Privacy Policy

EFFECTIVE:

February 4, 2019

UPDATED:

February 20, 2019

This privacy policy applies to Arigato Automation, an app on the Shopify platform operated by Bonify, LLC (the “Company,” “us,””we” or “our”, “Bonify” or “Bonify, LLC”).

We provide the Arigato Automation "Service" as defined in the Terms of Use using our application on the Shopify platform (“App”).

We respect and protect the privacy of our users. This Privacy Policy explains how we collect and use your information and is part of our Terms of Use when you use our Service.

WHAT DO WE COLLECT

Personal Data

“Personal Data” means any information relating to an identified or identifiable natural person. We collect Personal Data from two (2) classes of users of the service: Administrators for entities that contract with us or that might be interested in contracting with us (“Merchants”) and the persons that Merchants desire to use the Service offered by the Merchants (“Customer End Users”).

Merchants:

For Merchants, we will collect Personal Data such as:

First name

Last name

Email address provided by Merchant

Unique Identifier (token provided by Shopify)

Log Files, which record errors encountered during app use.

IP address of Merchant accessing the Service

Such Email or contact information automated workflows that Merchants choose to make public on your site or disclose to others by through data entered into workflows using the Services.

For Merchants we may also collect non personally identifiable data that may be linked to Merchant Personal data by us or Third Party Service and Application Providers.

Merchant domain

Logs of completed tasks and configured triggers and actions.

Third Party Services and Applications linked to and their APIs

Workflow logs that you can view containing tasks and configured triggers and actions.

Third Party Applications Integration

The Services allows Merchants to integrate and create commands into Shopify, and other third party applications ("Third Party Services and Applications"). For us to provide this Service to Merchants, Once the Services app is installed, Merchants access will need to be authenticated between the Service and applicable Third Party Services and Applications, such as Shopify as well as third party applications. This is necessary to confirm your access to the Third Party Services and Applications and to share such workflows and data per your instructions. You can change or delete your permissions through your Shopify account page). When you enable linking between or log in through Shopify you can share information with the Shopify platform-based Third Party Services and Applications, we will collect relevant information necessary to enable the Service to access the applicable Third Party Services and Applications and your data and content contained within that Third Party Services and Applications per your instructions. Shopify’s platform wiil give you a token to allow access to the APIs to access Shopify or other Third Party Applications to enable linking to the Third Party Services and Applications.Please note that Shopify controls its own platform and has its own privacy policy, as noted in the Use of the Shopify Platform and Shopify as Controller in Common section.

For non-Shopify platform Third Party Services and Applications, we will authorize your access and enable you to share your workflows and data with the Third Party Services and Applications You can change this access by editing your workflows.

Customer End Users:

We do not knowingly collect Personal Data on Merchant Customers or Customer End Users. The Services allow you to create workflows to transmit or use data that you collect using tokenized fields, but we do not store any End User data unless you enter it directly into the workflow. You should not store Customer End User Personal Data or other Personal Data in workflows as it will not be secure.

Tracking Data

We and our third-party service providers may collect certain tracking information about your use of our Service. For example, we collect;

• Log information (including your dates/time of access and related data)

Cookie Policy

This Cookie Policy ('Policy', henceforth) describes Bonify’s (affiliates 'we', 'us', 'our', or 'Company') cookie handling practices with respect to the Arigato Automation Service, and how we makes use of cookies to collect information that helps us improve your online experience.

We collect information when you visit the Service including viewing any of our documents linked to this Policy, use our App or Service, which may include personal information or other information considered personal, such as your browser details, the date and time of your visit, and even your Internet Protocol address.

The Policy covers in detail the technologies used by us, why we use them, and your rights to opt in or out of being tracked in your Company account with cookies.

What are cookies?

Cookies are small text files that are downloaded by the browser that you use to reach and use our service. These cookies collect, store, and share data of your activities across websites. They are mainly used to learn about your actions when you interact with the sites and services and "remember" you and your preferences, such as your preferred browser or language, either for a single visit (via a 'session cookie') or for multiple visits (using a 'persistent cookie').

