Legal

Privacy Policy

How we collect, use, share, and protect personal data across LAI Product Reviews and our other services.

Welcome to Smartify App's Privacy Policy!

This Privacy Policy describes how we may collect and use personal data and the rights granted to our visitors, customers, and merchants regarding their respective data.

By accessing or using this website or any of our apps or services, you signify your approval of the terms set out in this Privacy Policy, and other terms and policies posted on our website. If you do not agree to this Privacy Policy, you must leave this website and discontinue all use of any of our Services.

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our privacy practices or for other operational, legal, or regulatory reasons. If we make material changes to this Privacy Policy, we will give you notice of such changes by posting the revised policy on this Website, and where appropriate, by other means.

Information collected from Merchants

When you install any app, we are automatically able to access certain types of information from your Shopify account: You can see the details here. We collect this information to provide you with our services; for example, to confirm your identity, contact you, provide customer support when you contact us, provide you with advertising and marketing.

Information collected from Merchants' customers

For us to be able to provide you with our services and support, for you to better serve your customers, and to improve our services, in some apps we collect information about your customers. Here are the details:

  • LAI Product Reviews: We collect your customers' name and email for analytics and automated email marketing feature. If customers choose to submit a review on the Merchant's website, we will collect any information customers choose to provide within such review, including: photos, rating, review text, and comments to the review.
  • Product Labels: No customer personal information will be collected.

Information collected when you visit our Website

When you visit our website, we collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies installed on your device. We collect the information using the following technologies:

  • Cookies are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, including how to disable them, visit allaboutcookies.org.
  • Log files track actions occurring on the site, and collect data such as your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
  • Web beacons, tags, and pixels are electronic files used to record information about how you browse the site.

How we share information

We share your Personal Information with the following third parties to help us conduct our business and support our customers.

  • We use Google Analytics to help us understand how our customers use our website and apps. Read more at Google's Privacy Policy. You can opt-out at tools.google.com/dlpage/gaoptout.
  • We use CustomerIO for email marketing and to maintain our customer lists. Read more at CustomerIO Privacy Policy.
  • We use Freshdesk to communicate with you and provide customer support. Read more at Freshworks Privacy Policy.
  • We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant, or other lawful requests, or to otherwise protect our rights.
  • We may use your Personal Information to provide you with targeted advertisements or marketing communications. You can opt out of Facebook and Google targeted advertising at Facebook Ads Settings and Google Ads Settings.
  • Personal information may also be shared with a company that acquires our business, whether through merger, acquisition, bankruptcy, dissolution, reorganization, or other similar transaction or proceeding.

Cross-border transfer

Smartify Apps processes and stores personal information using our server(s) based in the United States.

If you are located outside of the United States, note that your personal information and other information that we collect through this website and our apps may be transferred to the United States. By accepting this Privacy Policy, using our apps or this website, or providing us with any personal information, you agree to the transfer of information to the United States.

Use of Smartify Apps by Children

Smartify Apps is not intended for children. If you are under 13, you may use the site and services only with the supervision of your parents or guardian.

Reviews copyright

When importing or submitting reviews using LAI, you agree to the following conditions:

  • You must make sure that you have the right to use all information that you import or submit.
  • LAI has the right but not the obligation to remove any activity or content if you no longer have the rights required by the 1st term.
  • You acknowledge and agree that we are not and will not be held liable or responsible, directly or indirectly, if any legal violation happened by not following our terms and conditions.
  • You grant us the right to use all information you import to LAI, and you must make sure that you own or otherwise control all of the rights to all this information.
  • We encourage the authenticity of all information you import, submit and use on your store. Hence we encourage you to import and submit only real reviews from real people.

Reviews edit policy

When using the Edit review feature, you must ensure the source and transparency of the review and ensure that edits will not change the original meaning of the review. The following are accepted:

  • Correcting typos or grammatical errors.
  • Translating review to another language.
  • Updating reviews' information as requested by reviewers.

LAI has the right but not the obligation to discard any changes that do not comply with Shopify and LAI policy.

Your Rights

Smartify Apps understands that you have rights over your personal information, and takes reasonable steps to allow you to access, correct, amend, delete, port, or limit the use of your personal information. If you are a merchant and wish to exercise these rights, please contact us through support@smartifyapps.com. We may require that you provide us with acceptable verification of your identity before providing access to such information.

If you are a merchant's customer and wish to exercise these rights, please contact the merchants you interacted with directly — we serve as a processor on their behalf, and can only forward your request to them to allow them to respond.

Retention

Your personal data and the store's data will be deleted 30 days after the app is uninstalled. If you wish to make a request to have your data removed immediately, either as a merchant of the platform or a buyer from a store, please contact us through support@smartifyapps.com.

Security incident response policy

The purpose of this policy is to provide a structured approach for detecting, reporting, assessing, and responding to security incidents in order to minimize the impact of incidents on the businesses' operations, reputation, and assets.

Incident severity scales

  • Level 1 (Low): Incidents that have minor impact and can be resolved quickly without causing significant damage.
  • Level 2 (Moderate): Incidents that have a noticeable impact on the organization and require immediate attention to avoid further damage.
  • Level 3 (High): Incidents that have a severe impact on the organization's operations and require immediate action to contain and resolve the incident.

Roles and responsibilities

  • Incident Response Team (IRT): The team responsible for responding to security incidents, consisting of IT staff, security personnel, and any other relevant stakeholders.
  • Incident Coordinator: The individual responsible for managing the incident response process, including coordinating with the IRT and other stakeholders, assessing the severity of the incident, and ensuring that the response is effective.
  • IT/Security Staff: Responsible for identifying, investigating, and resolving security incidents.

Escalation paths

  • Incident Reporting: All incidents must be reported to the IRT as soon as they are identified, including a description of the incident, the impact and any relevant evidence.
  • Initial Assessment: The IRT will conduct an initial assessment of the incident to determine its severity and impact.
  • Level 1 Escalation: For low-level incidents, the IRT may resolve the incident without escalating it further.
  • Level 2 Escalation: For moderate incidents, the IRT escalates to the Incident Coordinator who will involve additional resources and inform stakeholders.
  • Level 3 Escalation: For high-level incidents, the IRT escalates to senior management or executive leadership and may activate the emergency response plan.

Evidence collection

As soon as an incident is detected or reported, all relevant systems, devices, and logs will be preserved to prevent any further modifications or deletions of data. This includes collecting and preserving electronic data, such as system logs, network traffic, and application data.

Required actions

  • Incident Identification: All employees will be trained to identify and report security incidents as soon as they are detected.
  • Incident Categorization: The IRT categorizes the incident based on a predefined severity scale.
  • Incident Containment: The IRT takes immediate action to contain the incident to prevent further damage or data loss.
  • Incident Analysis: The IRT analyzes the incident to determine the root cause and indicators of compromise.
  • Incident Response: The IRT develops a response plan based on the severity and impact of the incident.
  • Incident Recovery: The IRT works to restore normal operations as soon as possible while ensuring system and data security.
  • Incident Review: After resolution, the IRT conducts a post-incident review to identify lessons learned and update the response policy.

Contact information

If you have any questions about your personal data or this Privacy Policy, or if you would like to file a complaint about how we process your personal data, please contact us by email at help@laireviews.io.