Magical Make an Offer App Privacy Policy

Last updated on March 12, 2024

Magical Make an Offer “the App” provides tools for offering a price guarantee “the Service” to merchants who use Shopify to power their stores. This Privacy Policy describes how personal information is collected, used, and shared when you install or use the App in connection with your Shopify-supported store.

Magical Make an Offer’s data privacy program aims to protect the rights of all data subjects in all territories. We will endeavour to meet the requirements of and meet our obligations to the World’s major data protection regimes, including, but not limited to:

  • Australia’s Privacy Act (1988)
  • Brazil’s General Data Protection Law (LGPD)
  • California Consumer Privacy Act (CCPA)
  • General Data Protection Regulation ( EU GDPR and UK GDPR)
  • United Kingdom’s Data Protection Act (2018)

To exercise your data protection rights or for more information please contact us at the address shown in this policy.

Personal Information the App Collects

When you install the App, we are automatically able to access certain types of information from your Shopify account:

View Shopify account data: This includes access to personally identifiable information about your Shopify account, including your account email addresses, phone numbers, and locations. This permission is required to manage and support your subscription.

  • Read products, variants, and collections – we use this to get product information
  • Modify script tags in your store’s theme template files – we use this to insert JavaScript file needed to show Make an offer popup
  • Draft Orders and Orders – we use this to create an order with discount

Additionally, we collect the following types of personal information from you and/or your customers once you have installed the App:

  • Information about you and others who may access the App on behalf of your store, such as your name, address, email address, phone number;
  • Information about individuals who visit your store, such as:
    • user agent (aggregated technical information related to the browser and device)
    • time stamp (date, time)
    • anonymized IP address
  • Information about individuals who submit Make an Offer form via the App, such as:
    • Name
    • Phone
    • Email
    • Notes
    • Shipping Address
  • Other information as required to providing the service.

We collect personal information directly from the relevant individual, through your Shopify account, or using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
  • “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

How Do We Use Your Personal Information?

We use the personal information we collect from you in order to provide the Service and to operate the App. Additionally, we use this personal information to: Communicate with you; Optimize or improve the App; and Provide you with information or advertising relating to our products or services.

Our Lawful Basis – What this policy applies to

This section describes the lawful basis for processing your data and applies to all personal information collected, stored, and processed which relates to any individual.

We will only use your personal data for the purposes for which we collected it and as you would reasonably expect your data to be processed and only where there is a lawful basis for such processing, for example:

Purpose/Activity Type of data Lawful basis for processing
To register you as a new client (a) Identity, (b) Contact (a)Performance of a contract with you.

(b)In our legitimate interests.

(c)Where we have a legal obligation.

(d)with your consent

To process and deliver our services you requested, managing payments, fees and charges, and to collect and recover money owed to us (a) Identity, (b) Contact, (c) Financial, (d) Transaction, (e) Marketing and Communications (a)Performance of a contract with you.

(b)In our legitimate interests.

(c)Where we have a legal obligation.

(d)with your consent

To manage our ongoing relationship with you which will include notifying you about changes to our terms, or privacy policy, to maintain our records (a) Identity, (b) Contact, (c) Profile, (d) Marketing and Communications (a) Performance of a contract with you,

(b) Necessary to comply with a legal obligation,

(c) Necessary for our legitimate interests to keep our records updated and to study how customers use our products/services

(d) with your consent

To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) (a) Identity, (b) Contact, (c) Technical (a) Necessary for our legitimate interests for running our business, provision of administration and IT services, network security,

(b)to prevent fraud and in the context of a business reorganization or group restructuring exercise,

(c) Necessary to comply with a legal obligation

(d) with your consent

To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising (a) Identity, (b) Contact, (c) Profile, (d) Usage, (e) Marketing and Communications, (f) Technical (a)Necessary for our legitimate interests to study how customers use our products/services, to develop them,

(b)to grow our business and

(c)to inform our marketing strategy and with your consent

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences (a) Technical, (b) Usage (a)Necessary for our legitimate interests to define types of customers for our products and services,

(b)to keep our site updated and relevant,

(c)to develop our business

(d)to inform our marketing strategy

To make suggestions and recommendations to you about goods or services that may be of interest to you (a) Identity, (b) Contact, (c) Technical, (d) Usage, (e) Profile (a)Necessary for our legitimate interests to develop our products/services and grow our business and

(b)with your consent

To communicate with you with email (a) Contract, (b) Legitimate interest, (c) consent In order to respond to emails.

Sharing Your Personal Information

Third Parties

Some of the personal data collected is shared with third party service providers.

HelpScout

Emails sent to support@magicalapps.com are stored in HelpScout, an email support platform. They store all data associated with email sent to this address, such as your email address and any headers.

Gmail

We use Gmail to receive, send, and forward emails.

SendGrid

We use SendGrid Service to send transactional email to customers. To do this, we provide them with your email address whenever such an email is sent.

Twilio

We use Twilio Service to send SMS notifications to you. To do this, we provide them with your phone number whenever such a notification is sent.

AWS – Amazon Web Services

We use AWS for DNS, CDN, DDoS protection, manage and create databases. All data including your personal data are stored on their servers.

Personal information may also be shared with a company that acquires our business, whether through merger, acquisition, bankruptcy, dissolution, reorganization, or other similar transaction or proceeding. If this happens, we will post a notice on our home page.

Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

How Do We Keep Your Personal Information secure?

We take the security of your personal information very seriously. We understand that you entrust us with sensitive data, and we make every effort to ensure that it remains secure.

To safeguard your personal information, we have implemented a number of measures, including physical, technical, and administrative safeguards. We limit access to your personal information to only those employees, agents, and contractors who need to know the information in order to provide the service to you.

In addition, we use a variety of third-party services to help us store and manage your personal information. These services include HelpScout, Gmail, SendGrid, Twilio, and AWS. We carefully select our third-party providers and ensure that they also have strong privacy and security measures in place.

All of these services use advanced security measures, such as encryption and access controls, to protect your personal information. We also regularly review our third-party providers’ privacy policies and security practices to ensure that they meet our high standards.

Your Rights

If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.

Additionally, if you are a UK or European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred to third countries for example to Canada, the United States, and Australia. Where we transfer your data to a third country we will ensure to protect your data through technical, contractual, and operational measures. These will include, as a minimum, Standard Contractual Clauses, Data Protection Agreements, and Risk Assessments. We offer You choices regarding the collection, use and sharing of Your Personal Information. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of Our marketing emails. Additionally, you may send a request to support@magicalapps.com to receive the information we have available, as well as amend, or request deletion of such information at no cost.

Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorized use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.

For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.

Changes

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

Contact Us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at support@beamlocal.com or by mail using the details provided below:

Beam Local
34 Minowan Miikan Lane
Toronto, Ontario, Canada
M6J 0G3