We use both session-based and persistent cookies. Here’s what they are:

• Session cookies are temporary and last only while your browser is open. They are deleted from your device when you leave the service.

• Persistent cookies remain in your browser or device for a much longer time mostly until your browser deletes them or when they reach their expiry date, depending on the cookie. They are unique and allow us to perform site, app and Service analytics and customization, among other similar things.

Cookies may be set by either the site that you are visiting (‘first party cookies’) or by third parties, such as those who use our services (‘third party cookies’). More information on cookies can be found at www.aboutcookies.org.

Types of cookies

The table below explains the types of cookies we use on our websites, apps and the Service and why we use them.

Category of cookies Why we use these cookies

Necessary These cookies are strictly necessary to perform important activities such as allowing registered users to authenticate themselves to secure areas and perform account related functions.

Preference These cookies allow our services to recognize you and remember your preferences when using our services. This enables us to personalize our content for you and provide you with a more personal experience without you having to re-enter your preferences every time you visit our Services.

Security These cookies help to detect, identify, and prevent suspicious or malicious activities on our services. They also detect authentication failures and take measures to increase the security of the service

Analytics These cookies collect information on how users interact with our services. This helps us understand how well our services are doing and what improvements are need. This enables us to operate our Services more efficiently, and to research and develop new Services and features.

Third-Party / Embedded Content Cookies operated by third-party applications or service providers gather browsing activity across multiple websites and across multiple sessions and use them to enhance the experience of website visitors. These cookies may be used for providing certain statistical and analytics purposes and can help to prevent fraudulent traffic or other suspicious activities. They are usually a persistent cookie and continue to stay in your system until you delete them or they expire based on the time period set in each third-party cookie.

Please note that we have no direct control over the information collected by these cookies or how they use them. So it is advisable to review each third-party's cookie disclosure before consenting to this use category.

What cookies do we use?

While there are several types of cookies (as specified in the ‘types of cookies’ section), Company uses ‘Strictly Necessary’, ‘Preference’, and ‘Third-Party’ cookies.

‘Strictly Necessary’ cookies are required for using our sites and services. If you refuse to accept these cookies, we are not liable for any security breach nor can we predict how our sites and services will perform.

We use ‘Preference’ cookies to track your behavior and remember your preferences.

The ‘Third-Party’ cookies that we use include Google Analytics, ZenDesk and Drip You can turn them off by disabling cookies on your browser and some have opt out policies as well, for more information go to the Google Analytics Privacy Policy, Drip Privacy Policy and Zendesk Privacy Policy.

How and why do we use cookies?

Company uses cookies to identify you as a unique user, remember you preferences, tailor our products to suit your interests and needs, and to track your usage of our sites and services. Likewise, we may also use cookies to restrict you from accessing certain content or features, protect our sites and services, and to carry out the requests that you make.

Company uses third-party applications to provide better service to all our users. These apps and services make use of persistent cookies to improve user experience, analyze user behavior, and manage content.

How to control and disable cookies

You have the right to decide whether or not to accept cookies and similar technologies. If, however, you choose to disable cookies, it may affect the availability and functionality of some components or features of our Services.

Opt-out of cookies through browser

Most browsers accept cookies, by default. However, they provide ways that allow you to change cookie settings in order to make the browser refuse certain types of cookies or at least inform you before accepting cookies. You can make these changes either through the browser’s inbuilt settings or through external plugins. The procedure for changing cookie settings is different for different browsers. You can go to the help page of your browser to learn more.

Consent

If you do not opt out of accepting cookies, you agree to the collection, usage as well as sharing of your details, including your personal data, by us and by the various third-party apps (subject to their privacy and cookie policies) that we use. You can change cookie setting to revoke your consent anytime by following the steps mentioned in the ‘How to control and disable cookie settings’ section given above.

HOW DO WE USE YOUR DATA?

Analytics

BONIFY, LLC utilizes Tracking Information to access anonymous data to help us understand how our Services are used. We use Tracking Information to customize content for you and improve our Services. Google Analytics provides reports to Company with website trends without identifying individual visitors.

Authentication

We use Merchant Personal Data to match and authenticate your account access to Shopify and related applications.

Providing the Services

We use Merchant Personal Data to provide the Services, provide customer service/support and communicate with you regarding the Services and new features. If you are a Merchant, it enables us to track your use for merchant service purposes.

When you enable the Service to link content and data between the Services and Third Party Services and Applications, Third Party Services or Applications provider, such as Shopify or Slack, will provide us with access to certain information that you may have provided to the Third Party Services and Applications, and we will use, store and disclose such information in accordance with this Privacy Policy. However, please remember that the manner in which Shopify and third party application providers use, store and disclose your information is governed by the policies of such Shopify and its third party application providers, and Bonify, LLC is not, and shall not have any liability or responsibility for the privacy practices or other actions of any Shopify or third party applications and their services that may be enabled within the Service.

SHARING YOUR DATA

We will not sell, rent, or share Personal Data with third parties outside of our company without your consent, except in the following ways:

Note About Automation Tools.

While we do not post your Personal Data directly, Bonify, LLC’s Services includes automation of certain functions by Merchant to Merchant website and other Third Party Services and Applications, some of which may involve communicating with your customers or other members of the public for viewing by the public If you choose to link workflows to these Third Party Services and Applications or post your contact information or other Personal Data into these tools or share your Personal Data or that of your customers with Third Party Services and Applications, they may be viewable by third parties. Please consult with the privacy policies of any Third Party Service and Application providers you choose to link the Services to.

Excluding the Personal Data you provide to use to administer your use of the Services, you can control what data you share by editing your workflows.

Processing Your Payment

We work with Shopify to process your payment in order to use the Services. We do not collect or store your payment information or Personal Information related to payment.

Direct Marketing

We use Merchant Personal Data to communicate with you regarding the provisioning of the Services, but also to let you know about additional features and services we provide that may be of interest to you. If you do not wish to receive marketing communications, you may opt out at any time

Law Enforcement and Internal Operations

Personal Data may be provided where we are required to do so by law, or if we believe in good faith that it is reasonably necessary (i) to respond to claims asserted against BONIFY, LLC or to comply with the legal process (for example, discovery requests, subpoenas or warrants); (ii) to enforce or administer our policies and agreements with users; (iii) for fraud prevention, risk assessment, investigation, customer support, product development and de-bugging purposes; or (iv) to protect the rights, property or safety of BONIFY, LLC, its users or members of the general public. We will use commercially reasonable efforts to notify users about law enforcement or court ordered requests for data unless otherwise prohibited by law. However, nothing in this Privacy Policy is intended to limit any legal defenses or objections that you may have to any third-party request to compel disclosure of your information.

Business Transfer

BONIFY, LLC may sell, transfer or otherwise share some or all of its assets, including Merchant Personal Data, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy. Under such circumstances, BONIFY, LLC will use commercially reasonable efforts to notify its users if their personal information is to be disclosed or transferred and/or becomes subject to a different privacy policy.

Third-Parties

We sometimes contract with other companies and individuals to perform functions or services on our behalf, such as software maintenance, data hosting, sending email messages, etc. We necessarily have to share your Personal Data with such third-parties as may be required to perform their functions. We take steps to ensure that these parties take protecting your privacy as seriously as we do, including entering into Data Processing Addendum(s), EU Model Clauses and/or ensuring these third-parties have EU-U.S. and Swiss-US Privacy Shield certification.

