Privacy Policy

• Merchants — Shopify store owners/staff who install and use the App.
• Shoppers — visitors to a merchant’s storefront who interact with Reelify video/image widgets.

From merchants (your store)

• Store & account data from Shopify when you install: store domain, and the access token needed to operate the App. For staff who use the embedded app, Shopify may provide basic identity (name, email) to authenticate the session.
• Content you import or upload: videos and images (from Instagram/TikTok by URL, or your own uploads), their captions, and the products you link to them.

From shoppers (your storefront)

• Anonymous interaction analytics: when a shopper views or interacts with a Reelify widget (impressions, video plays, clicks, add-to-cart, etc.), we record the event with a random, first-party visitor id stored in the browser (localStorage). This id is not linked to a real identity — we do not collect names, emails, addresses, or precise location.
• Coarse, non-identifying context: device type (mobile/tablet/desktop) and, when available, country, used only for aggregate reporting.
• Order attribution (via Shopify’s Web Pixel): when a shopper completes a checkout, our pixel reads the order id, order total, the line items that came from a Reelify widget, and our own tags — to attribute sales to the widget/video that drove them. We do not access the Shopify Orders API and do not collect customer names, emails, phone numbers, or addresses. This runs under Shopify’s customer-privacy/consent framework.

We do not sell personal data.

• Operate the App: import media, build widgets, and render them on your store.
• Provide analytics (engagement, conversion, and revenue attribution) to the merchant about their own store.
• Maintain, secure, and improve the App.

• Shopify APIs / OAuth (merchant authorization).
• Storefront analytics beacon (Reelify widget interactions).
• Shopify Web Pixel (checkout_completed) for sales attribution.
• Media import from public Instagram/TikTok content you choose, or your uploads.

Reelify uses first-party browser storage on the storefront, not third-party tracking cookies:

• rf_sid — a random anonymous id to de-duplicate analytics events.
• rf_ab_* — remembers an A/B test variant for a consistent experience.

We also attach hidden tags to a cart line item / cart attributes so a resulting order can be attributed to the originating widget. None of this identifies the shopper personally.

We share data only with infrastructure providers needed to run the App:

• Shopify — platform, authentication, billing, and the customer events used for attribution.
• Cloudflare R2 — storage and delivery of your media (videos/images).

We may disclose information if required by law.

• Merchant access tokens / content: kept while the App is installed; removed on uninstall / data-erasure request.
• Raw analytics events: retained for approximately 200 days, then pruned; aggregated (non-identifying) metrics may be kept longer.
• Attributed order records: order id + amounts (no customer PII) kept to power your reporting.

Shoppers and merchants may request access to or deletion of their data. We honor Shopify’s mandatory privacy webhooks:

• customers/data_request — we hold no shopper PII, so there is nothing customer-identifying to return.
• customers/redact — we delete any order-attribution records tied to the specified orders.
• shop/redact — when a store is uninstalled, we delete that store’s data.

To exercise rights directly, contact us via www.valventus.com.

Data is transmitted over HTTPS and stored in access-controlled systems. We limit data collection to what’s needed and avoid storing personal data of shoppers.

Data may be processed in Chile and by the subprocessors listed above. Media is served from Cloudflare’s global network.

The App is for businesses and is not directed to children under 16.

We may update this policy; we’ll revise the "Last updated" date and, for material changes, notify merchants in-app or by email.

Valventus · www.valventus.com