Privacy Policy

1. Introduction

theSquare AI Form Builder helps merchants create forms, collect submissions, and manage responses inside Shopify. We respect your privacy and are committed to handling personal data responsibly. This Privacy Policy explains what data we collect, how we use it, and the choices available to merchants and end users.

2. Data We Collect

We may collect, use, store, and transfer the following categories of personal data:

• Identity Data includes first name, last name, username or similar identifier.
• Contact Data includes email address and telephone numbers.
• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
• Usage Data includes information about how you use our website, products, and services.
• Form Data includes any information you input into forms created on our platform.

3. Shopify Integration and Customer Data

theSquare AI Form Builder is distributed through the Shopify App Store and acts as a data processor on behalf of the merchant for any Shopify customer data the app touches. When a merchant installs the app we receive an OAuth access token bound to that store and use it for the operations listed below.

• Form-response customer record sync. When a customer submits a form on the merchant's storefront with an email or phone number, we call Shopify's customerCreate or customerUpdate Admin GraphQL mutation to create or update a Shopify Customer record with the submitted email, phone, first name, and last name. Any custom form fields the merchant added (e.g. How did you hear about us?) are written as customer metafields under the namespace thesquare_form via the metafieldsSet mutation. This makes form submissions visible inside the merchant's standard Shopify Customers workflow.
• Customer segment tagging. When the merchant uses our customer-segment-action extension on a segment defined in their Shopify admin, we query the segment's members via the customerSegmentMembersquery and add a survey tag (e.g. thesquare_survey_<form>) to each customer using the tagsAdd mutation. We never remove or overwrite the merchant's existing tags.
• Theme integration. We read theme JSON to locate form-block placements and surgically remove orphaned form-block references via themeFilesUpsert when a merchant deletes a form. We do not create, upload, or publish themes, and we do not modify any other theme files.
• Visitor identification (consent-gated). When the merchant's storefront has the Shopify Customer Privacy framework installed and the visitor has consented to tracking, we publish an identify event to Shopify analytics so the visitor is recognized in the merchant's customer journey and segments. We respect customerPrivacy.userCanBeTracked() and do not publish events when consent is withheld.

We do not access orders, payment information, or any customer data the merchant has not explicitly authorized through the OAuth scope grant. The current scope set is read_themes,write_themes,read_customers,write_customers.

4. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• To register you as a new customer.
• To process and deliver your service.
• To manage our relationship with you.
• To administer and protect our business and this website.
• To deliver relevant website content to you.
• To use aggregated, non-identifying data analytics to improve our website, products, and services.

We do not sell personal data, share it with advertising networks, or use it to build cross-merchant identity graphs.

5. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. All data is encrypted at rest with AES-256 (Google-managed keys) and in transit with TLS 1.2 or higher. Access is limited to staff with a business need under principle-of-least-privilege IAM roles, and every read or write to customer data is recorded in Cloud Audit Logs.

6. Subprocessors

We rely on the following sub-processors to deliver the service. Each is bound by its own data protection commitments and is engaged only in the role described.

• Google Cloud Platform (Google LLC) — hosting and storage. We use Cloud Run for compute, Firestore for form responses and shop records, BigQuery for the merchant's own response analytics, and Cloud Storage for file uploads attached to form responses.
• Shopify Inc. — distribution platform, OAuth provider, billing, and the Admin API surface we call to write Shopify Customer records and tags.
• OpenAI, L.L.C. — powers the in-admin AI form-design assistant. OpenAI receives only the merchant's form-design instructions (e.g. "Create a contact form with name, email, and message"). OpenAI does not receive any data submitted by the merchant's storefront customers.

7. Data Retention

We retain personal data only as long as necessary to provide the service to the merchant and to satisfy applicable legal and accounting obligations.

• Form responses are retained while the merchant has the app installed. Merchants can delete individual responses from the embedded admin at any time.
• Shopify Customer records created by our app remain on the merchant's store under the merchant's control; we never retain a copy independently.
• OAuth access tokens and shop metadata are deleted when the merchant uninstalls the app, with a 48-hour grace period during which Shopify may resend the uninstall webhook.

8. Compliance with Shopify Privacy Webhooks

We implement Shopify's three mandatory privacy webhooks. Each request is verified against Shopify's HMAC-SHA256 signature before any action is taken.

• customers/data_request — when an end customer of one of our merchants exercises a data subject access request, we compile every form response associated with that customer and make it available to the merchant within 30 days so the merchant can forward it.
• customers/redact — when an end customer requests deletion, we permanently remove every form response matched to that customer's email or phone, along with any associated metafield content cached on our side.
• shop/redact — 48 hours after a merchant uninstalls the app, we permanently delete every form, response, customer-link record, OAuth access token, and aggregated analytic row belonging to that shop.

9. Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:

• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data.
• Object to processing of your personal data.
• Request restriction of processing your personal data.
• Request transfer of your personal data.
• Right to withdraw consent.

If you are an end customer of a Shopify merchant using our app, your data subject requests should normally be made through the merchant, who will trigger the Shopify customers/data_request or customers/redactwebhook described above. You may also contact us directly using the details below.

10. Third-Party Links

This website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

11. Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

12. Changes to This Privacy Policy

We may update our privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last Updated" date. Significant changes that materially affect what data we process or how we share it will be communicated to merchants by email at least 30 days before they take effect.

13. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us at:
Email: support@thesquare.pro
Support: https://frontend.thesquare.pro/support
This policy is published at https://frontend.thesquare.pro/privacy-policy.