 

Third Party Service Providers

Use of the Shopify Platform and Shopify as Controller in Common

Our Service is intended to work with the Shopify platform, which collects your information, including your Personal Data and processes it for Merchants that use the Shopify platform. As such, Shopify is also a Controller in common of your Personal Information. For Merchants, this means that they have their own policies as to how they use your Personal Information as a customer of theirs. If you would like to know more about Shopify’s privacy and data protection practices, please refer to their privacy policy or contact their Data Protection Officer at privacy@shopify.org or at the addresses below:

Shopify Residents outside of the European Economic Area:

Shopify Inc.
Attn: Chief Privacy Officer
150 Elgin St., 8th Fl
Ottawa, ON K2P 1L4
Canada

Shopify Residents of the European Economic Area:
Shopify International Limited
Attn: Data Protection Officer
c/o Intertrust Ireland
2nd Floor 1-2 Victoria Buildings
Haddington Road
Dublin 4, D04 XN32
Ireland

Use of Google Sheets.  In order to process and authorize workflows we use OAuth protocols, Shopify and Google. Our access to your Google Sheets account is granted via OAuth protocols that connect your Google account with our App. We store URLs to your Google Sheets in order to link and send data from your workflow automations in our App to your Google Sheet(s). The App only collects and stores the URLs to your Sheets that you specifically provide to us in the app. When your workflows are triggered, we transmit your specified data to your specified Google Sheet(s). We do not store the data in your Sheet(s) or use it in any other way. Your Google Sheet(s) may contain or be linked to Personal Data from Merchants. You can access and amend your Sheets in accordance with Google’s policies, terms and conditions. Google’s ability to use and share information stored in Google Sheets about your visits to this site is restricted by the Google Terms of Service, the Google Privacy Policy and Data Processing Amendment.

The following third-party processors collect personal data on our behalf and transmit it to us

Third Party Provider: Google Analytics

Location of Processing: United States

Basis for Processing: US-EU Privacy Shield and EU Standard Contractual Clauses with Data Processing Amendment.

Google Analytics collects information about the use of the Services. Google Analytics collects information such as how often users visit this site, what pages they visit when they do so, and what other sites they used prior to coming to this site. We use the information we get from Google Analytics only to improve this site, but in anonymous form. Google Analytics collects only the IP address assigned to you on the date you visit this site and assigns a user ID code, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Google uses this information to analyze your use of the website, to generate reports about website activities for website operators and to provide further services related to website and internet use. Google may also share such information with third parties to the extent it is legally required to do so and/or to the extent third parties process data on behalf of Google. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy and Data Processing Amendment. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser. You may block Google Analytics on some browsers with the help of a browser add-on if you do not want us to use this website analysis. This add-on can be downloaded at: http://tools.google.com/dlpage/gaoptout?hl=en. For more information on Google Analytics and Google’s privacy practices, please review their privacy policy at https://www.google.com/policies/privacy/

Third-Party Provider: Zendesk (Zendesk.com)

Location of the Processing: United States (US).

Basis for Processing: Zendesk is EU-US Privacy Shield Certified

Purpose and Personal Data collected: collects email address and correspondence history through service help center and support ticketing system, including, but not limited to install/uninstall and Merchant upgrades/downgrades.

Privacy Policy: https://www.zendesk.com/company/customers-partners/privacy-policy/

Third-Party Provider: Drip (Drip.com)

Location of the Processing: United States

Basis for Processing: EU Standard Contractual Clauses and Data Protection Addendum

Purpose and Personal Data collected: Email marketing tool. The service collects the merchant’s name; email address, site domain; Application status (current or past client) for Bonify campaign engagement. Fore more information on their privacy and data protection practices, please refer to their Privacy Policy.

How is my data protected?

We have implemented reasonable administrative, technical and physical security measures to protect your personal information against unauthorized access, destruction or alteration. For example:

  • Restricting staff access to Personal Data protected by passwords, which are revoked when staff departs.

  • Restricting Personal Data to key BONIFY, LLC staff on a need to know basis.

  • Regular staff privacy and security training

  • Data is only available via HTTPS and SSL

  • Data is kept on secure, encrypted servers

  • Tokenization

However, because no security system can be 100% effective, we cannot completely guarantee the security of any information we store, process or transmit.

