Privacy Policy

At ReportGenix, we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our Shopify analytics application.

ReportGenix is a Shopify analytics platform that helps store owners understand their business performance through comprehensive reports and AI-powered insights.

Contact Information:

• Company: Reportgenix
• Website: https://reportgenix.com
• Email: contact@reportgenix.com
• Data Protection Officer: support@reportgenix.com
• Support: support@reportgenix.com

1. Information We Collect

1.1 Account Information

• Shopify Account Data: Store name, email address, Shopify store URL
• Authentication Tokens: OAuth access tokens (securely encrypted)
• Billing Information: Processed through Shopify’s billing API (we don’t store payment card details)

1.2 Shopify Store Data

When you install ReportGenix, we access the following data from your Shopify store with your explicit permission:

• Order Data: Order details, customer information, product sales, revenue metrics
• Product Data: Product names, SKUs, prices, inventory levels
• Customer Data: Customer names, emails, purchase history (aggregated for analytics)
• Store Analytics: Traffic sources, conversion rates, sales trends

1.3 Google Analytics Data

If you connect Google Analytics, we access website traffic metrics, user behavior, and engagement data. See Section 3 for detailed information.

1.4 Usage Data

• Dashboard interactions and feature usage
• IP address and device information
• Browser type and operating system
• Log files for troubleshooting and security

2. How We Use Your Information

We use your data exclusively for the following purposes:

2.1 Core Service Delivery

• Generate analytics reports and dashboards for your Shopify store
• Provide real-time sales tracking and performance metrics
• Create product performance analyses and customer insights
• Enable AI-powered business recommendations through Genix AI

2.2 Service Improvement

• Monitor app performance and identify technical issues
• Develop new features based on usage patterns
• Ensure security and prevent fraudulent activities

2.3 Communication

• Send service updates and important notifications
• Respond to support requests and inquiries
• Notify you of billing issues or subscription changes

What We DON’T Do:

• We never sell your data to third parties
• We never share your store data with competitors
• We never use your data for advertising purposes
• We never access more data than necessary for our service

3. Google Analytics Data Collection and Usage

3.1 What Google Analytics Data We Access

When you connect your Google Analytics account to ReportGenix, we access the following data with your explicit consent:

• Website Traffic Metrics: Sessions, users, page views, bounce rate, session duration
• Acquisition Data: Traffic sources, referral information, search terms, campaign data
• Geographic Information: Country, region, city data of your website visitors
• Technology Data: Device types, browsers, operating systems, screen resolutions
• Page Engagement: Most viewed pages, user flow, entrance/exit pages
• E-commerce Data: Revenue, transactions, product performance (if enabled in your GA4 property)
• Custom Events: User interactions, conversions, custom metrics you’ve configured

3.2 How We Use Your Google Analytics Data

Your Google Analytics data is used exclusively for the following purposes:

• Display analytics insights in your ReportGenix dashboard
• Generate automated reports and visualizations
• Provide comparative analysis with other connected platforms (social media, advertising)
• Create custom dashboards based on your business requirements
• Enable AI-powered insights and recommendations through Genix AI

3.3 Data Storage and Security Measures

We implement enterprise-grade security measures to protect your Google Analytics data:

• Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• OAuth Security: Access tokens securely encrypted and stored using Laravel’s encryption
• Access Control: Only you can access your own analytics data – strict user isolation
• No Third-Party Sharing: Your data is never shared, sold, or provided to third parties
• Secure Infrastructure: Hosted on secure servers with regular security audits

3.4 Data Retention Policies

• Raw API Responses: Automatically deleted after 24 hours
• Processed Metrics: Retained for maximum 90 days for dashboard performance
• Account Configuration: Stored until you disconnect your Google Analytics account
• User Preferences: Retained until account deletion

3.5 Your Rights Regarding Google Analytics Data

You have complete control over your Google Analytics data:

• Disconnect Anytime: Remove Google Analytics connection through Settings → Integrations
• Data Deletion: Request complete deletion of all your analytics data within 30 days
• Data Export: Download your analytics data in JSON or CSV format
• Revoke Permissions: Revoke access through Google Account → Security → Third-party apps
• Transparency: View exactly what data we’ve accessed in your account logs

3.6 Google Analytics API Compliance

Our Google Analytics integration complies with:

• Google Analytics Terms of Service
• Google API Services User Data Policy
• Google Cloud Platform Terms of Service
• GDPR (General Data Protection Regulation)
• CCPA (California Consumer Privacy Act)

3.7 Data Processing Legal Basis (GDPR)

Legal Basis: Consent (Article 6(1)(a) GDPR)

You provide explicit consent when connecting your Google Analytics account. You can withdraw consent anytime by disconnecting the integration.

