Privacy Policy

Last updated: April 6, 2026

Click Context ("we", "our", "the app") is a Shopify application operated by Vcommerce Tech Oy. This policy explains what data we collect from merchants who install our app and from visitors to their stores.

1. Data We Collect

From Merchants (Store Owners)

• Store information: Shopify domain, store name, and plan details provided during app installation.
• Product catalog: Product titles, prices, variants, and collections synced from your Shopify store to power analytics.

From Store Visitors

• Behavioral analytics: Page views, click positions, scroll depth, search queries, and navigation paths.
• Funnel events: Product views, add-to-cart, checkout steps, and purchase completions (order totals only, no payment details).
• Technical data: Browser viewport size, device type, and JavaScript errors for performance monitoring.

What We Do NOT Collect

• Personal names, email addresses, or physical addresses
• Payment information or credit card details
• IP addresses (not stored)
• Passwords or account credentials
• Data from other apps installed on the store

2. Cookie Consent and Customer Privacy

Click Context integrates with the Shopify Customer Privacy API. Our tracking scripts respect visitor consent choices:

• In regions requiring consent (e.g., EU/GDPR), our tracker and pixel do not collect any datauntil the visitor grants analytics consent through the store's cookie banner.
• We listen for consent changes and immediately pause or resume tracking accordingly.
• We are compatible with third-party consent management platforms such as Pandectes, Consentmo, and others that implement the Shopify Customer Privacy API.

3. How We Use Data

• Analytics dashboard: Aggregated behavioral insights displayed to the merchant within the Shopify admin.
• MCP integration: When a merchant connects their store to Claude (via MCP), the AI assistant can query aggregated analytics to provide store optimization insights. No raw visitor data is shared — only aggregated patterns and statistics.
• Performance monitoring:Detecting JavaScript errors and page performance issues on the merchant's storefront.

4. Data Storage and Security

• Data is stored in a PostgreSQL database hosted on Neon (neon.tech) in the EU region.
• All data transmission uses HTTPS/TLS encryption.
• Database access is restricted to the application with credentials managed through environment variables.
• Visitor data is associated with anonymous session IDs, not personal identifiers.

5. Data Retention and Deletion

• App uninstall: When a merchant uninstalls Click Context, we mark the account as inactive and delete the Shopify session token immediately.
• Full data deletion: When Shopify sends the shop/redact webhook (48 hours after uninstall), we permanently delete all merchant data including sessions, page views, clicks, funnel events, product data, analytics, and the merchant record itself.
• Customer data requests: We support GDPR customers/data_request and customers/redact webhooks to export or delete individual customer data on request.

6. Third-Party Sharing

We do not sell, rent, or share data with third parties. Data is only accessible to:

• The merchant who installed the app (via their dashboard)
• Claude AI (only when the merchant explicitly connects via MCP, and only aggregated analytics — not raw visitor data)
• Our infrastructure providers (Vercel for hosting, Neon for database) who process data on our behalf under their own privacy policies

7. Merchant Rights

As a merchant, you can:

• Access: View all collected data through the Click Context dashboard in your Shopify admin.
• Delete: Uninstall the app to trigger full data deletion, or contact us for immediate deletion.
• Disconnect MCP:Revoke Claude's access at any time through the dashboard.

8. Contact

For privacy-related questions or data requests, contact us at: privacy@clickcontext.com

Vcommerce Tech Oy — Helsinki, Finland