Privacy Policy
Last Updated: November 24, 2025
1. Introduction
AdPausr ("we," "us," "our," or "Company") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, process, and safeguard your information when you use our service, including our website and application ("Service").
Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.
2. Information We Collect
We collect minimal information necessary to provide our core functionality. We do not collect, store, or process customer data from your Shopify store.
2.1 Information You Provide Directly
- Email Address: For account creation, authentication, and service communications
- Shopify Store URL/API Credentials: To authenticate and connect to your Shopify store (securely encrypted)
- Account Name/Display Name: For account identification and merchant communication
2.2 Information Automatically Collected
- Product Inventory Data: Stock levels and product information fetched from your Shopify store to determine if products are in stock (this data is processed in real-time and not stored long-term)
- Pinterest Campaign Data: Campaign IDs, status, and performance metrics retrieved via the Pinterest Ads API
- Usage Analytics: Non-personal analytics data collected via PostHog (see Section 4.1 below)
- Technical Data: Browser type, operating system, IP address (anonymized), device information for troubleshooting and service improvement
- Cookies and Similar Technologies: Essential session cookies for authentication and service functionality (no advertising or marketing cookies)
2.3 Data We Do NOT Collect
- Customer personal data from your Shopify store
- Sensitive customer information (payment details, personal identifiers, etc.)
- Data beyond what is strictly necessary for inventory pausing functionality
3. How We Use Your Information
We use your information only for these specific purposes:
| Purpose | Legal Basis | Data Used |
|---|---|---|
| Provide core service (inventory monitoring & campaign pausing) | Performance of contract | Shopify API credentials, product stock levels, Pinterest campaign IDs |
| Authenticate your account and manage access | Performance of contract | Email, Shopify store URL |
| Service maintenance and security | Legitimate interests | Technical data, usage logs |
| Improve service functionality | Legitimate interests | Anonymized usage analytics via PostHog |
| Communicate service updates | Performance of contract | Email address |
| Comply with legal obligations | Legal obligation | Account information as required by law |
We do not:
- Sell, rent, or trade your personal data
- Use your data for marketing or advertising purposes
- Share data with third parties except as described in Section 4
- Use your Shopify store data for any purpose other than inventory checking
4. Data Sharing and Third Parties
We share your data only with service providers necessary to operate our platform:
4.1 PostHog (Analytics)
Data shared: Anonymized usage analytics, browser information, IP address (anonymized), feature usage patterns
Purpose: Analyze how users interact with our service to improve functionality
Legal basis: Legitimate interests (service improvement)
Retention: 1 year
PostHog Privacy Policy
4.2 Supabase (Data Storage & Authentication)
Data shared: Email address, account settings, encrypted Shopify API credentials
Purpose: Secure storage and user authentication
Legal basis: Performance of contract
Retention: For duration of service use
Supabase Privacy Policy
4.3 Shopify (API Integration)
Data shared: Your Shopify API credentials (encrypted), store URL
Purpose: Access your store's product inventory data
Legal basis: Performance of contract
Note: We request only the minimum scopes necessary. You control which permissions you grant.
Shopify Privacy Policy
4.4 Pinterest Ads API
Data shared: Your Pinterest business account credentials (encrypted), campaign IDs
Purpose: Retrieve campaign status and execute pausing actions
Legal basis: Performance of contract
Pinterest Privacy Policy
5. Data Retention
We retain your data only as long as necessary:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account information (email, account name) | Duration of service + 30 days | Compliance & account recovery |
| Shopify/Pinterest credentials | Duration of active connection | Required to provide service |
| Product inventory data | Real-time processing only (not stored) | Data minimization principle |
| Analytics data (PostHog) | 1 year | Service improvement |
| Technical logs | 30 days | Security & troubleshooting |
When you delete your account, we delete all associated personal data within 30 days, except where retention is required by law.
