Overview
StoreMapDirectory ("we", "our", "us") is a Shopify application developed and operated by Codeoptix (codeoptix.in). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you install and use our Shopify app.
By installing StoreMapDirectory from the Shopify App Store, you agree to the terms of this Privacy Policy. If you disagree, please do not install or use the app.
Data We Collect
We collect the following categories of data when you install and use StoreMapDirectory:
A. Merchant / Shop Data
| Data Field | Purpose | Required? |
|---|---|---|
| Shop permanent domain (e.g. yourstore.myshopify.com) | Identify your store in our system | Yes |
| Shopify plan / subscription status | Determine your StoreMapDirectory plan tier | Yes |
| Shopify access token | API access to install theme block | Yes |
B. Location Data (Entered by You)
| Field | Plans Available |
|---|---|
| Store/Location Name | All plans |
| Full Address, City, Country, ZIP/Postal Code | All plans |
| Latitude & Longitude (optional) | All plans |
| Email, Phone | All plans |
| Location Image URL | FLEX & UNLIMITED |
| Description | FLEX & UNLIMITED |
| Operation Hours | FLEX & UNLIMITED |
| Website URL, Fax | FLEX & UNLIMITED |
| Social Links (Instagram, Facebook, Twitter, LinkedIn) | FLEX & UNLIMITED |
| Discount/Coupon Code | All plans (if enabled) |
This data is entered voluntarily by you (the merchant) and is publicly displayed on your store's map widget to your customers.
C. Usage Data
We may collect anonymous usage data such as page views of the app dashboard, feature usage counts, and error logs. This data is never linked to individual customers.
D. Customer-Facing Data
When your store visitors use the map widget, they may optionally share their browser geolocation to find the nearest store. We do not store, log, or transmit visitor geolocation data. This is processed entirely in the visitor's browser.
How We Use Your Data
- To provide and operate the StoreMapDirectory service on your Shopify store
- To display your store locations on the interactive map widget
- To manage your subscription plan (Basic / FLEX / Unlimited) via Shopify Billing API
- To apply your custom CSS styling (FLEX & Unlimited plans)
- To send service-related communications (billing issues, app updates, critical notices)
- To improve and debug the application
- To comply with legal obligations
We do not use your data for advertising, profiling, or sell it to third parties.
Third-Party Services
StoreMapDirectory integrates with the following third-party services to deliver its functionality:
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Shopify | Platform, auth, billing | Shop domain, subscription | shopify.com/legal/privacy |
| OpenStreetMap / Leaflet | Map tiles rendering | IP address (standard CDN request) | osmfoundation.org |
| Nominatim (OpenStreetMap) | Address geocoding (when no lat/lng set) | Location address string | nominatim.org |
| Google Maps | Get Directions links (external link only) | Destination coordinates/address | policies.google.com |
| Google Fonts | Typography (DM Sans, DM Serif) | IP address (standard CDN request) | policies.google.com |
| Google Cloud Run | Our backend API hosting | Shop domain, location data | cloud.google.com |
Data Storage & Security
Your location data is stored securely on Google Cloud infrastructure (Google Cloud Run, us-east1 region). We implement industry-standard security measures including:
- HTTPS encryption for all data in transit
- Encrypted storage at rest
- Access controls limiting who can view merchant data
- Regular security reviews
Data is retained for as long as your app subscription is active. Upon uninstallation, we retain data for 30 days to allow reinstallation, after which it is permanently deleted.
GDPR & CCPA Compliance
Legal Basis for Processing (GDPR)
- Contract performance — processing necessary to provide the service you subscribed to
- Legitimate interests — improving the app, preventing fraud, ensuring security
- Legal obligation — compliance with applicable laws
Shopify GDPR Webhooks
We handle all mandatory Shopify GDPR webhooks:
customers/redact— Customer data deletion upon merchant requestshop/redact— Complete shop data deletion upon app uninstallcustomers/data_request— Customer data export upon request
Your Rights
As a merchant using StoreMapDirectory, you have the right to:
- Access — Request a copy of all data we hold about your store
- Rectification — Correct any inaccurate data
- Erasure — Request deletion of all your data ("right to be forgotten")
- Portability — Receive your location data in a portable format (JSON/CSV)
- Object — Object to processing of your data
- Restrict — Request restriction of processing
To exercise any of these rights, contact us at privacy@codeoptix.in. We will respond within 30 days.
Data Deletion
You can request complete deletion of your data in two ways:
- Uninstall the app from your Shopify admin — this triggers automatic deletion within 30 days
- Email us directly at privacy@codeoptix.in with subject "Data Deletion Request"
Children's Privacy
StoreMapDirectory is a business tool intended for merchants aged 18 and over. We do not knowingly collect data from children under 13. If you believe a child has provided us data, contact us immediately.
Changes to This Policy
We may update this Privacy Policy periodically. When we do, we will update the "Last Updated" date at the top of this page and notify active merchants via email for material changes. Continued use of the app after changes constitutes acceptance of the updated policy.
Contact Us
For any privacy-related questions, concerns, or requests: