Alintro SMS/Whatsapp Notification

Support Upgrade

Privacy Policy

Last updated: October 17, 2025

1. Introduction

Alintro SMS/Whatsapp Notifications ("we," "our," or "the App") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our Shopify application.

By installing and using our App, you agree to the collection and use of information in accordance with this policy. We comply with applicable data protection laws including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other privacy regulations.

2. Information We Collect

2.1 Information from Shopify

When you install our App, we receive certain information from Shopify:

  • Store information (domain, email, timezone, currency)
  • Customer data (names, email addresses, phone numbers)
  • Order information (order numbers, amounts, dates, fulfillment status)
  • Product information (names, IDs, inventory levels)
  • Webhook data for configured events

2.2 Information You Provide

  • Gateway credentials (Twilio, WhatsApp Business API tokens)
  • Message templates and campaign content
  • Notification preferences and settings
  • Support requests and communications
  • Custom gateway configurations

2.3 Customer Consent Records

  • SMS opt-in consent with timestamps
  • WhatsApp messaging consent
  • Marketing preferences
  • Opt-out requests and timestamps

2.4 Automatically Collected Information

  • Message delivery metrics and status
  • App usage analytics
  • Error logs and performance data
  • IP addresses for security purposes

3. How We Use Your Information

We use the collected information for:

  • Service Delivery: Sending SMS and WhatsApp notifications as configured
  • Order Notifications: Processing order confirmations, shipping updates, and delivery notifications
  • Marketing Campaigns: Sending promotional messages with proper consent
  • Customer Support: Responding to inquiries and providing technical assistance
  • Service Improvement: Analyzing usage patterns to enhance features
  • Legal Compliance: Meeting regulatory requirements and maintaining consent records
  • Security: Preventing fraud and protecting against unauthorized access

4. Legal Basis for Processing (GDPR)

We process personal data based on:

  • Consent: For marketing communications and optional features
  • Contract Performance: To provide the services you've requested
  • Legal Obligations: To comply with applicable laws and regulations
  • Legitimate Interests: For transactional messages, security, and service improvements

5. Information Sharing and Disclosure

We share information only in these circumstances:

5.1 Service Providers

  • SMS Gateways: Twilio and custom HTTP providers for message delivery
  • WhatsApp: Meta/WhatsApp for WhatsApp Business API services
  • Infrastructure: Cloud hosting and database providers
  • Analytics: Service monitoring and usage analytics (anonymized)

5.2 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or to protect our rights, property, or safety.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred with appropriate confidentiality agreements.

We never sell personal data to third parties for marketing purposes.

6. Data Retention

We retain data for different periods based on its purpose:

  • Active Account Data: Duration of service plus 30 days after app uninstall
  • Message Logs: 2 years for compliance and dispute resolution
  • Consent Records: 5 years to demonstrate compliance
  • Support Communications: 3 years for service improvement
  • Analytics Data: 2 years in aggregated form

After retention periods expire, data is securely deleted or anonymized.

7. Data Security

We implement appropriate security measures including:

  • Encryption of data in transit using TLS/SSL
  • Encryption of sensitive data at rest
  • Access controls and authentication requirements
  • Regular security audits and vulnerability assessments
  • Secure API key storage and management
  • Employee confidentiality agreements
  • Incident response procedures

8. Your Rights

Under applicable privacy laws, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data (subject to legal requirements)
  • Portability: Receive your data in a machine-readable format
  • Restriction: Limit processing of your data
  • Objection: Object to certain processing activities
  • Withdraw Consent: Revoke previously given consent
  • Complaint: Lodge a complaint with supervisory authorities

To exercise these rights, contact us at support@alintro.com We respond to requests within 30 days.

9. SMS and WhatsApp Specific Terms

9.1 Consent Requirements

Before sending marketing messages, we ensure merchants obtain explicit consent from customers. Consent for SMS and WhatsApp are collected separately. Customers can opt-out at any time by replying STOP to SMS or using WhatsApp's block feature.

9.2 Message Frequency

Message frequency varies based on merchant configuration. Standard messaging rates apply. We respect quiet hours (8 AM - 9 PM local time) for marketing messages.

9.3 TCPA Compliance

We help merchants comply with the Telephone Consumer Protection Act (TCPA) by maintaining consent records, providing opt-out mechanisms, and including required disclosures.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission for transfers outside the EEA.

11. Children's Privacy

Our service is not directed to individuals under 16. We do not knowingly collect personal information from children. If we discover we've collected data from a child under 16, we will promptly delete it. For users aged 13-16, parental consent is required.

12. California Privacy Rights (CCPA)

California residents have additional rights:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale of personal information (we do not sell data)
  • Right to deletion
  • Right to non-discrimination for exercising privacy rights

13. Cookies and Tracking

We use essential cookies for authentication and session management. We don't use tracking cookies for advertising. You can control cookies through your browser settings, though this may affect app functionality.

14. Data Breach Notification

In the event of a data breach that poses risk to your rights and freedoms, we will notify affected users and relevant authorities within 72 hours of discovery, as required by GDPR.

15. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through the app. Continued use after changes constitutes acceptance of the updated policy.

16. Contact Information

Data Controller: Alintro SMS/Whatsapp Notifications

Support: support@alintro.com

Response Time: Within 15 days for privacy requests

17. Data Protection Officer

For privacy-related inquiries, you may contact our Data Protection Officer at support@alintro.com