3.8 Contact for Analytics Data Inquiries

For questions about your Google Analytics data:

• Email: contact@reportgenix.com
• Response Time: Within 48 hours
• Data Protection Officer: support@reportgenix.com
• Subject Line: “Google Analytics Data Inquiry – [Your Account Email]”

3.9 Changes to Analytics Data Handling

We will notify you 30 days before any changes to how we handle your Google Analytics data. Notification methods:

• Email notification to your account email
• In-app notification in your ReportGenix dashboard
• Updates to this privacy policy with effective date

4. Data Security and Protection

4.1 Security Measures

• Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Control: Role-based access with multi-factor authentication
• Secure Infrastructure: Hosted on enterprise-grade cloud servers
• Regular Audits: Quarterly security assessments and penetration testing
• OAuth 2.0: Secure authentication with Shopify and Google
• Database Security: PostgreSQL with encrypted connections and regular backups

4.2 Data Isolation

Your store data is completely isolated from other customers. No user can access another user’s data.

4.3 Employee Access

Only authorized personnel can access user data, and only for:

• Technical support with your explicit permission
• Security investigations
• Legal compliance requirements

5. Data Retention

5.1 Active Accounts

• Store Data: Retained while your subscription is active
• Analytics History: Up to 90 days of processed metrics for dashboard performance
• Raw API Data: Automatically deleted after 24 hours

5.2 Account Cancellation

When you uninstall ReportGenix or cancel your subscription:

• Your Shopify data access is immediately revoked
• All stored data is deleted within 30 days
• Backups are purged within 90 days
• OAuth tokens are immediately invalidated

5.3 Legal Retention

We may retain certain data longer if required by:

• Legal obligations (tax records, fraud investigations)
• Dispute resolution
• Enforcing our terms of service

6. Who We Share Your Data With

6.1 Third-Party Services (Processors)

We use the following trusted service providers who process data on our behalf:

• Shopify: E-commerce platform and billing (covered by Shopify’s data processing agreement)
• Google Cloud Platform: Infrastructure and hosting
• Stripe: Payment processing for direct subscriptions
• Firebase: Push notifications and real-time features

All third-party processors are bound by data processing agreements and GDPR compliance requirements.

6.2 Legal Requirements

We may disclose your data if required by law:

• In response to valid legal requests (court orders, subpoenas)
• To protect our legal rights
• To prevent fraud or security threats
• To comply with regulatory requirements

6.3 Business Transfers

If ReportGenix is acquired or merged, your data may be transferred to the new entity. You’ll be notified 30 days in advance.

7. Your Privacy Rights (GDPR/CCPA)

7.1 Under GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Request deletion of your personal data
• Portability: Transfer your data to another service
• Restriction: Limit how we process your data
• Objection: Object to processing of your data
• Withdraw Consent: Withdraw consent for data processing

7.2 Under CCPA, you have the right to:

• Know what personal information we collect
• Delete your personal information
• Opt-out of sale of personal information (we never sell data)
• Non-discrimination for exercising your rights

7.3 How to Exercise Your Rights

Contact us at contact@reportgenix.com with your request. We’ll respond within:

• GDPR: 30 days maximum
• CCPA: 45 days maximum
• Our Standard: 48 hours for acknowledgment, 7 days for fulfillment

8. Cookies and Tracking Technologies

8.1 Essential Cookies

• Session Cookies: Keep you logged in (expires when browser closes)
• Authentication Tokens: Secure your session (expires after 2 weeks)
• CSRF Tokens: Protect against security attacks

8.2 Analytics Cookies

• Google Analytics: Understand how users interact with ReportGenix (anonymized)
• You can opt-out through browser settings

8.3 No Advertising Cookies

We do not use cookies for advertising or tracking you across other websites.

9. International Data Transfers

ReportGenix serves customers globally. Your data may be processed in:

• United States (primary servers)
• European Union (for EU customers)

GDPR Compliance: For EU customers, we use Standard Contractual Clauses (SCCs) approved by the European Commission.

Data Localization: We comply with local data protection laws in your jurisdiction.

10. Children’s Privacy

ReportGenix is a business tool not intended for children under 16 years of age. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us immediately at contact@reportgenix.com.

11. Changes to This Privacy Policy

We may update this privacy policy periodically. When we make significant changes:

• You’ll be notified via email 30 days before changes take effect
• In-app notification in your dashboard
• Updated “Last Updated” date at the top of this page

Continued use of ReportGenix after changes constitutes acceptance of the updated policy.

12. Contact Us & File Complaint

Privacy Inquiries

• General Privacy Questions: contact@reportgenix.com
• Data Protection Officer: support@reportgenix.com
• Support Issues: support@reportgenix.com
• Response Time: Within 48 hours

Regulatory Complaints

If you’re not satisfied with our response, you have the right to file a complaint with:

• EU Users: Your local Data Protection Authority
• UK Users: Information Commissioner’s Office (ICO)
• California Users: California Attorney General

Mailing Address

Reportgenix
Dhaka, Bangladesh

By using ReportGenix, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.