Privacy Policy

Etovi Pty Ltd (ACN 697 881 940, ABN 56 697 881 940) ( "Etovi", "we", "us", "our") operates an analytics platform for e-commerce merchants who use Shopify. Our software helps merchants understand their advertising performance, customer lifetime value, multi-touch attribution journeys, and inventory demand.

This Privacy Policy describes how we collect, use, share, and protect personal data in connection with:

• The Etovi website at etovi.ai (the "Site")
• The Etovi dashboard application (the "Service")
• The Etovi Shopify app and its installed extensions

For most personal data we receive, our merchant clients are the data controller and Etovi acts as their data processor. For data we collect directly from visitors to etovi.ai or from merchants who sign up for our Service, Etovi is the data controller.

2.1 Data we collect from merchants (our direct users)

When a merchant signs up for Etovi, we collect:

• Name and email address (via Google OAuth)
• Workspace name and the merchant's industry / country
• Authentication tokens for connected platforms (Google Ads, Meta Ads, Shopify) — encrypted at rest using Fernet symmetric encryption

2.2 Data we process on behalf of merchants

When a merchant connects their Shopify store, we process the following on their behalf:

• Order data: order ID, totals, dates, line items, discount codes, refund amounts, shipping costs, taxes
• Customer fields linked to orders: first name, last name, Shopify customer ID, and email address. We hash email addresses (SHA-256) at the moment of ingestion; the original plaintext email is never stored or transmitted onward.
• Product and inventory data: SKUs, prices, costs, stock levels, product content, and operator-approved product SEO updates
• Marketing performance data: ad spend, clicks, conversions, campaign metadata from Google Ads and Meta Ads. When the merchant connects a Meta Ads account for beta review, the OAuth grant is limited to reporting plus one reversible tracking-tag action:
  • ads_read — read-only access to campaigns, ad sets, ads, and Ads Insights metrics so the merchant can see Meta performance in Etovi.
  • ads_management -- used only for merchant-approved UTM URL tag apply/rollback on Meta campaigns, so attribution tracking can be corrected and reversed with an audit trail.
  We do not use Meta write access in beta to create ads, edit ad copy, change budgets, pause campaigns, or modify audiences. Meta data is stored only as connection credentials (encrypted) and aggregated daily metrics. We do not retain individual ad creatives or audience PII from Meta.
• Storefront tracking data: if the merchant installs the Etovipixel and theme app extension, we collect page views and basic interaction events from visitors to the merchant's storefront. This includes URL, referrer, UTM parameters, click IDs (gclid, fbclid), a first-party cookie ID issued by us, and a session ID. We do not collect IP addresses, precise geolocation, browsing fingerprints, mouse movements, or keystrokes.

We do not collect phone numbers, shipping addresses, billing addresses, or payment method details from a merchant's customers.

2.3 Data we collect about Site visitors

When you visit etovi.ai we collect basic technical data: browser type, device type, pages viewed, and referrer. We use cookies and similar technologies for essential site functionality only — see our cookie disclosure in section 7 below.

We process personal data for the following purposes:

• To provide the Service. Multi-touch attribution, lifetime value cohort analysis, demand forecasting, and ad performance reporting all require analysing order and customer data.
• To authenticate and bill our merchants. Login, session management, billing, and account recovery.
• To improve and secure the Service. Performance monitoring, error tracking, fraud detection, and security auditing.
• To communicate with our merchants. Service notifications, security alerts, and (with consent) product updates.
• To comply with legal obligations.Including responding to law-enforcement requests and Shopify's privacy compliance webhooks.

We do not use personal data for behavioural advertising, do not sell personal data, and do not share personal data with third parties except the sub-processors listed in section 8.

For users and visitors located in the European Economic Area, the United Kingdom, or other jurisdictions with similar laws, we rely on the following legal bases under Article 6 GDPR:

• Contract performance (Art. 6(1)(b)): processing merchant data necessary to deliver the Service the merchant signed up for.
• Legitimate interests (Art. 6(1)(f)):processing storefront analytics and customer-attached order data on behalf of merchants, where the merchant's interest in understanding their own business is balanced against the customer's privacy. We only collect the minimum data required and apply hashing to email addresses.
• Consent (Art. 6(1)(a)): for any marketing communications to merchants. Merchants can withdraw consent at any time by emailing privacy@etovi.ai.
• Legal obligation (Art. 6(1)(c)): when required to comply with a court order, law, or regulatory request.

