Privacy Policy for The Best WhatsApp Button

We are pleased that you are interested in our Shopify app. Protecting your personal data and that of your customers is very important to us. Below we inform you about what data is processed when you use The Best WhatsApp Button, for what purposes, and what rights you have.

1. Controller

The controller responsible for data processing under data protection laws is:
Philip Frerk Software Development Ltd
Aretousas 7c
6036 Larnaka
Cyprus
VAT ID: CY60135173A
Company Registration Number: HE 470978
Email: hi@philip-frerk.de

2. Collection and Processing of Personal Data

The use of the app is generally possible without providing personal data beyond what is necessary for the app's functionality.

• Shopify Store Data: When you install the app, we receive access to your Shopify store information, including store name, domain, and basic store settings necessary to provide the WhatsApp button functionality.
• App Configuration Data: We store your app settings, including WhatsApp phone number, button text, button position, and styling preferences that you configure within the app.
• Usage Data: We may collect anonymized usage statistics to improve the app's performance and functionality. This includes information about button clicks and general app usage patterns.
• Customer Data: The app does not collect, store, or process personal data of your store's customers. When customers click the WhatsApp button, they are redirected to WhatsApp with a pre-filled message. No customer data is transmitted to our servers.
• Shopify API Access: The app requires access to certain Shopify APIs to function properly. This access is limited to what is necessary for the app's core functionality.

3. Purpose of Data Processing

We process your data exclusively for the following purposes:

• Providing the app and its core features (WhatsApp button functionality)
• Storing and applying your app configuration and settings
• Improving and further developing our services
• Ensuring the security and stability of the app
• Providing customer support when requested

Your data is not shared with third parties for advertising purposes. We do not sell your data to third parties.

4. Legal Basis

The processing is based on:

• Art. 6(1)(b) GDPR (performance of a contract) – Processing is necessary for the performance of the app service you have requested.
• Art. 6(1)(f) GDPR (legitimate interest) – We have a legitimate interest in providing a secure, functional, and continuously improving service.
• Your consent – Where applicable, processing is based on your explicit consent, which you can withdraw at any time.

5. Third-Party Services

• Shopify: The app is integrated with Shopify's platform. Your store data is processed in accordance with Shopify's privacy policy and terms of service. We only access data necessary for the app's functionality.
• WhatsApp: When customers click the WhatsApp button, they are redirected to WhatsApp (owned by Meta). The app does not transmit any data to WhatsApp or Meta. Any data shared via WhatsApp is subject to WhatsApp's privacy policy.
• Hosting Services: The app's backend services may be hosted on third-party cloud infrastructure providers. These providers are bound by strict data protection agreements.

6. Data Storage and Retention

• App Configuration Data: Your app settings and configuration are stored as long as the app is installed in your Shopify store. When you uninstall the app, this data is automatically deleted within 30 days.
• Usage Statistics: Anonymized usage statistics may be retained for longer periods to analyze trends and improve the service.
• Support Data: If you contact us for support, we may retain correspondence for up to 3 years for quality assurance and legal compliance purposes.

Upon request, we will permanently delete your data (see contact information below).

7. Data Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, destruction, or alteration. This includes:

• Encryption of data in transit using SSL/TLS
• Secure storage of data on protected servers
• Regular security updates and monitoring
• Limited access to data on a need-to-know basis

8. Your Rights

You have the following rights at any time:

• Right of access (Art. 15 GDPR) – You can request information about the personal data we process about you.
• Right to rectification (Art. 16 GDPR) – You can request correction of incorrect or incomplete data.
• Right to erasure (Art. 17 GDPR) – You can request deletion of your data, subject to legal retention obligations.
• Right to restriction of processing (Art. 18 GDPR) – You can request restriction of data processing under certain circumstances.
• Right to data portability (Art. 20 GDPR) – You can request your data in a structured, commonly used format.
• Right to object (Art. 21 GDPR) – You can object to processing based on legitimate interests.
• Right to withdraw consent – If processing is based on consent, you can withdraw it at any time.
• Right to lodge a complaint – You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.

To exercise these rights, please contact us using the address provided in section 1.

9. International Data Transfers

Your data may be processed and stored in countries outside the European Economic Area (EEA). When we transfer data to third countries, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other appropriate safeguards as required by GDPR

10. Children's Privacy

The app is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately.

11. Changes to this Privacy Policy

We reserve the right to update this privacy policy to reflect legal requirements, changes to our app, or changes in our data processing practices. We will notify you of any material changes by:

• Posting the updated policy in the app
• Sending a notification through the Shopify app store (if significant changes occur)
• Updating the "Effective Date" at the bottom of this policy

We encourage you to review this privacy policy periodically to stay informed about how we protect your data.

12. Contact

If you have any questions, concerns, or requests regarding this privacy policy or our data processing practices, please contact us:

Philip Frerk Software Development Ltd
Aretousas 7c
6036 Larnaka
Cyprus
Email: hi@philip-frerk.de

Effective Date: January 2025