Privacy policy — Product Recommendations

DRAFT. This privacy policy is a draft pending legal review. It has not been finalized and should not be relied on for compliance decisions. The final version will replace this page before the app is listed on the Shopify App Store.

Last updated: DRAFT, not yet published.

This policy describes how Nacelle (“Nacelle”, “we”, “us”) collects, uses, and shares information in connection with the Product Recommendations Shopify app (the “App”). It covers the App only; Nacelle's other Shopify apps each have their own privacy policy linked from help.nacelle.com.

Who this policy is for

“Merchant” means a Shopify store owner or staff member who installs and configures the App from the Shopify App Store. “Shopper” means an end customer who visits the merchant's storefront and may see the recommendation carousel the App renders.

Merchants are our direct customers. Shoppers are customers of the merchant. We do not have a direct relationship with shoppers.

Personal information we collect

From merchants

When a merchant installs and uses the App, we collect:

From shoppers

We do not intentionally collect personal information about shoppers. When a shopper views a page where the App's carousel is rendered, the App receives anonymous, session-scoped interaction events — for example, which products were viewed, added to cart, or clicked within the carousel — so that it can render relevant recommendations.

These events are tied to a short-lived session identifier, not to a named person, email address, or other direct identifier. We do not collect shopper names, email addresses, shipping addresses, payment information, or order-history linked to an identifiable person.

Automatic technical data

Our servers automatically log technical information when the App is used — for example, IP addresses, user-agent strings, timestamps, and request paths — for security, abuse prevention, and debugging. We treat IP addresses as personal information under applicable law.

How we use personal information

We use the information described above to:

We do not sell personal information, and we do not use it for advertising purposes.

How we share personal information

We share personal information only with:

How long we keep personal information

We retain merchant information for as long as the merchant has the App installed, and for a limited period afterwards to comply with legal obligations and Shopify's data-deletion requirements.

When a merchant uninstalls the App:

Aggregated or de-identified data that cannot reasonably be linked to an individual may be retained for analytics and product improvement.

Your rights

Depending on where you live, you may have rights under laws such as the EU General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA), including the right to access, correct, delete, or restrict our use of personal information we hold about you, and to object to certain processing.

Merchants can exercise these rights by emailing support@nacelle.com.

Shoppers should contact the merchant whose store they visited; that merchant is the data controller for their interaction with the storefront. We will assist the merchant in fulfilling valid requests.

Security

We use administrative, technical, and physical safeguards intended to protect personal information — including encryption in transit (TLS) and encryption at rest for stored data. No security measures are perfect, and we cannot guarantee the security of information.

Children

The App is not directed to children under 13 (or the equivalent minimum age in other jurisdictions), and we do not knowingly collect personal information from them.

Changes to this policy

We may update this policy from time to time. When we do, we will update the “Last updated” date above and, for material changes, take additional steps required by law.

Contact us

For privacy questions, email support@nacelle.com or write to us at [Nacelle registered business address — pending].