricting or objecting to certain types of processing (e.g. analytics, AI-based profiling).
  

• Withdrawing consent where applicable.
  
  

If you wish to exercise any such rights (for yourself, or on behalf of customers, if relevant), you may contact us at our support address.

9. AI Features — Specific Disclaimers

Because Checkout Boost offers optional AI-powered features, by enabling and using them you acknowledge and accept the following:

• AI-generated suggestions or content may occasionally be inaccurate, incomplete, or contextually inappropriate.
  

• It is your responsibility (merchant) to review, validate, and approve any AI-generated content before using or publishing it.
  

• AI-based recommendations are provided “as-is” and for informational purposes only. We do not guarantee performance improvements (e.g. increased conversion rates), compliance, legal or regulatory outcomes, or business results solely based on AI outputs.
  

• Do not input sensitive, confidential, or personally identifiable information (e.g. customer personal data beyond what the App needs) into AI text-input fields.
  

• We disclaim all liability for damages or losses arising from reliance on AI-generated content or recommendations.
  
  

10. Changes to This Privacy Policy

We may update this Privacy Policy at any time (for example, as we add or improve features). When we do, we will post the updated version and update the “Last updated” date. Continued use of the App after changes constitutes your acceptance.

11. Contact Us

For any questions, concerns, or data requests (access, deletion, correction), contact us at: support@checkoutboost.com