PRIVACY POLICY

Verified Subscriptions by Verified Alerts AI, LLC

Effective date: September 01, 2025

This Privacy Policy explains how we collect, use, share, and protect information in connection with: (a) the Verified Subscriptions Shopify App (the “App”); and (b) our websites, docs, and support portals (the “Sites”). Capitalized terms not defined here have the meanings in our Terms of Service.

1. Roles Under Privacy Laws

  • For personal data we collect directly from Merchants about their accounts and use of the App (e.g., admin name, work email), Verified Subscriptions is a controller.

  • For personal data belonging to a Merchant’s customers that flows through the App (e.g., customer name, email, plan, status), Merchant is the controller and Verified Subscriptions is the processor/service provider. We process that data only on Merchant’s instructions to provide the App.

2. Information We Collect

From Merchants (controller context):

  • Account & contact: store URL, admin name, role, email, billing contact.
  • Commercial: plan tier, invoices, subscription dates (via Shopify billing).
  • Usage & logs: feature use, device/browser, IP, timestamps, crash/error logs.
  • Communications: support requests, feedback.

From Merchant Stores via Shopify APIs/webhooks (processor context):

  • Store metadata: shop ID, domain, plan, time zone, currency.
  • Digital products & subscription plans (names, prices, intervals, terms).
  • Customer & subscription data needed to operate the App: customer name, email, Shopify customer ID, plan assignment, status (active/paused/canceled), renewal dates, retry/failure events, access entitlements, and cancellation reasons if provided by Merchant.
  • Events and operational data the App generates (e.g., dunning attempts, access toggles, reporting snapshots).

On the Sites:

  • Cookies and similar technologies for essential operations, security, and analytics.

We do not intentionally collect sensitive categories (e.g., government IDs) and we do not want children’s data (see Section 11).

3. How We Use Information

  • Provide, maintain, configure, and secure the App/Sites.
  • Operate subscription logic, access control, and reporting.
  • Troubleshoot, support, and respond to inquiries.
  • Improve features, quality, and performance (including aggregated analytics).
  • Comply with law, enforce Terms, prevent fraud/security incidents.
  • (Controller context) Send important notices about the App; you may opt out of non-essential marketing.
  • Contractual necessity (to deliver the App to your store).
  • Legitimate interests (security, improvement, fraud prevention, product analytics proportionate to purpose).
  • Consent where required (e.g., certain cookies or marketing emails).
  • Legal obligation (tax, accounting, lawful requests).

5. Sharing & Disclosures

We share data with:

  • Shopify (APIs, billing, and as your commerce platform).
  • Sub-processors that help us host, send emails, measure performance, or log errors (e.g., [Hosting Provider], [Email Service], [Monitoring/Logging], [CDN]). A current list is available on request at support@verifiedsubscriptions.com and we will provide advance notice of material changes where legally required.
  • Professional advisors (legal, accounting) under confidentiality.
  • Authorities when required by law or to protect rights, safety, and security.
    We do not sell personal information and do not share it for cross-context behavioral advertising as those terms are defined under U.S. state privacy laws.

6. International Transfers

We may process data in the United States and other countries. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for transfers from the EEA/UK/Switzerland.

7. Security

We employ administrative, technical, and physical safeguards appropriate to the nature of the data (e.g., access controls, encryption in transit, least-privilege, logging). No system is perfectly secure; you are responsible for maintaining the security of your Shopify admin accounts, API keys, and configurations.

8. Data Retention & Deletion

  • Merchant account data (controller context) is retained while your plan is active and for a reasonable period afterward for legal/operational purposes.
  • Merchant customer data (processor context) is retained to provide the App and is deleted or anonymized within [30] days after you uninstall, subject to (i) legal obligations and (ii) standard backup cycles (backups are purged on a scheduled basis).
  • You may also email support@verifiedsubscriptions.com to request earlier deletion, which we’ll honor where feasible and lawful.

9. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object, or port your personal data, and to opt out of certain processing.

  • Merchants: contact us at support@verifiedsubscriptions.com.
  • Merchant customers: please contact the Merchant directly; we act at the Merchant’s instruction and will assist them in fulfilling requests.
    California residents may also request information about our data practices and exercise CPRA rights. We do not sell or share personal information as defined by CPRA.

10. Cookies

We use: (a) essential cookies for authentication and security; (b) functional cookies for preferences; and © analytics cookies to improve the Services. You can control cookies via your browser. Some features may not function without essential cookies.

11. Children’s Privacy

The Services are not directed to children under 13 (or the equivalent age in your jurisdiction). Merchants should not use the App to knowingly collect children’s data. If you believe a child’s data is being processed, contact us and we will take appropriate action.

12. Third-Party Links & Services

Our Sites and App may link to third-party services we do not control (including Shopify). Their privacy practices are governed by their own policies.

13. Changes to this Policy

We may update this Policy from time to time. If changes are material, we will provide notice (e.g., in-app, email, or on the Sites). Continued use signifies acceptance.

14. Contact & EU/UK Representatives

Controller/Processor: Verified Alerts AI, LLC
Address: Florida, USA
Privacy inquiries/DPO: support@verifiedsubscriptions.com
If required, our EU/UK representative contact details will be provided upon request at the email above.

15. Data Processing Addendum (DPA)

Where required by law or contract, our DPA applies and is available on request at support@verifiedsubscriptions.com. The DPA includes the applicable Standard Contractual Clauses for international transfers.