• Encryption in transit. All connections to etovi.ai, the Etovi dashboard, and the Etovi API use TLS 1.2 or higher.
• Encryption at rest. Our primary database (Neon Postgres in AWS Sydney) encrypts all stored data at rest. Authentication tokens for connected platforms are additionally encrypted at the application layer using Fernet symmetric encryption.
• Access controls. Only authorised Etovi personnel have access to production systems. Two-factor authentication is required on every administrative account.
• Audit logging. Sensitive operations are recorded in an immutable audit log.
• Network isolation. Production databases are not publicly addressable; access is restricted to our application servers via private networking.
• Incident response. We maintain a documented security incident response policy. In the event of a personal data breach affecting merchant or customer data, we will notify affected merchants and applicable regulators in accordance with GDPR Article 33 (within 72 hours where required) and the Notifiable Data Breaches scheme under the Australian Privacy Act.

We retain personal data only as long as necessary for the purposes described above:

• Active merchant accounts:for the duration of the merchant's use of the Service plus a reasonable period for billing reconciliation and audit (typically up to 12 months after account closure).
• Shopify-uninstall purge: within 30 days of a Shopify shop being uninstalled or a shop/redact webhook firing, we delete all merchant-owned data we hold for that shop.
• Customer redaction: upon receipt of a Shopify customers/redact webhook (fired by Shopify ten days after a customer requests deletion), we redact personally identifying fields (first and last name) for that customer across our database.
• Audit and compliance logs: we retain operational audit logs (which may include merchant identifiers but not customer PII) for up to 12 months for security investigation purposes.
• Backups: encrypted backups are retained for up to 30 days, after which they are permanently deleted.

On etovi.ai (our marketing site) we use only essential cookies — for example, to remember whether you have dismissed a banner. We do not use advertising cookies, third-party tracking pixels, or behavioural analytics on the marketing site.

Inside the Etovi dashboard we use essential session cookies for authentication. Our error tracking provider (Sentry) may set cookies for session identification but is configured to omit personal information from collected error events.

On a merchant's storefront, if the merchant has installed the Etovipixel, we set a first-party cookie on the merchant's domain to identify a returning visitor across their journey. We also use the browser's sessionStorage for a per-tab session ID. These are functional first-party cookies, not third-party advertising cookies. They store only randomly generated identifiers — no personal information.

We use the following sub-processors. Each is bound by a written data-processing agreement and an obligation to implement appropriate technical and organisational measures.

Some of these sub-processors are located outside Australia and the European Economic Area. For transfers from the EEA / UK, we rely on Standard Contractual Clauses (where applicable) and on the sub-processor's own data-protection certifications. For transfers under the Australian Privacy Act, we take reasonable steps to ensure each overseas recipient does not breach the Australian Privacy Principles in relation to the data.

Subject to applicable law, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete personal data
• Delete your personal data (subject to legal retention requirements)
• Object to or restrict certain processing, including direct marketing
• Data portability — receive a copy of your data in a structured, commonly used format
• Withdraw consent where we rely on consent as the legal basis
• Lodge a complaintwith your local data protection authority (in Australia: the Office of the Australian Information Commissioner, oaic.gov.au; in the EU: your national supervisory authority; in the UK: the Information Commissioner's Office, ico.org.uk)

If you are a customer of an Etovi merchant (i.e. you bought something from a Shopify store that uses Etovi) and wish to exercise these rights with respect to your personal data held by us as a processor, the most direct route is via the merchant. The merchant can use Shopify's built-in customer data request and customer redaction tools, which we receive as webhooks and process within the deadlines set by Shopify and by applicable law. You can also email us directly at privacy@etovi.ai and we will route the request to the appropriate merchant.

If you are an Etovi merchant, you can exercise most of these rights directly inside the dashboard (account settings, data export, account deletion). For anything not available there, email privacy@etovi.ai.

The Service is intended for business users. We do not knowingly collect personal data directly from anyone under the age of 16. If you believe we have collected personal data from a child, please contact us at privacy@etovi.ai and we will delete it.

For privacy questions, requests, or complaints:

• Legal entity: Etovi Pty Ltd
• Australian Company Number (ACN): 697 881 940
• Australian Business Number (ABN): 56 697 881 940
• Email: privacy@etovi.ai
• Support: support@etovi.ai

We aim to respond to privacy requests within 30 days. Where the request is complex or we receive a high volume of requests, we may extend this period by a further 60 days and will notify you of the extension.

We may update this policy from time to time. When we make material changes (for example, a new sub-processor or a significant change in how we use personal data), we will:

• Update the "Effective date" at the top of this page
• Notify merchants by email and via a banner inside the dashboard
• Where required by law, obtain fresh consent before applying the changes to existing data

For non-material changes (typo fixes, formatting, clarifying language) we will simply update this page.