Privacy Policy
Last updated: June 13, 2026
Hoppy Popups ("the App") provides the possibility to add popups and announcement bars to your store, ("the Service") to merchants who use Shopify to power their stores. This Privacy Policy describes how personal information is collected, used, and shared when you install or use the App in connection with your Shopify-supported store.
Important: By using our app, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our app.
1. Personal Information the App Collects
We collect the following categories of personal information:
- Identifiers: Shop name, email address, Shopify store URL, and IP address
- Commercial Information: Products viewed or selected for widget targeting, and records of products or services purchased or considered
- Internet or Other Electronic Network Activity: Browser type, device information, referring/exit pages, interactions with popups, and usage data
- Geolocation Data: General location derived from IP address
When you install the App, we automatically access specific information from your Shopify account, such as:
- Read theme - to check if your app extension is enabled.
- Read products - to select the products where the widget will be displayed.
2. Technologies We Use
- Cookies - Data files placed on your device or computer, often including an anonymous unique identifier. For more information about cookies and how to disable them, visit http://www.allaboutcookies.org.
- Log files - These track actions on the Site, collecting data like your IP address, browser type, ISP, referring/exit pages, and timestamps.
- Web beacons, tags, and pixels - Electronic files used to record browsing activity on the Site.
- LocalStorage - Used to track popup sessions and user preferences.
3. How We Use Your Personal Information
We use the personal information collected to provide and operate the App. Additionally, we use this information to:
- Communicate with you.
- Optimize and improve the App.
- Provide information or advertising related to our products or services.
- Comply with applicable laws and enforce our terms.
- Protect the security and integrity of the App.
4. Legal Bases for Processing (GDPR)
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal information only where we have a valid legal basis under applicable data protection law. The legal bases we rely on are:
- Consent: Where you have given us explicit permission, for example to send marketing communications or to use non-essential cookies and tracking technologies.
- Contractual Necessity: Processing necessary to perform our contract with you, including to provide, maintain, and support the App.
- Legitimate Interests: Processing necessary for our legitimate business interests, such as improving the App, ensuring security, preventing fraud, and analyzing usage, provided those interests are not overridden by your rights.
- Legal Obligation: Processing necessary to comply with applicable laws, regulations, or legal process.
5. Data Retention Policy
Security procedures are in place to protect the confidentiality of all your data.
- We retain customer data for both paying and free users.
- For free users, data is retained for 60 days post-trial for potential service continuation.
- For paying customers, data is retained for 60 days post-contract termination, with provisions for renewal or user-requested deletion.
- Exceptions may apply in cases of legal, billing, or accounting requirements.
6. Data Storage and Deletion
- We store Shopify, Google, Outlook access tokens and necessary data for App functionality.
- Upon uninstallation of our Apps, all data is deleted including but not limited to access tokens for Google, Outlook and Shopify.
- We do not store your Shopify, Google or Outlook login credentials.
7. Sharing Your Personal Information
We do not sell your personal information. We may share your personal information with the following categories of recipients for the purposes described in this Privacy Policy:
7.1 Named Sub-Processors and Service Providers
We use carefully selected third-party service providers (sub-processors) to help us operate and provide the App. The following sub-processors may process personal information on our behalf:
- Shopify, Inc. - E-commerce platform and app hosting infrastructure.
- Klaviyo, Inc. - Email marketing and customer data platform integration, used when you choose to connect Klaviyo to sync subscriber and customer data.
- Intuit Mailchimp - Email marketing service integration, used when you choose to connect Mailchimp to sync subscriber and customer data.
- Cloudflare, Inc. - Content delivery, security, and DNS services.
- Amazon Web Services (AWS) - Cloud hosting and data storage infrastructure.
- Google LLC - Analytics and cloud services (e.g., Google Analytics, Google Cloud).
- Crisp IM SARL - Customer support chat platform.
7.2 Legal Requirements
We may disclose your information to comply with applicable laws, respond to lawful requests (e.g., subpoenas or search warrants), or protect our rights.
7.3 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
8. Your Rights (European Residents)
If you are a European resident, you have the right to access, correct, update, or delete the personal information we hold about you. To exercise this right, please contact us using the information below.
You also have the right to:
- Object to processing based on legitimate interests or for direct marketing purposes.
- Request restriction of processing in certain circumstances.
- Request portability of your personal data in a structured, commonly used, machine-readable format.
- Withdraw consent at any time where we rely on consent, without affecting the lawfulness of processing based on consent before its withdrawal.
- Lodge a complaint with your local data protection supervisory authority.
9. California Privacy Rights (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you specific rights regarding your personal information.
9.1 Categories of Personal Information Collected
Within the last 12 months, we may have collected the following categories of personal information, as defined by the CCPA/CPRA:
- Identifiers (e.g., name, email address, Shopify store URL, IP address)
- Commercial information (e.g., products viewed or selected, records of products considered)
- Internet or other electronic network activity information (e.g., browsing history, interactions with popups)
- Geolocation data (e.g., general location derived from IP address)
9.2 California Consumer Rights
You have the right to:
- Know: Request that we disclose the personal information we collect, use, disclose, and sell or share about you.
- Delete: Request deletion of your personal information, subject to certain exceptions.
- Correct: Request correction of inaccurate personal information.
- Opt-Out of Sale or Sharing: We do not sell or share your personal information for cross-context behavioral advertising. If this changes, we will provide a clear mechanism to opt out.
- Limit Use of Sensitive Personal Information: We do not collect sensitive personal information as defined by the CPRA.
- Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise your California privacy rights, please contact us at legal@hoppyapps.com.
10. International Data Transfers
Your personal information may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.
When we transfer personal information from the EEA, the United Kingdom, or Switzerland to countries that have not been recognized as providing an adequate level of data protection, we use appropriate safeguards, including the European Commission's Standard Contractual Clauses (SCCs) and the UK International Data Transfer Agreement (IDTA), as applicable, together with additional technical and organizational security measures. By using the App, you consent to these transfers and safeguards.
11. Changes
We may update this Privacy Policy periodically to reflect changes to our practices or for operational, legal, or regulatory reasons.
12. Contact Us
For more information about our privacy practices, or if you have any questions or complaints, please contact us via email or by mail at:
Address
FUTUREBLINK Inc.
131 Continental Dr
Suite 305
Newark, DE 19713 US
Email: legal@hoppyapps.com