Privacy Policy

Last updated: March 30, 2026

1. Introduction

Kaptha One Click Upsell ("Kaptha OCU", "we", "our") is operated by Actovision IT Solutions Private Limited. This privacy policy explains how we collect, use, and protect data when you use our Shopify app.

2. Data We Collect

• Store information — shop domain, access tokens (for authenticated API calls)
• Product data — product titles, prices, and images used to configure upsell offers
• Order data — order values and customer tags used for targeting conditions (not stored permanently)
• Funnel analytics — aggregated view/accept/decline counts and revenue per funnel step
• App settings — your configuration preferences (brand color, default discount, notification email)

3. Data We Do NOT Collect

• Customer personal information (names, emails, addresses) is NOT stored
• Payment or credit card information is NOT accessed or stored
• Customer browsing behavior is NOT tracked
• No cookies are set on customer browsers

4. How We Use Your Data

• Display upsell offers to your customers at configured touchpoints
• Evaluate targeting conditions to show relevant offers
• Track funnel performance and provide analytics dashboards
• Calculate billing based on upsell revenue generated
• Send notification emails if you have opted in

5. Data Storage & Security

All data is stored in a PostgreSQL database with encrypted connections. Access tokens are stored securely and never exposed to client-side code. We do not sell, rent, or share your data with third parties.

6. Third-Party Services

• Shopify — for authentication, billing, product/order data access
• Cloud hosting provider — for application hosting and managed database

No third-party analytics, advertising, or tracking scripts are used.

7. Data Retention

We retain your data for as long as the app is installed on your store. When you uninstall the app, your session data is automatically deleted. Funnel data may be retained for up to 30 days after uninstall for recovery purposes, after which it is permanently deleted.

8. GDPR Compliance

We comply with GDPR and Shopify's mandatory privacy requirements:

• Data access requests — we respond to customer data requests within 30 days
• Data deletion requests — we delete customer-related data upon request
• Shop data erasure — all shop data is deleted within 48 hours of receiving a shop/redact webhook

9. Your Rights

You can request data export or deletion at any time by contacting us. You can uninstall the app at any time from your Shopify admin to stop all data collection.

10. Cookies

Kaptha OCU does not set any cookies on your customers' browsers. All tracking is performed server-side through Shopify's APIs.

11. Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this policy from time to time. Changes will be reflected on this page with an updated "Last updated" date.

13. Contact

For questions about this privacy policy or your data, contact us at:

Actovision IT Solutions Private Limited
Email: hello@kaptha.com