Privacy Policy

Last updated: October 20, 2025

Welcome to Shop Tasks, a Shopify app operated by workflow.place (“we”, “our”, or “us”). This Privacy Policy explains how we collect, use, and protect your information when you install or use the Shop Tasks app in connection with your Shopify store.

By installing or using the App, you agree to this Privacy Policy.

1. Who We Are

workflow.place is an independent developer based in Málaga, Spain, providing automation and productivity tools for Shopify merchants. All references to “we”, “our”, or “us” refer to workflow.place, operated by an independent developer trading as workflow.place.

Contact: appsupport@workflow.place

2. Information We Collect

2.1 Shopify Store Data

Through Shopify’s API, we may receive limited store information such as:

  • Store name, email, and plan type
  • Orders, customers, and products (as required for task automation)
  • Staff user details for assignments or notifications

We only collect data needed to make the App function properly.

2.2 Account Information

If you register on workflow.place, we collect:

  • Your name
  • Email address
  • Securely hashed password

This information is used for authentication and communication.

2.3 Usage Data

We automatically collect technical data such as:

  • Browser type and device information
  • IP address and region
  • App usage logs for analytics and debugging

2.4 Support Requests

When you contact us, we collect:

  • Your email address
  • The contents of your message

This information is used solely to help resolve your request.

3. How We Use Your Information

We use your data to:

  • Operate and improve the App
  • Authenticate users and manage permissions
  • Automate workflows and task assignments
  • Provide support and send essential notices
  • Analyze usage trends and prevent abuse
  • Comply with legal obligations

We do not sell or rent your data to third parties.

4. Data Storage and Processing

  • Data is processed through workflow.place infrastructure hosted within the European Union (EU).
  • Backups and logs may be stored in secure EU cloud environments such as AWS EU regions.
  • Access to personal data is limited to authorized personnel only.

5. Sharing of Data

We may share limited data with trusted third parties for the following purposes:

  • Shopify Integration: to access store data and enable authentication (Shopify Inc.)
  • Payments: to process billing and subscriptions (Shopify Billing, Stripe, Lemon Squeezy)
  • Analytics: to monitor performance and fix errors (e.g., Plausible, Sentry)
  • Communication: to send support replies and notifications (e.g., Postmark, Gmail)

All third-party providers act under Data Processing Agreements compliant with the GDPR.

6. Legal Basis for Processing (GDPR)

We process data based on:

  • Performance of a contract: to deliver and maintain the App’s core functionality
  • Legitimate interests: to improve, debug, and secure the App
  • Consent: when you opt into marketing communications or cookie tracking

7. Data Retention and Deletion

  • Store data is retained only while the App is installed.
  • When you uninstall the App, your data is deleted or anonymized within 30 days.
  • Support communications may be stored for up to 12 months.
  • You may request deletion at any time by emailing appsupport@workflow.place.

8. Your Rights (Under GDPR)

You have the right to:

  • Access your personal data
  • Rectify inaccuracies in your data
  • Request deletion of your data (“right to be forgotten”)
  • Restrict or object to data processing
  • Request data portability
  • Withdraw consent at any time

To exercise any of these rights, contact us at appsupport@workflow.place.

9. International Data Transfers

If data is transferred outside the EU/EEA, we ensure appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Hosting with GDPR-compliant vendors

10. Security Measures

We implement technical and organizational measures to protect your data, including:

  • Encrypted HTTPS connections
  • Secure password hashing
  • Role-based access control
  • Regular monitoring and updates

While we take precautions to protect data, no system is completely secure.

11. Children’s Privacy

Our App is not intended for individuals under 16 years of age. We do not knowingly collect information from minors. If you believe a child has provided personal data, contact us for deletion.

12. Updates to This Policy

We may update this Privacy Policy from time to time. If major changes occur, we will notify you via email or through the App. Your continued use of the App after updates constitutes acceptance of the revised version.

13. Contact Information

If you have any questions or requests regarding this Privacy Policy or our data protection practices, contact us at:

workflow.place Operated by an independent developer based in Málaga, Spain Email: appsupport@workflow.place Website: https://workflow.place