Legal

Privacy Policy

Effective: July 2, 2026 · Version 1.0

1. Introduction

This Privacy Policy describes how AdaChecked ("AdaChecked," "we," "us," or "our") collects, uses, and shares information when you install or use the AdaChecked application for Shopify (the "App"), visit our website, or contact us. By installing the App or using our website, you agree to this Policy.

This Policy applies only to information handled by AdaChecked. It does not apply to information handled by Shopify or any third party. Your use of Shopify is governed by Shopify's own privacy policy.

2. Information we collect

Information you provide

When you contact us or request a remediation engagement, we may collect your name, email address, store name, and any other information you choose to share.

Shopify store data

When you install the App, we receive your store domain, your store's primary domain, and an offline access token issued by Shopify. Using only the scopes you approve at install — read_themes, read_products, read_content, and read_locales — we read your storefront's themes, products, pages, content, and locales for the sole purpose of running accessibility scans.

We do not request, access, or store your customers' personal data or your order data. The App does not ask for customer or order scopes.

Scan data

To deliver the App, we scan the public pages of your storefront and store the resulting data — page URLs, structure, accessibility findings, scores, and generated reports and statements — for the duration of your installation.

Automatic information

When you visit our marketing website, we automatically collect technical information such as IP address, browser type, device type, referring URLs, and pages viewed, through cookies and server logs.

3. How we use information

We use the information we collect to:

  • Provide, operate, maintain, and improve the App and our scanning services;
  • Run scans and produce scores, reports, and accessibility statements;
  • Respond to inquiries and provide support and remediation services;
  • Administer billing through Shopify and send service-related communications;
  • Monitor and analyze usage to improve our offerings and develop new features;
  • Detect, investigate, and prevent fraud, abuse, or illegal activity;
  • Comply with legal obligations and enforce our agreements.

4. Sharing and disclosure

We do not sell your personal information. We may share information as follows:

Service providers and subprocessors. We share information with vendors who help us operate — including cloud hosting, our accessibility scan engine, email delivery, and error monitoring. These providers are bound by appropriate confidentiality and data-protection terms.

Shopify. The App runs on the Shopify platform and relies on Shopify for installation, authentication, and billing. Information necessary for these functions is exchanged with Shopify.

Business transfers. If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction.

Legal requirements. We may disclose information if required by law or legal process, or to protect our rights, your safety, or the safety of others.

Aggregated or de-identified data. We may share data that cannot reasonably be used to identify you.

5. Cookies and tracking

The App uses a signed session cookie to keep you authenticated. Our marketing website uses cookies and similar technologies to remember preferences and analyze usage. You can control cookies through your browser; disabling them may affect functionality.

6. Data retention and deletion

We retain your store and scan data for as long as the App remains installed. When you uninstall the App, or when Shopify sends us a shop-redaction request, we delete that store's scans, pages, issues, and sessions. We may retain limited records where required to comply with legal obligations, resolve disputes, or enforce our agreements.

7. Security

We implement commercially reasonable technical and organizational measures to protect information, including encrypting the Shopify access token at rest. However, no method of transmission or storage is completely secure, and we cannot guarantee the security of any information. In the event of a security incident, we will comply with applicable notification laws.

8. International transfers

We may process and store information in any country in which we or our service providers operate. Data-protection laws may differ from those where you live. By using the App, you consent to the transfer of your information to those countries.

9. Your rights

Depending on where you live, you may have rights to access, correct, delete, or restrict processing of your personal information, and to data portability. To exercise these rights, contact us using the details below.

We honor Shopify's mandatory data-protection webhooks — shop/redact, customers/redact, and customers/data_request. Because the App holds no customer data, customer requests are answered as no-ops, while shop-redaction deletes your store's data as described above. Residents of the EEA, the UK, or California may have additional rights under the GDPR, UK GDPR, or CCPA/CPRA, which we honor as required by law.

10. Children's privacy

The App and our website are not directed to children under 16, and we do not knowingly collect personal information from them. If we learn we have, we will delete it.

11. Third-party links

Our website may link to third-party sites. We are not responsible for their privacy practices or content, and we encourage you to review their policies.

12. Changes to this policy

We may update this Policy from time to time. The "Effective" date above reflects the most recent revision. Your continued use of the App or website after changes become effective constitutes acceptance of the revised Policy.

13. Contact us

AdaChecked — Email: privacy@adachecked.com