+358417985629 App Store
CodeRally

GDPR & Data Protection Policy

Last updated: August 2025

We comply with the General Data Protection Regulation (GDPR) and other applicable privacy laws. This page outlines our responsibilities as a Data Processor and your rights as a Data Subject.

1. Legal Basis for Processing

We process data under these legal grounds:

  • Contractual necessity: To deliver analytics and promotion services.
  • Legitimate interest: To improve features and security.
  • Legal obligation: To comply with applicable laws.
  • Consent: For optional communications or non-essential processing.

2. Roles & Responsibilities

You, the merchant, are the Data Controller for your Shopify store data.

We act as a Data Processor, handling data only as instructed.

We may use vetted sub-processors (e.g., hosting, cloud, and AI providers) to deliver services. These providers are contractually bound to GDPR compliance.

A full list of sub-processors is available upon request.

3. Data Subject Rights

Under GDPR, you have the right to:

  • Access the data we process about you.
  • Rectify inaccuracies.
  • Erase your data ("right to be forgotten").
  • Restrict processing in certain cases.
  • Request data portability in a structured format.
  • Object to certain types of processing.

Requests can be sent to We will respond within 30 days.

4. International Transfers

Your data may be processed outside the EU/EEA. When this happens, we ensure protection via:

  • Standard Contractual Clauses (SCCs).
  • Encryption during transfer.
  • EU-compliant security measures.

5. Retention & Deletion

Data is retained only for as long as your store actively uses our services.

Upon uninstallation, personal and store-related data are deleted within 30 days, unless otherwise required by law.

6. Security & Compliance

Data is encrypted in transit and at rest.

Access is limited to authorized staff with role-based controls.

Regular monitoring and updates help maintain security compliance.

7. Contact

If you are in the EU and believe your rights have been violated, you may also contact your local Data Protection Authority (DPA).

Subscribe

Ready to boost your Shopify store's performance?

Discover strategies and tools to increase sales, speed, and customer engagement.