1. Introduction
EpPay ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Shopify application for cryptocurrency payment processing.
2. Information We Collect
2.1 Store Information
When you install our app, we collect:
- Your Shopify store domain (e.g., yourstore.myshopify.com)
- OAuth access token for API authentication
- Store owner email address
- Shop name and basic store details
2.2 Payment Configuration
To process cryptocurrency payments, we store:
- Cryptocurrency wallet addresses
- Blockchain network RPC URLs
- Token contract addresses
- Preferred currency settings (USDT, USDC, etc.)
2.3 Transaction Data
For each payment processed through our app:
- Payment amount and currency
- Payment status (pending, completed, failed)
- Blockchain transaction IDs
- Timestamps of payment creation and completion
- Associated Shopify order IDs (if applicable)
3. How We Use Your Information
We use the collected information to:
- Process cryptocurrency payments for your customers
- Generate QR codes for payment processing
- Verify payment status on blockchain networks
- Display payment history and analytics in your dashboard
- Send notifications about completed payments
- Provide customer support and troubleshooting
- Improve our app and services
- Comply with legal obligations
4. Data Sharing and Disclosure
4.1 Third-Party Services
We share data with the following third parties:
- Blockchain Networks: Transaction data is broadcast to public blockchain networks for payment verification
- Shopify: We use Shopify APIs to integrate with your store and process orders
- Hosting Providers: Our infrastructure is hosted securely on cloud platforms
4.2 We Do NOT Share
We do not sell, rent, or share your personal information with:
- Advertisers or marketing companies
- Data brokers
- Any third parties for their marketing purposes
4.3 Legal Requirements
We may disclose your information if required by law, court order, or to protect our rights and safety.
5. Data Security
We implement industry-standard security measures to protect your data:
- HTTPS/TLS encryption for all data transmission
- Encrypted storage of sensitive information
- OAuth 2.0 authentication with Shopify
- HMAC verification for webhook requests
- Regular security audits and updates
- Access controls and authentication requirements
6. Data Retention
We retain your data for as long as your app is installed and active. When you uninstall the app:
- Your OAuth access token is immediately revoked
- Your payment configuration is deleted within 30 days
- Transaction history is retained for 90 days for accounting and dispute resolution
- After 90 days, all data is permanently deleted unless legally required to retain
7. Your Rights (GDPR & CCPA)
You have the following rights regarding your data:
- Access: Request a copy of your data
- Correction: Update inaccurate information
- Deletion: Request deletion of your data
- Portability: Export your data in a machine-readable format
- Restriction: Limit how we process your data
- Objection: Object to data processing
To exercise these rights, contact us at: privacy@eppay.io
8. Children's Privacy
Our app is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.
9. International Data Transfers
Your data may be processed and stored in servers located outside your country. We ensure appropriate safeguards are in place for international transfers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of the app after changes constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us: