ConverlayConverlay

Privacy Policy

Last updated: January 2026

1. Introduction

Converlay ("we", "our", or "us") provides server-side event tracking for Shopify stores. This Privacy Policy explains how we collect, use, and protect information when you use our application.

2. Information We Collect

We collect the following types of information:

  • Store information: Your Shopify store URL, store name, and admin email address provided during app installation.
  • Event data: Storefront events such as page views, product views, add-to-cart actions, and purchases. This data is collected through the Shopify web pixel.
  • Destination credentials: API keys and identifiers you provide to connect your ad platforms (GA4, Meta, TikTok).
  • Usage data: Anonymised data about how you use the Converlay dashboard, including features accessed, error logs, and performance metrics.
  • Billing information: Subscription and billing data is processed entirely through the Shopify billing system. We do not directly collect or store payment card details.

3. How We Use Your Information

We use collected information to:

  • Forward storefront events to your configured ad platforms via server-side APIs
  • Display event analytics in your Converlay dashboard
  • Monitor usage against your subscription plan limits
  • Provide customer support
  • Improve and develop the Converlay service based on aggregated usage patterns

4. Cookies and Tracking Technologies

Converlay does not place cookies on your customers' browsers. Our tracking operates server-side. The Converlay marketing website (converlay.com) may use essential cookies for site functionality and analytics cookies to understand visitor behaviour. You can control cookie preferences through your browser settings.

5. Data Sharing

We do not sell your data. Event data is forwarded only to the ad platforms you explicitly configure (Google Analytics, Meta, TikTok, and any other platforms you configure). We do not share your data with any other third parties.

6. Data Retention

Event data is retained for 90 days for dashboard display purposes. Destination credentials are stored securely and deleted when you disconnect a platform or uninstall the app.

7. Data Security

All data is encrypted in transit (TLS) and at rest. API credentials are stored using industry-standard encryption. We use secure, SOC 2 compliant infrastructure providers. A list of our current sub-processors is available upon request by contacting support@converlay.com.

8. International Data Transfers

Your data may be processed in countries outside the United Kingdom or European Economic Area. Where this occurs, we ensure appropriate safeguards are in place, including standard contractual clauses approved by the UK Information Commissioner's Office, to protect your data in accordance with applicable data protection laws.

9. Customer Consent

Converlay respects customer consent choices. Our pixel operates within the Shopify web pixel sandbox and adheres to the consent signals provided by Shopify's consent management system.

10. Your Rights

You can request data deletion at any time by uninstalling the app or contacting us at support@converlay.com. We comply with the UK GDPR, EU GDPR, and CCPA data subject requests. Under these regulations, you have the right to access your personal data, request rectification of inaccurate data, and data portability.

11. Contact Us

For questions about this privacy policy, contact us at support@converlay.com.