webinar Spiral image Growave
Join our Exclusive Webinar. Discover the latest trends from our panel of top industry experts!
Register now

Privacy Notice
Growave App

Last updated: December 27, 2022

Intro

LLC “Growave” (“Growave” or “we”) welcomes you. We provide you with Growave App at Shopify app store available following the link https://apps.shopify.com/growave (”App”).

The Privacy Notice (“Privacy Notice”) describes how data subjects’ personal data is collected, stored, and used and what happens when you use the App.

We process personal data of store owners and their representatives who use the functionality of our App, as well as their customers.

Roles in the processing

Growave is the controller of the Store Owners' data.

Growave is the processor of the Customers' data, acting on the behalf of the Store Owners, which are the controller of the Customers' data.

Sources of data

We receive data when you interact with our App and use its functionality, depending on your actions and chosen settings of the App.

We may also (although we do not necessarily do so) receive data from third parties. It depends on your settings and the features you use.

Lawful basis for processing

To process data subjects’ personal data, we rely on the following lawful basis

  • performance of the contract — for the processing of personal data necessary for the negotiating on, conclusion, and performance of a contract with data subjects;
  • legitimate interest — for the processing necessary for the development of our services and reasonable for data subjects;
  • consent — for additional processing for specific purposes.

Data received from third parties

We may receive some personal data from third parties.

The amount of data collected, the purposes, and the legal basis for processing is determined by the respective privacy documents of these parties:

We use personal data on the basis of the performance of the contract to provide services.

We share data subjects’ data with the service providers and contractors in the scope we need to provide services and technical and customer support, who, for example, help us:

  • operate, develop, and improve the features and functionality of our App;
  • provide you with their services;
  • complete your’ payment transactions;
  • fulfil your support requests;
  • communicate with you as described elsewhere in this Privacy Notice.

Also, we can share data subjects’ data on the following grounds: consent, compliance with the law, and legitimate interest.

Details

We share data subjects’ data on the following grounds:

1. Performance of a contract.

We may transfer data subjects’ data to our contractors and partners for contractual purposes.

2. Consent.

We may transfer data subjects’ personal data based on your explicit consent.

3. Compliance with the law.

We may disclose data subjects’ personal data to third parties to the extent that it is necessary:

  • to comply with a government request, court order, or applicable law;
  • to prevent unlawful use of our App or policies;
  • to protect against claims of third parties;
  • to help prevent or investigate fraud.

4. Transfer to third parties.

We may transfer data subjects’ personal data to third parties based on a data processing agreement, subject to the application of technical and organisational measures to protect data subjects’ personal data. We may share data with certain companies, consultants and contractors hired to provide certain services on our behalf.

Data transfer outside the European Economic Area

The personal data we collect is stored on servers in the Amazon Web Services (AWS). The data is stored in the USA by default, but we may need to process the data subjects’ personal data in another country. We also share some data with our service providers in the Kyrgyz Republic.

There is no adequate decision by the European Commission regarding neither the USA nor the Kyrgyz Republic. This means that the USA and the Kyrgyz Republic are not deemed to provide an adequate level of protection for data subjects’ personal data. We use adopted Standard Contractual Clauses based on legislation assessments for data protection during transfer and storage.

You can read more detailed measures to protect data subjects’ personal data here and in our Data Transfer Agreement.

However, if a data transfer is required to perform a contract or provide services to you we have the right to do so without your consent.

We apply a variety of security measures appropriate to the risks.

The Customers shall exercise their privacy rights through the communication with the controller of their data, which is the corresponding Store Owner.

Store Owners, as the data subjects, have the following rights:

European Economic Area and United Kingdom residents

You, as a data subject, have the right to interact with your data directly or through a request to us. This section describes these rights and how you can exercise them:

United States residents

You, as data subjects, have some special privacy rights. To use them, please contact us.

If your complaint was not satisfied, you can file a complaint with the Federal Trade Commission.

Your rights vary depending on the laws that apply to you, but may include:

Do-not-track requests

California residents, as data subjects, using our App may request that we do not automatically gather and track information pertaining to data subject online browsing movements across the Internet.

Such requests are typically made through web browser settings that control signals or other mechanisms that allow consumers to exercise choice regarding collecting personal data about an individual consumer's online activities over time and across third-party websites or online services.

We currently do not have the ability to honour these requests. We may modify this Privacy Notice as our abilities change.

Canada residents

You, as data subjects, have privacy rights prescribed by Canada federal and provincial privacy laws.

If you want to get additional information, please contact us by filling a request.

If your complaint was not satisfied, you can file a complaint to the Office of the Privacy Commissioner of Canada.

The Privacy Notice and the relationships falling under its effect are regulated by General Data Protection Regulation for EU citizens, General Data Protection Regulation United Kingdom for UK citizens, Canadian and provincial laws for Canada citizens and United States laws for US citizens.

Existing laws and requirements for processing personal data are subject to change. In this case, we will publish a new version of the Privacy Notice in the App.

If significant material changes are made to our App that may affect your privacy and confidentiality, we will notify you by displaying information in the App and ask for your consent if necessary.