Last updated: March 29, 2025
This Privacy Policy explains how Shopolo collects, uses, and protects information when you use our platform. We take privacy seriously and will never sell your data.
Shopolo is operated by Nanushi Inc. ("we", "us", "our"). We provide software tools for independent businesses including gift cards, loyalty programs, online ordering, appointments, reservations, and email campaigns.
For questions about this policy, contact us at privacy@shopolo.app.
We collect information in three ways:
Information you provide directly: • Account registration: name, email address, password • Business profile: business name, type, address, phone, website, logo, brand colors • Billing information: handled entirely by Stripe — we never see or store your card number
Information collected automatically: • Usage data: pages visited, features used, actions taken in the dashboard • Device and browser information: IP address, browser type, operating system • Cookies and similar technologies for session management and analytics
Information from your customers (as a data processor): When your customers use your Shopolo-powered storefront, we collect their name, email address, purchase history, and loyalty activity on your behalf. You are the data controller for this information; we process it only to provide you with the service.
We use the information we collect to:
• Provide, operate, and improve the Shopolo platform • Process transactions and send receipts • Send transactional emails (booking confirmations, gift card delivery, loyalty updates) via Resend • Send you product updates, billing notices, and support communications • Detect and prevent fraud and abuse • Comply with legal obligations
We do not use your data or your customers' data for advertising. We do not sell data to third parties.
We share information only with service providers necessary to operate the platform:
• Stripe, Inc. — payment processing and merchant payouts. Stripe has its own privacy policy at stripe.com/privacy. • Supabase, Inc. — database and authentication infrastructure. Data is stored in US-based data centers. • Resend, Inc. — transactional email delivery (gift cards, booking confirmations, campaign sends).
All third-party processors are contractually required to protect your data and use it only as directed by us. We do not share your information with any other third parties without your explicit consent, except as required by law.
When your customers interact with your Shopolo storefront — buying a gift card, joining your loyalty program, placing an order, or booking an appointment — we collect and store their data to operate those features on your behalf.
As the merchant, you are the data controller for your customer data. We are the data processor. You are responsible for: • Having a valid legal basis to collect your customers' data • Providing your customers with notice of how their data is used • Honoring any deletion or access requests from your customers
You may export or delete your customer data at any time from your dashboard settings.
Shopolo sends two types of emails:
Transactional emails: These are sent in direct response to user actions — gift card delivery, booking confirmations, order receipts, loyalty updates. These cannot be opted out of as they are essential to the service.
Marketing emails: We may send you product news, tips, and updates about Shopolo. You can unsubscribe from these at any time using the unsubscribe link in any such email or by contacting us.
For emails sent to your customers via the Campaigns feature, you are responsible for ensuring your recipients have opted in and for complying with CAN-SPAM and any other applicable anti-spam laws.
We use cookies and similar tracking technologies for:
• Session management: keeping you logged in to your dashboard • Security: protecting against CSRF attacks • Analytics: understanding how the platform is used (aggregated, not tied to individuals)
You can control cookies through your browser settings. Disabling cookies may prevent some features from working correctly.
We retain your account data for as long as your account is active. If you cancel your account, we retain your data for 30 days in case you wish to reactivate, after which it is permanently deleted.
Billing records and transaction logs may be retained for up to 7 years as required for tax and financial compliance purposes.
Your customers' data (profiles, purchase history) is retained as long as your account is active. You may delete individual customer records from your dashboard at any time.
We implement industry-standard security measures to protect your data including:
• All data transmitted over HTTPS with TLS encryption • Passwords hashed using bcrypt — never stored in plaintext • Database access restricted to application services only • Authentication managed by Supabase with 256-bit encryption
No method of transmission over the internet is 100% secure. We cannot guarantee absolute security but take reasonable precautions to protect your data.
Depending on your location, you may have the right to:
• Access the personal data we hold about you • Correct inaccurate data • Request deletion of your data • Export your data in a portable format • Object to or restrict certain processing
To exercise any of these rights, contact us at privacy@shopolo.app. We will respond within 30 days.
Shopolo is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the platform. The "last updated" date at the top of this page reflects the most recent revision.
Continued use of Shopolo after changes take effect constitutes acceptance of the updated policy.
If you have questions, concerns, or requests related to this Privacy Policy, please contact us at:
privacy@shopolo.app
Nanushi Inc.