CODE respects the privacy of its app users, in particular their rights regarding the automatic processing of personal data. We have therefore formulated and implemented a policy on complete transparency with our customers regarding the processing of personal data, its purpose(s) and the possibilities to exercise your legal rights in the best possible way.
If you require any additional information about the protection of personal data, please visit the website of the Dutch Data Protection Authority (Autoriteit Persoonsgegevens): https://autoriteitpersoonsgegevens.nl/nl
Collection of Data
Data is being stored in 3 ways:
- Log entries
- Storage buckets
- Database storage
Below we have listed the data that we store per App.
Exact Online Connector
- Customer data (entered while creating an order)
- Order data
- Product data
- Fulfilment data
- Customer data (Personal data as name, email address and address data)
- Order data
This data is only stored in Log entries and Storage buckets. Both for logging purposes. None of this is stored in the database.
Data collection purposes
We collect data for these reasons:
- Support purposes
- To ensure normal operation of the application
The collected data are used and retained for the duration determined by law. Below we have listed the terms per data type
- Data stored for support purposes (Log entries and Storage buckets) is purged 1 month after initial storage.
- Data stored to ensure proper operation is purged 3 months after its last change
By installing an application created by CODE you will have to give permission through the Shopify installation process. There the requested access scopes are visible. By accepting the installation of the application your provide us consent to use these scopes.
Consent can be withdrawn by uninstalling the app from your Shopify store. All data is removed 48 hours after the uninstallation.
You are able to request us to remove personal data by using the tools in the Customer privacy section within the Shopify Admin panel.
Disclosure of Data
CODE does not provide Personal Data to unaffiliated third parties for the use of direct marketing to you. Below a list of unaffiliated companies we work with in order to operate our services. Those companies may receive Personal Data for that purpose. They will handle your data with, at least, the same care as we do:
All applications are running with a Secure Sockets Layer (SSL) certificate. SSL is the standard security technology for establishing an encrypted link between a web server and a browser. SSL is an industry standard for securing online transactions so it is used by online banking, payments sites, government facilities, hospitals and similarly.
All our apps are running on Google Cloud Platform. This is the same platform that is used by Shopify to host their shops. To make sure that data is protected well security rules are in place to protect the data from external intrusions. The data can only be accessed by the application that uses it.
Note that we may change the contents of this page. We advice strongly to regularly check this page to make sure you are aware on changes. When we change this page the date below will be updated as well.
Last update: July 23, 2019