Privacy Policy - Cecilia Shoppable Videos

Effective Date: 03/08/2025
Last Updated: 03/08/2025

1. Introduction
2. Information We Collect
3. How We Use Information
4. Data Sharing
5. Storage and Security
6. User Rights
7. International Transfers
8. Regulatory Compliance
9. Policy Changes
10. Contact and Support

1. Introduction

Cecilia Shoppable Videos is an application developed for the Shopify platform that allows merchants to create interactive and shoppable video experiences in their online stores. This Privacy Policy describes how we collect, use, store, and protect information when you use our application.

2. Information We Collect

2.1 Merchant Data

      Account Information:
      Shopify store name
Store domain
Basic store owner information
Contact data (email, phone)


      App Usage Data:
      Videos uploaded to the store
Video metadata (title, description, size, duration)
Carousel configurations created
Video-product associations
Usage and performance logs

    

2.2 Technical Data

System and error logs
Performance metrics
Cache and optimization data
Theme compatibility information

3. How We Use Information

3.1 App Functionality

Carousel Creation: Organize and display videos in interactive formats
Shoppable Experience: Connect videos to products to facilitate purchases
Performance Optimization: Ensure fast loading and efficient streaming
Personalization: Adapt the experience to the merchant's brand identity

3.2 Improvements and Development

Analyze usage patterns to improve functionality
Identify and fix bugs
Develop new features based on feedback
Optimize product recommendation algorithms

3.3 Support and Communication

Provide technical support
Send important app updates
Communicate feature changes
Respond to questions and requests

4.1 We Don't Sell Data

We never sell, rent, or commercialize your personal information with third parties for marketing purposes.

4.2 Authorized Sharing

With Shopify:

Data necessary for platform integration
Information required by Shopify App Store policies

Service Providers:

AWS (Amazon Web Services) for hosting and storage
CDN services for video optimization
Analytics and monitoring tools

Legal Compliance:

When required by law or legal process
To protect rights, property, or security
In case of merger, acquisition, or asset sale

5. Storage and Security

5.1 Data Location

Videos: Stored preferably on Shopify's infrastructure
Metadata: May be stored in Shopify Metaobjects or AWS
Analytics Data: Processed on secure AWS servers

5.2 Security Measures

      
          Encryption: All data is encrypted in transit and at
          rest
        
          Access Control: Access restricted to authorized
          personnel only
        
          Monitoring: Suspicious activity detection systems
        
          Backups: Regular and secure backups of critical data
        
          Compliance: We follow industry security best
          practices

5.3 Data Retention

Merchant Data: Retained while the app is installed
Interaction Data: Retained for up to 24 months for analysis
System Logs: Kept for 90 days for support purposes
Inactive Data: Automatically removed after periods of inactivity

6. User Rights

6.1 Merchant Rights

Access: View all data collected about your store
Correction: Request correction of incorrect information
Deletion: Remove your account and associated data
Portability: Export your data in readable format
Restriction: Limit processing of certain data

6.2 End Customer Rights

Transparency: Know what data is collected during browsing
Opt-out: Disable analytics data collection (when applicable)
Access: Request information about collected data
Deletion: Remove personal data upon request

6.3 How to Exercise Your Rights

To exercise any privacy-related right:

Email: contact@csatech.com.br
Through the App: Privacy settings in the administrative panel
Response Time: Up to 3 days for requests

7. International Transfers

As we use global cloud services (AWS), your data may be processed in different countries. We ensure that:

All transfers follow international protection standards
We maintain the same security level regardless of location
We comply with local data protection regulations

8. Regulatory Compliance

8.1 LGPD (Brazilian General Data Protection Law)

We fully comply with Brazilian LGPD, including:

Clear legal basis for data processing
Minimization and transparency principles
Data subject rights
Incident notification when applicable

8.2 GDPR (General Data Protection Regulation)

For European merchants, we follow:

Explicit consent when necessary
Right to be forgotten
Data portability
Breach notification

9. Policy Changes

9.1 Change Notification

Important updates will be communicated by email
Minor changes will be indicated in the "last updated" date
Merchants will have 30 days to review significant changes

9.2 Continued Acceptance

Continued use of the app after changes constitutes acceptance of the new policy.

10. Contact and Support

10.1 Privacy Questions

Email: contact@csatech.com.br

10.2 Supervisory Authorities

In case of unresolved concerns, you can contact:

Brazil: ANPD (National Data Protection Authority)
Europe: Local data protection authority
Other countries: Competent local authority