> ## Documentation Index > Fetch the complete documentation index at: https://shopwiseapps.mintlify.app/llms.txt > Use this file to discover all available pages before exploring further. # Privacy Policy > Privacy Policy for SectionsLab: Theme Sections App **Last Updated:** January 11, 2026 SectionsLab: Theme Sections ("the App", "we", "us", or "our") provides merchants using Shopify with tools to browse, install, and customize theme sections for their Shopify stores ("the Service"). This Privacy Policy describes how personal information is collected, used, and shared when you install or use the App in connection with your Shopify-powered store. By installing or using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use the App. ## Personal Information We Collect ### Information from Shopify Account When you install the App, we are automatically able to access certain information from your Shopify account, in accordance with the permissions you grant. This information is provided directly by Shopify and includes: **API Permissions Used:** * `read_themes` - Access to read your store's theme information and structure * `write_themes` - Permission to install and modify theme sections in your store **Data Accessible Through Shopify:** * Theme information and structure * Theme section data and configurations * Store domain and basic shop information All such data is provided by Shopify from your merchant account. The App does not directly collect personal information from your customers or store visitors. ### Information We Store To provide the Service, we store the following information in our secure database: **Session Data:** * Shop domain and identifier * OAuth access tokens and refresh tokens (encrypted) * User account information (first name, last name, email address, user ID) * Account permissions and scope information * Session expiration timestamps * Locale and language preferences **App Usage Data:** * Theme section installation history * App configuration preferences * Log data including IP addresses, browser type, and timestamps **Section Library Data:** * Public section catalog (title, tags, content, preview images) * This data is not personal information and is shared across all App users ### Information Collected Automatically We collect information automatically through the use of the following technologies: **Cookies and Similar Technologies:** * Session cookies to maintain your login state * Preference cookies to remember your settings * Analytics cookies to understand App usage patterns **Log Files:** * IP addresses * Browser type and version * Device information * Referring/exit pages * Timestamps of actions * Error logs and diagnostic information **Server Logs:** * Request headers and metadata * Response codes and performance metrics * Security event logs ## Third-Party Service Providers We use the following third-party services to operate the App: **Supabase (Database and Storage Provider):** * We use Supabase to store session data, app configuration, and section library information * Supabase is a cloud-based database service that provides secure data storage * Data is stored in secure, encrypted databases with access controls * Supabase's privacy policy: [https://supabase.com/privacy](https://supabase.com/privacy) * Supabase's data processing locations may include the United States, European Union, and other regions **Shopify (Platform Provider):** * The App operates on the Shopify platform * Shopify processes authentication and provides API access * Shopify's privacy policy: [https://www.shopify.com/legal/privacy](https://www.shopify.com/legal/privacy) **DigitalOcean (Hosting Provider):** * Our application servers are hosted on DigitalOcean * DigitalOcean's privacy policy: [https://www.digitalocean.com/legal/privacy-policy](https://www.digitalocean.com/legal/privacy-policy) ## How We Use Personal Information We use the information we collect to: * **Provide the Service:** Operate, maintain, and improve the App functionality * **Authentication:** Manage user sessions and authenticate access to the App * **Communication:** Communicate with merchants regarding the Service, updates, and support * **Section Management:** Enable browsing, installation, and customization of theme sections * **Analytics:** Understand how the App is used to improve user experience * **Security:** Detect, prevent, and address technical issues, fraud, or security threats * **Legal Compliance:** Comply with legal obligations and respond to lawful requests * **Support:** Provide customer support and respond to inquiries ## Legal Basis for Processing (GDPR) If you are located in the European Economic Area (EEA), we process your personal information based on the following legal bases: * **Contractual Necessity:** To fulfill our contractual obligations to provide the Service * **Legitimate Interests:** To improve the App, ensure security, and prevent fraud * **Legal Obligations:** To comply with applicable laws and regulations * **Consent:** Where you have provided explicit consent for specific processing activities ## Data Sharing and Disclosure We do not sell, rent, or trade your personal information to third parties. We may share personal information only in the following circumstances: **Service Providers:** * With trusted third-party service providers who assist in operating the App (as listed above) * These providers are contractually obligated to protect your information and use it only for specified purposes **Legal Requirements:** * When required by law, court order, or governmental authority * To comply with legal processes, investigations, or regulatory requirements * To protect our rights, property, or safety, or that of our users or others **Business Transfers:** * In connection with a merger, acquisition, reorganization, or sale of assets * Your information may be transferred as part of such transactions **With Your Consent:** * When you have provided explicit consent for specific sharing ## Data Security We implement appropriate technical and organizational measures to protect your personal information: * **Encryption:** Data in transit is encrypted using TLS/SSL protocols * **Access Controls:** Strict access controls and authentication mechanisms * **Secure Storage:** Data stored in secure, encrypted databases * **Regular Updates:** Security patches and updates applied regularly * **Monitoring:** Continuous monitoring for security threats and vulnerabilities * **Backup and Recovery:** Regular backups with secure recovery procedures However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. ## Data Retention We retain personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy: * **Active Accounts:** Data is retained while your App installation remains active * **After Uninstallation:** Data may be retained for up to 90 days after uninstallation for support and legal compliance purposes * **Legal Requirements:** Some data may be retained longer if required by law or for legitimate business purposes * **Anonymization:** After retention periods, data may be anonymized or deleted ## Your Rights and Choices Depending on your location, you may have certain rights regarding your personal information: ### European Economic Area (EEA) Residents (GDPR Rights) * **Right to Access:** Request a copy of your personal information * **Right to Rectification:** Request correction of inaccurate information * **Right to Erasure:** Request deletion of your personal information ("right to be forgotten") * **Right to Restrict Processing:** Request limitation of how we process your information * **Right to Data Portability:** Receive your data in a structured, machine-readable format * **Right to Object:** Object to processing based on legitimate interests * **Right to Withdraw Consent:** Withdraw consent where processing is based on consent ### California Residents (CCPA/CPRA Rights) * **Right to Know:** Request disclosure of categories and specific pieces of personal information collected * **Right to Delete:** Request deletion of personal information * **Right to Opt-Out:** Opt-out of the sale of personal information (we do not sell personal information) * **Right to Non-Discrimination:** Exercise your rights without discrimination ### How to Exercise Your Rights To exercise any of these rights, please contact us at: **[hello.shopwise.apps@gmail.com](mailto:hello.shopwise.apps@gmail.com)** We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request. ## Compliance Webhooks In accordance with Shopify's requirements and privacy regulations (GDPR, CPRA), we implement mandatory compliance webhooks: * **customers/data\_request:** Responds to customer data access requests * **customers/redact:** Processes customer data deletion requests * **shop/redact:** Handles shop data deletion when the App is uninstalled These webhooks ensure compliance with data protection regulations and allow merchants to fulfill their obligations to their customers. ## International Data Transfers Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. Specifically: * Data may be transferred to the United States, Canada, and European Union * We ensure appropriate safeguards are in place for international transfers * We rely on Standard Contractual Clauses and other legal mechanisms for transfers outside the EEA ## Children's Privacy The App is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately. ## Changes to This Privacy Policy We may update this Privacy Policy from time to time to reflect: * Changes to our practices or operational requirements * Legal or regulatory changes * Improvements to our Service * Feedback from users We will notify you of any material changes by: * Posting the updated policy on this page * Updating the "Last Updated" date * Sending an email notification (for significant changes) * Displaying a notice in the App Your continued use of the App after changes become effective constitutes acceptance of the updated Privacy Policy. ## Data Controller Information For purposes of GDPR, the data controller is: * **Email:** [hello.shopwise.apps@gmail.com](mailto:hello.shopwise.apps@gmail.com) If you are located in the EEA, you also have the right to lodge a complaint with your local data protection authority. ## Contact Information If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at: **Email:** [hello.shopwise.apps@gmail.com](mailto:hello.shopwise.apps@gmail.com) We will make every effort to respond to your inquiry promptly and address any concerns you may have. *** **Effective Date:** January 11, 2026 **Last Updated:** January 11, 2026