6. Data Security
We implement industry-standard security measures to protect your information:
- Encryption: All credentials (Shopify API keys, Pinterest tokens) encrypted at rest using AES-256
- HTTPS: All data transmitted over secure HTTPS connections
- Access Control: Credentials stored in Supabase with restricted access (production environment only)
- No Long-term Storage: Sensitive data not unnecessarily retained
- No Customer Data: We do not access or store customer personal data from your store
While we implement reasonable safeguards, no system is completely secure. We cannot guarantee absolute security of your data.
7. International Data Transfers
Your data is primarily stored and processed in the European Union (Supabase EU servers). If data is transferred outside the EU/EEA:
- PostHog Analytics: May process data in the United States (subject to Standard Contractual Clauses)
- Legal Basis: Standard Contractual Clauses (EU Commission decision adequacy)
For more information about international transfers, please contact us at the address in Section 10.
8. Your Privacy Rights (GDPR, CCPA, and Others)
Depending on your location, you have the following rights:
8.1 GDPR Rights (if located in the EU/EEA)
You have the right to:
- Access: Request a copy of your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data (with exceptions for legal obligations)
- Restrict Processing: Request we limit how we use your data
- Data Portability: Request your data in a machine-readable format
- Object: Object to processing of your data
- Withdraw Consent: Withdraw consent for data processing at any time
8.2 CCPA Rights (if located in California, USA)
You have the right to:
- Access: Know what personal data we collect
- Delete: Request deletion of your data
- Opt-out: Opt out of "sale or sharing" of personal data (we do not sell your data)
- Non-discrimination: Not receive discriminatory treatment for exercising your rights
8.3 How to Exercise Your Rights
To exercise any of these rights, please contact us:
Email: support@adpausr.com
Please include "Data Subject Request" in the subject line. We will respond within 30 days (or 45 days if your request is complex).
9. Cookies and Tracking
9.1 Cookies We Use
| Cookie | Type | Purpose | Expiration |
|---|---|---|---|
session_id | Essential | User authentication & session management | Session or 30 days |
auth_token | Essential | Persistent authentication | 30 days |
All cookies are essential for service functionality and do not require consent.
9.2 No Advertising or Marketing Cookies
We do not use:
- Advertising cookies
- Marketing tracking pixels (except anonymized PostHog analytics)
- Retargeting pixels
- Third-party cookies
9.3 Browser Do Not Track
We respect "Do Not Track" signals in your browser. Our service respects this preference and does not change tracking behavior based on this signal (since we use minimal tracking anyway).
10. Children's Privacy
Our Service is not intended for children under 13 years old (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly. If you are a parent and believe we have collected data from your child, please contact us immediately.
11. California Consumer Privacy Act (CCPA) Disclosures
If you are a California resident:
- Categories of Data Collected: Identifiers (email), commercial information (account settings), internet activity
- Purposes of Collection: Provide service, analyze usage, comply with law
- Do Not Sell: We do not sell your personal information
- Your Rights: See Section 8.2 above
- Authorized Agent: You may designate an authorized agent to submit requests
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date.
Your continued use of the Service after changes indicates your acceptance of the updated Privacy Policy. We encourage you to review this policy regularly.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
By Email: support@adpausr.com
By Mail:
AdPausr
Obrancov mieru 27
Košice, Slovakia, 04001
Response Time: We aim to respond to all inquiries within 7-10 business days.
14. Data Processing Agreement (DPA)
For merchants concerned about data processing compliance, we can provide a Data Processing Agreement upon request. Please contact us at support@adpausr.com.
15. Dispute Resolution & Legal Compliance
If you are in the EU and have an unresolved complaint about our data practices, you have the right to lodge a complaint with your local Data Protection Authority (DPA). Contact information for DPAs is available at https://edpb.ec.europa.eu/about-edpb/board/members_en.
For CCPA disputes, California residents may file a complaint with the California Attorney General.
This Privacy Policy applies to your use of AdPausr and all associated services. Thank you for trusting us with your data.