Last updated: June 11, 2026

Privacy Policy

This Privacy Policy explains how Shopolo collects, uses, and protects information when you use our platform. We take privacy seriously and will never sell your data.

1. Who We Are

Shopolo is operated by Nanushi Inc. ("we", "us", "our"). We provide software tools for independent businesses including gift cards, loyalty programs, online ordering, appointments, reservations, and email campaigns.

For questions about this policy, contact us at privacy@shopolo.app.

2. Information We Collect

We collect information in three ways:

Information you provide directly: • Account registration: name, email address, password • Business profile: business name, type, address, phone, website, logo, brand colors • Billing information: handled entirely by Stripe — we never see or store your card number

Information collected automatically: • Usage data: pages visited, features used, actions taken in the dashboard • Device and browser information: IP address, browser type, operating system • Cookies and similar technologies for session management and analytics

Information from your customers (as a data processor): When your customers use your Shopolo-powered storefront, we collect their name, email address, purchase history, and loyalty activity on your behalf. You are the data controller for this information; we process it only to provide you with the service.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve the Shopolo platform • Process transactions and send receipts • Send transactional emails (booking confirmations, gift card delivery, loyalty updates) via Resend • Send you product updates, billing notices, and support communications • Detect and prevent fraud and abuse • Comply with legal obligations

We do not use your data or your customers' data for advertising. We do not sell data to third parties.

4. How We Share Information

We share information only with service providers necessary to operate the platform:

• Stripe, Inc. — payment processing and merchant payouts. When you connect a Stripe Express account to accept payments, Stripe independently collects and processes your identity and business information as part of their Know Your Customer (KYC) and Know Your Business (KYB) compliance obligations. This includes your legal name, address, date of birth, SSN (last 4 or full, depending on volume), and bank account details. This information is governed by Stripe's Privacy Policy at stripe.com/privacy — Shopolo does not receive, store, or have access to sensitive identity documents or full financial account numbers. • Supabase, Inc. — database and authentication infrastructure. Data is stored in US-based data centers. • Resend, Inc. — transactional email delivery (gift cards, booking confirmations, campaign sends).

We do not share payment card data because we never receive it. All card information is entered directly into Stripe's secure hosted checkout — it never passes through Shopolo's servers.

All third-party processors are contractually required to protect your data and use it only as directed by us. We do not share your information with any other third parties without your explicit consent, except as required by law.

5. Merchant Customer Data

When your customers interact with your Shopolo storefront — buying a gift card, joining your loyalty program, placing an order, or booking an appointment — we collect and store their data to operate those features on your behalf.

As the merchant, you are the data controller for your customer data. We are the data processor. You are responsible for: • Having a valid legal basis to collect your customers' data • Providing your customers with notice of how their data is used • Honoring any deletion or access requests from your customers

You may export or delete your customer data at any time from your dashboard settings.

6. Email Communications

Shopolo sends two types of emails:

Transactional emails: These are sent in direct response to user actions — gift card delivery, booking confirmations, order receipts, loyalty updates. These cannot be opted out of as they are essential to the service.

Marketing emails: We may send you product news, tips, and updates about Shopolo. You can unsubscribe from these at any time using the unsubscribe link in any such email or by contacting us.

For emails sent to your customers via the Campaigns feature, you are responsible for ensuring your recipients have opted in and for complying with CAN-SPAM and any other applicable anti-spam laws.

7. Cookies

We use cookies and similar tracking technologies for:

• Session management: keeping you logged in to your dashboard • Security: protecting against CSRF attacks • Analytics: understanding how the platform is used (aggregated, not tied to individuals)

You can control cookies through your browser settings. Disabling cookies may prevent some features from working correctly.

8. Data Retention

We retain your account data for as long as your account is active. If you cancel your account, we retain your data for 30 days in case you wish to reactivate, after which it is permanently deleted.

Billing records and transaction logs may be retained for up to 7 years as required for tax and financial compliance purposes.

Your customers' data (profiles, purchase history) is retained as long as your account is active. You may delete individual customer records from your dashboard at any time.

9. Security

We implement industry-standard security measures to protect your data including:

• All data transmitted over HTTPS with TLS encryption • Passwords hashed using bcrypt — never stored in plaintext • Database access restricted to application services only • Authentication managed by Supabase with 256-bit encryption

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security but take reasonable precautions to protect your data.

10. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you • Correct inaccurate data • Request deletion of your data • Export your data in a portable format • Object to or restrict certain processing

To exercise any of these rights, contact us at privacy@shopolo.app. We will respond within 30 days.

11. Children's Privacy

Shopolo is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the platform. The "last updated" date at the top of this page reflects the most recent revision.

Continued use of Shopolo after changes take effect constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy, please contact us at:

privacy@shopolo.app

Nanushi Inc.

Read our Terms of Service →