Privacy policy for Hive Optimize
Hive Optimize ("the App") provides conversion and revenue optimisation features for Shopify merchants, including checkout customisation, A/B testing, analytics and product recommendations. This policy describes how the App collects, uses and protects personal information when installed on a Shopify store.
1. Information we collect
Merchant and store data
When you install Hive Optimize, we receive the following data from Shopify:
● store name, domain and contact information;
● Shopify API scopes you authorise;
● store locations, shipping settings, discount settings, fulfilment locations.
Shopify API data
Depending on which features you enable, the App may access the following data through Shopify’s APIs:
Customers
read and write customer profiles, segments, B2B companies and locations;
Orders
read and write orders, fulfilments, transactions and abandoned checkouts (within Shopify’s permitted timeframe);
Products
read and write products, variants and collections;
Shipping and delivery
● read shipping configurations;
● write carrier services and delivery customisations;
Discounts
read and write discount codes, automatic discounts and discount functions
Locations
read store and fulfilment locations;
Customer events and storefront behaviour
Through the Web Pixel extension, the App receives customer events such as:
product viewed, add to cart, remove from cart, cart viewed, collection viewed, checkout started, checkout progress events, checkout completed and custom assignment events.
Storefront scripts
Our Web Pixel and Theme extensions may collect:
● customer behaviour events;
● browser type and device type;
● IP address (only for requests routing, not for marketing);
● anonymous identifiers stored in local storage or cookies (if required for functionality).
Analytics, marketing and personalisation cookies follow the merchant’s cookie preference settings. Marketing tracking is disabled by default.
Third party processors
The App sends some aggregated or pseudonymised data to service providers:
● Rudderstack for analytics and event processing;
● Recombee for generating product recommendations;
● Sentry for application error monitoring;
● Hive internal APIs for secure processing within the Hive ecosystem.
All listed processors are hosted in the EU or US and operate under Standard Contractual Clauses where required.
These processors do not use data for their own purposes and operate under data processing agreements.
2. How we use the information
We use the data we collect to:
● provide and operate the Hive Optimize features;
● customise checkout shipping methods and delivery options;
● generate product recommendations;
● run A/B tests and optimise shop performance;
● track storefront behaviour and measure conversion;
● monitor system health and fix errors;
● provide merchant support and improve the App.
All customer data is processed solely on behalf of the merchant. We do not use customer personal data for our own marketing.
3. Data retention
Merchant data
We retain merchant and store configuration data for as long as the App is installed. After uninstallation, we delete data within 30 days, unless legally required to keep it longer.
Customer and order data
Customer-level and order-level data is stored only as long as required to provide the App’s functionality. After uninstallation, associated data is deleted within 30 days.
Analytics and logs
Aggregated analytics may be retained for up to 180 days for product performance and troubleshooting.
4. Uninstallation and data deletion
When a merchant uninstalls Hive Optimize:
● Shopify sends us an automatic uninstall webhook;
● we immediately stop all data collection;
● all merchant and customer data stored by the App is deleted within 30 days.
Merchants may also request data deletion at any time by contacting us at shopoptimizer@hive.app. We will complete the request within the timeframe required by applicable law.
5. Data processing roles
For merchants operating in the EU, UK or under similar privacy laws:
● the merchant is the data controller;
● Hive Optimize acts as a data processor.
We process customer personal data only on documented instructions from the merchant.
A Data Processing Agreement is available on request for merchants who require one. Contact us at the address below.
6. GDPR, CCPA and other privacy rights
We support merchant compliance with GDPR, CCPA and similar regulations by:
● enabling access, correction and deletion of customer data;
● processing personal data only for the purpose of providing the App;
● ensuring our subprocessors meet required privacy standards;
● honouring requests submitted by merchants relating to their customers’ rights.
We do not sell personal data.
7. Cookie and tracking disclosure
Our storefront scripts may use cookies or local storage to:
● store session identifiers;
● support A/B test allocation;
● load product recommendations;
● measure conversion events.
Marketing cookies are disabled unless explicitly enabled by the merchant through Shopify's consent settings.
The App respects Shopify's Customer Privacy API. When a customer withholds consent, marketing and analytics tracking is automatically disabled.
8. Security
We store data on secure servers using industry-standard technical and organisational measures, including:
● encryption in transit and at rest;
● access controls and logging;
● least privilege access for staff;
● secure coding and monitoring practices.
9. Shopify data protection
Our use of information received from Shopify APIs adheres to Shopify's API Terms of Service, including limitations on data use, retention and transfer.
10. Contact
For privacy inquiries or data requests, you can reach us at:
Hive Technologies GmbH
Karl-Liebknecht-Str. 14, 10178 Berlin, Germany
shopoptimizer@hive.app