Privacy Policy

1. Introduction

Pixellab LLC, doing business as MerchantOps ("MerchantOps," "we," "us," or "our") operates the MerchantOps platform and related services. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our website, applications, and services (collectively, the "Service").

By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use the Service.

For information about how we process data on behalf of our business customers, please see our Data Processing Agreement.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide, including:

• Account Information: Name, email address, password, company name, job title, and phone number when you create an account
• Billing Information: Payment method details, billing address, and tax identification numbers (processed through our payment provider, Stripe)
• Client Data: Product data, catalog information, and other content you upload to the Service
• Communications: Information in emails, support tickets, chat messages, and other communications with us
• Survey Responses: Information you provide when responding to surveys or feedback requests

2.2 Information Collected Automatically

When you use the Service, we automatically collect:

• Usage Data: Features used, actions taken, time spent, and interaction patterns within the Service
• Device Information: Device type, operating system, browser type and version, and unique device identifiers
• Log Data: IP address, access times, pages viewed, and referring URLs
• Location Data: General geographic location based on IP address (country and region level)

2.3 Information from Third Parties

We may receive information from:

• Authentication Providers: If you sign in using Google, GitHub, or other identity providers, we receive your name and email address
• Integrations: Data from ecommerce platforms, PIMs, and other services you connect to MerchantOps
• Business Partners: Information from partners who refer you to our Service

3. How We Use Information

We use the information we collect to:

3.1 Provide and Operate the Service

• Create and manage your account
• Process and enrich your product data
• Enable integrations with third-party services
• Process payments and manage subscriptions
• Provide customer support

3.2 Improve and Develop the Service

• Analyze usage patterns to improve features and user experience
• Develop new products and services
• Conduct research and analytics
• Test and troubleshoot new features

3.3 Communicate with You

• Send service-related notices and updates
• Respond to your inquiries and support requests
• Send marketing communications (with your consent)
• Request feedback and conduct surveys

3.4 Ensure Security and Compliance

• Detect and prevent fraud, abuse, and security incidents
• Enforce our Terms of Service
• Comply with legal obligations
• Protect the rights and safety of users and third parties

4. Information Sharing

We do not sell your personal information. We may share information in the following circumstances:

4.1 Service Providers

We share information with third-party vendors who perform services on our behalf, including:

• Cloud Infrastructure: Amazon Web Services, Google Cloud Platform
• Payment Processing: Stripe
• Analytics: PostHog, Google Analytics
• Customer Support: Help desk and communication tools
• Email Services: Transactional and marketing email providers

These providers are contractually obligated to use your information only to provide services to us and to maintain appropriate security measures. For a complete list of our sub-processors, see Annex C of our Data Processing Agreement.

4.2 Business Transfers

If MerchantOps is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

4.3 Legal Requirements

We may disclose information when required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 With Your Consent

We may share information with third parties when you have given us explicit consent to do so.

5. Data Retention

We retain your information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Specifically:

• Account Information: Retained while your account is active and for a reasonable period thereafter
• Client Data: Deleted within 30 days of account termination, except as required for legal compliance or retained in routine backups
• Usage Data: Retained in aggregated, anonymized form for analytics purposes
• Communications: Retained as long as necessary to provide support and for legal compliance

6. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Access controls and authentication requirements
• Regular security assessments and penetration testing
• Employee training on data protection practices
• Incident response procedures

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights and Choices

7.1 Access and Portability

You can access your account information and Client Data through the Service. You may export your data at any time using the export features provided.

7.2 Correction

You can update or correct your account information through your account settings or by contacting us.

7.3 Deletion

You can request deletion of your account and associated data by contacting us at [email protected]. We will process your request within 30 days, subject to any legal retention requirements.

7.4 Marketing Communications

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email or by updating your communication preferences in your account settings. Note that you may still receive transactional and service-related communications.

7.5 Cookies and Tracking

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

8. U.S. State Privacy Rights

If you are a resident of California, Virginia, Colorado, Connecticut, or other states with comprehensive privacy laws, you may have additional rights, including:

• Right to know what personal information we collect and how we use it
• Right to request deletion of your personal information
• Right to opt out of the sale or sharing of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at [email protected].

9. Canadian Privacy Rights

If you are a Canadian resident, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws, including:

• Right to access your personal information
• Right to request correction of inaccurate information
• Right to withdraw consent (subject to legal or contractual restrictions)
• Right to complain to the Privacy Commissioner of Canada

To exercise these rights, contact us at [email protected].

10. Cookies and Similar Technologies

We use cookies and similar technologies to:

• Essential Cookies: Enable core functionality and security features
• Analytics Cookies: Understand how users interact with the Service
• Preference Cookies: Remember your settings and preferences

You can manage cookie preferences through your browser settings. For more information about the cookies we use, please contact us.

11. Third-Party Links

The Service may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

12. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: