Privacy Policy
Last updated: December 15, 2024
ZeroCart ("we", "our", "us") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information when you use our AI-powered cart recovery service.
1. Information We Collect
We collect information necessary to provide our cart recovery services:
- Account information: Email address, business name, password (hashed)
- Store data: Connected via Shopify API (products, carts, orders)
- Customer behavior: Anonymized cart and browsing patterns for AI training
- Usage data: How you interact with our dashboard and features
- Payment information: Processed securely by Stripe (we never store card details)
2. How We Use Your Data
Your data is used exclusively to:
- Provide AI-powered cart recovery and prediction services
- Send recovery messages (email, SMS, WhatsApp) on your behalf
- Generate analytics, reports, and performance insights
- Improve our AI algorithms using anonymized, aggregated data
- Communicate important service updates and security notices
3. Data Security
Enterprise-Grade Security
- TLS 1.3 encryption for all data in transit
- AES-256 encryption for data at rest
- Regular third-party security audits
- SOC 2 Type II compliance (certification in progress)
- Isolated database per customer
4. Third-Party Services
We integrate with trusted, industry-leading partners:
- Shopify: Store connection and real-time data sync
- Stripe: PCI-compliant payment processing
- Postmark: High-deliverability email service
- Twilio: SMS and WhatsApp messaging
Each partner maintains their own privacy policy. We share only the minimum data required for service operation.
5. Your Rights
You have the right to:
- Access: Request a copy of all data we hold about you
- Correction: Update or correct inaccurate information
- Deletion: Request complete deletion of your data
- Export: Download your data in a portable format
- Opt-out: Unsubscribe from marketing communications
- Withdraw consent: Revoke data processing permissions
6. GDPR & CCPA Compliance
ZeroCart is fully compliant with GDPR (EU) and CCPA (California). We act as a data processor on behalf of our customers (data controllers). Data Processing Agreements (DPAs) are available upon request for enterprise customers.
7. Data Retention
We retain your data for as long as your account is active. Upon account deletion or cancellation:
- Personal data is deleted within 30 days
- Anonymized analytics may be retained for product improvement
- Legal/compliance data retained as required by law
8. Cookies
We use essential cookies for authentication and security. Analytics cookies (optional) help us improve the product. You can manage cookie preferences in your browser settings.
9. Changes to This Policy
We may update this policy periodically. Significant changes will be communicated via email at least 30 days before taking effect.
10. Contact Us
For privacy inquiries, data requests, or concerns:
Email: privacy@zerocartai.com