Payments Encryption: Bonify, LLC works with Shopify who utilizes only PCI-DSS compliant third-party payment processors to ensure the security of your personal information. Users should review Shopify’s privacy policy for more information.

YOUR CHOICES

Right to Review or Withdraw Consent

You can update most of your Personal Data and change/remove your sharing authorizations with Third Party Services and Applications by logging on to your Shopify account. However, if additional assistance is required to change or delete inaccuracies within your Personal Data or would like to know what information about you was collected, please contact us at privacy@bonify.io. We reserve the right to charge for copies of data requested.

If you would like to stop receiving email communications, follow the unsubscribe instructions at the bottom of the email.

Right to Withdraw Consent

You have the right to withdraw consent where such consent is required to share or use data. People located in the European Economic Area (EEA) may request that we delete your Personal Data. If you receive communications from us and no longer wish to receive them, please follow the removal instructions in the email or change your account settings. You can delete your Personal Data by uninstalling the app through the Shopify dashboard. However, since your Personal Data is required for us to provide the Services to you, deleting it will also terminate your access to the services. Deleting your Personal Data does not mean that all of it will be removed. If you request that we remove your Personal Data, we will work with you to find ways to comply with your lawful request where possible. We may be required by law, to retain it to exercise or defend legal claims, or contractual obligations with our customers to retain some information in connection with our obligation to provide the Services. We may de-identify and anonymize some data for purposes of retaining it.

If you would like to stop receiving email communications, follow the unsubscribe instructions at the bottom of the email.

Data Portability

If you are located in the EEA and you would like us to transmit your Personal Data to another company providing similar services using the Shopify network or otherwise, we will work with them to do so upon request and verification of such request with both the requestor and the company receiving the Personal Data. You may already export your configured workflows in a machine readable format.

Right to Redress

If you are located in the EEA and you believe we have violated any data protection laws you may file a complaint with the Data Protection Authority.

Transnational Transfer of Data

If you are providing your Personal Data to us directly to use our Services, we will transmit your data, including your Personal Data, to the United States in order to fulfill our contractual obligations to you.

YOUR CALIFORNIA PRIVACY RIGHTS

California residents who have an established business relationship with BONIFY, LLC may make a written request to BONIFY, LLC about whether BONIFY, LLC has disclosed any Personal Information to any third-parties for the third-parties' direct marketing purposes during the prior calendar year. To make such a request, please send an email or write us:

ADDRESS: 83 Amherst Street, FL2, Manchester, NH 03101

PHONE: 603 518-7387

EMAIL: privacy@bonify.io

Third Party Websites

We may link to other websites or use third party services such to connect to the Services. When you click on one of these links or use these services, you are ‘clicking’ to another website or using a third party service. BONIFY, LLC does not control the data collection or privacy practices of such third-party sites. We encourage you to read the privacy policies of any third-party sites, as their collection, use and storage practices, and policies may differ from ours.

Minors Under 16-years of Age

BONIFY, LLC does not knowingly collect or store any personal information from or about children under the age of 16.

If you believe a child under the age of 16 has under any circumstances provided us with personal information and data, a parent or legal guardian can email us at privacy@bonify.io to request that their children’s information be deleted from our records and we will work with our partners to resolve the request

Do Not Track

Do Not Track” or DNT is a feature enabled on some browsers that sends a signal to request that a web application disable its tracking or cross-site user tracking. At present, our Site does not respond to or alter its practices when a DNT signal is received.

Changes to Privacy Policy

BONIFY, LLC reserves the right to amend this Privacy Policy at any time. If BONIFY, LLC makes material changes to its Privacy Policy, we will notify you by (1) changing the Effective Date on our Privacy Policy and provide additional notification either (1) via email or other means as we may deem commercially reasonable.

Questions?

If you ever have any questions about our online Privacy Policy, please contact us. We respect your rights and privacy, and will be happy to answer any questions or concerns you might have. You may direct any such questions to us via email at privacy@bonify.io