Spocket Privacy Policy

Personal Data We Collect

Personal data (or personal information) refers to any information about an identifiable individual who can be directly or indirectly identified. This does not include data that cannot be linked to a specific person (anonymous data).

We may collect, use, store, and transfer various types of personal data, grouped as follows:

Identity Data – first name, last name, username, or similar identifier.

Contact Data – billing address, delivery address, email address, and telephone numbers.

Financial Data – payment card details.

Transaction Data – details about payments to and from you and information about services you’ve purchased from us.

Technical Data – IP address, mobile device unique ID, login data, browser type and version, time zone and location, browser plug-in types and versions, operating system and platform, and other technology on devices used to access our Website or App.

Profile Data – username and password, your purchases and orders, location, preferences, feedback, and survey responses.

Usage Data – how you use our Website, App, and services, including buttons clicked, pages visited, time spent, search queries, visit timestamps, products tracked, usage frequency, and other related activity.

Marketing and Communications Data – your preferences for receiving marketing from us and third parties, and your communication preferences.

Aggregated Data

We also collect, use, and share Aggregated Data—such as statistical or demographic data—for any purpose. While it may be derived from your personal data, Aggregated Data is not considered personal by law if it does not directly or indirectly reveal your identity.

Example: We might aggregate your Usage Data to understand what percentage of users use a specific feature. However, if Aggregated Data is linked to your personal data in a way that identifies you, we will treat it as personal data under this Privacy Policy.

Sensitive Data‍

We do not collect any Special Categories of Personal Data, such as:

• Racial or ethnic origin
• Religious or philosophical beliefs
• Sexual orientation or activity
• Political opinions
• Trade union membership
• Health information
• Genetic or biometric data
  

We also do not collect data related to criminal convictions or offences.

If You Fail to Provide Personal Data

In cases where we need to collect personal information by law or under a contract with you, and you fail to provide it when requested, we may be unable to fulfill the contract (e.g., providing services). If this occurs, we will notify you at the time and explain any consequences, including possible cancellation of services.

We use a variety of methods to collect data from and about individuals, including:

1. Direct interactions by you

You may provide us with Identity, Contact, and Financial Data by filling in forms, linking your Shopify account, or communicating with us via post, phone, email, or other means. This includes personal data you provide or allow us to access when you:

• Sign up for a demo of our services
• Create an account and profile with us
• Purchase one of our services
• Subscribe to our email alerts
• Complete one of our online forms to receive reports or case studies
• Download or otherwise access our e-books, magazines, or videos
• Contact our customer service team
• Request marketing communications
• Provide feedback

2. Automated technologies or interactions

As you interact with our Website or App, we may automatically collect Technical Data about your device, browsing behavior, and usage patterns. We collect this personal data using cookies, server logs, and similar technologies.

Additionally, we may receive Technical and Usage Data if you visit other websites that use our cookies.

3. Third parties or publicly available sources

We may receive personal data about you from third parties and public sources, such as:

• Technical Data from:
  • Analytics providers (e.g., Google Analytics) based outside the EU
  • Search information providers (e.g., Google) based inside or outside the EU
• Contact, Financial, and Transaction Data from:
  • Technical, payment, and delivery service providers (e.g., Stripe) based outside the EU
• Identity and Contact Data from:
  • Our partners, data brokers, or aggregators based inside or outside the EU
  • Publicly available sources such as LinkedIn, Instagram, and other social media platforms based outside the EU

Purpose of This Privacy Policy

We will only use your personal information when the law allows us to. Most commonly, this will be in the following circumstances:

• When we need to perform the contract we are about to enter into or have entered into with you
• When it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests
• When we need to comply with a legal or regulatory obligation
  

Legal Bases for Processing Your Personal Information

The types of lawful basis we may rely on to process your personal data include:

• Legitimate Interest: Our interest in operating and improving our business, delivering services, and ensuring security. We always assess potential impact on your rights before doing so
• Performance of Contract: When data is needed to fulfill a contract with you or to take steps before entering into a contract
• Legal or Regulatory Obligation: When processing is necessary for compliance with legal requirements
• Consent: You have explicitly agreed. This is mainly for third-party marketing. You may withdraw consent at any time
  

Purposes for Which We Use Your Personal Information

Here are the main purposes and legal bases for using your personal information:

• To register you as a new customer
• Legal basis: Performance of a contract
• To allow you to use our services
• Legal basis: Performance of a contract
• To process and deliver your order (manage payments, fees, collect owed money)
• Legal basis: Performance of a contract and our legitimate interests (e.g. recovering debts)
• To manage our relationship with you (notify about changes, request feedback)
• Legal basis: Performance of a contract, legal obligation, and our legitimate interests (e.g. keeping records up to date)
• To enable participation in surveys, competitions, or promotions
• Legal basis: Performance of a contract and our legitimate interests (e.g. to improve services)
• To administer and protect our business and platforms (troubleshooting, support, fraud prevention)
• Legal basis: Legitimate interests (e.g. IT security, business operation) and legal obligations
• To improve our websites, services, and customer experiences through data analytics
• Legal basis: Legitimate interests (e.g. defining audience types, improving performance)
• To make suggestions and recommendations about services that may interest you
• Legal basis: Legitimate interests (e.g. business growth) or consent
  

Marketing

We provide choices regarding how your personal data is used in marketing and advertising.

• Promotional Offers: We may use your data to assess your needs and send offers if you’ve shown interest, purchased services, or engaged with us, unless you’ve opted out
• Third-Party Marketing: We will get your express opt-in consent before sharing your information with other companies for marketing purposes
• Opting Out: You can opt out of marketing messages from us or third parties at any time by contacting us. This does not apply to service-related communications
  

Cookies (Website Only)

You can set your browser to refuse or alert you to cookies. Disabling cookies may affect site performance

Change of Purpose

We will only use your data for the reason it was collected, unless another reason is compatible. If we need to use your data for a different purpose, we will notify you and explain the legal basis

In some cases, we may process your data without your consent if required or permitted by law

If you have questions, please contact Support@spocket.co

We may need to share your personal information with the parties set out below, for the purposes outlined in paragraph 4 above.

Third Party Categories:

• Service Providers: These are companies that provide IT and system administration services.
• Social Networking Sites: If you have linked your account to a social media profile, we may share your data with these sites.
• Professional Advisers: Lawyers, bankers, auditors, and insurers based in Canada and the United States who provide consultancy, banking, legal, insurance, and accounting services.
• Regulators and Government Authorities: These may include authorities in Canada, the United States, and the EEA who require reporting of processing activities in certain circumstances.
• Business Transfers: Third parties to whom we may sell, transfer, or merge parts of our business or assets. If this happens, the new owners may use your personal information in the same way as described in this Privacy Policy.

We require all third parties to respect the security of your personal information and handle it according to the law. We do not allow third-party service providers to use your personal information for their own purposes and only permit them to process it for specified purposes in accordance with our instructions.

We share your personal information within our company and with third-party service providers, such as Amazon Web Services and other providers. This may involve transferring your information internationally. For example, if you are based in the European Union, your data may be transferred outside the European Economic Area (EEA).

Many of our external third-party service providers are also based outside the EEA. As a result, their processing of your personal information may involve a transfer of data outside the EEA.

If you are based in the European Union, whenever we transfer your personal information out of the EEA, we ensure that appropriate safeguards are in place to protect your data and ensure a similar level of protection.

Please contact us if you would like more information about the specific mechanisms we use when transferring your personal data outside the EEA.

How long will you use my personal information for?

We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal information, and whether those purposes can be achieved through other means, as well as the applicable legal requirements.

By law, we are required to keep basic information about our customers (including Contact, Identity, Financial, and Transaction Data) for six years after they cease being customers, for tax and other legally required purposes.

In some circumstances, you can ask us to delete your information. See the “Request erasure” section below for more information.

In certain cases, we may anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.