Privacy Policy
This Privacy Policy describes how NumiSync ("the Site", "we", "us", or "our") collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from https://numisync.app or otherwise communicate with us (collectively, the "Services").
Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will post the revised Privacy Policy on the Site and update the "Last updated" date.
What Personal Information We Collect
Information You Provide Directly
- Account credentials (email address, password)
- Dealer profile information (shop name, address, phone, email, website, tax ID)
- Business data you enter into the platform, including inventory records, order records, and contact records
- Customer support communications
Information Collected Automatically
We collect usage data including device information, browser information, IP address, and interaction data through cookies and similar technologies.
Information from Third-Party Channel Integrations
When you connect a third-party sales channel (such as Shopify or eBay) to NumiSync, we receive data from that platform solely to provide the inventory and order management features you have requested. Specifically:
- Shopify order data — when you authorize NumiSync to receive Shopify order webhooks, we receive customer name, shipping address, and order line items. This data is used exclusively to decrement your inventory and create a corresponding sales order record in NumiSync. It is not used for marketing, profiling, or any other purpose.
- We collect and process the minimum personal data necessary to perform this function.
- We do not sell, share, or disclose this data to unaffiliated third parties.
How We Use Your Personal Information
- Providing the Services — to operate your account, process orders, and enable core platform functionality
- Channel Integrations — to sync inventory and orders between NumiSync and connected sales channels, solely as directed by you
- Security and Fraud Prevention — to detect and prevent unauthorized access or malicious activity
- Customer Support — to respond to your inquiries and improve our Services
- Legal Compliance — to comply with applicable legal obligations
Data Retention and Deletion
Account data is retained for as long as your account is active. Upon account cancellation or closure, all personal data associated with your account — including inventory records, order records, contact records, and any channel integration data — will be permanently deleted from our systems within 30 days.
You may request deletion of your data at any time by contacting us at ethan@numisync.app. We will process deletion requests within 30 days.
Certain data may be retained longer where required by applicable law or for legitimate business purposes such as resolving disputes or enforcing our agreements.
Data Security
We take reasonable measures to protect your personal information:
- All data is encrypted in transit using HTTPS/TLS
- Data at rest is encrypted by our database provider (Supabase)
- Automated encrypted backups are maintained by our infrastructure provider
- Access to personal data is limited to authorized personnel only
While we implement these safeguards, no security measures are perfect or impenetrable. In the event of a data breach affecting your personal information, we will notify affected merchants within 72 hours of becoming aware of the incident.
Cookies
We use cookies to power and improve our Services, remember your preferences, and run analytics. Most browsers accept cookies by default. You may disable cookies through your browser settings, though this may affect functionality.
How We Disclose Personal Information
We may disclose your personal information to:
- Service providers who assist in operating our platform (database hosting, infrastructure, payment processing)
- Third-party sales channels you have authorized us to connect with
- Law enforcement or regulatory bodies when required by applicable law
- Successors in the event of a merger, acquisition, or business transfer
We do not sell your personal information to third parties.
Third Party Websites
Our Site may link to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.
Children's Data
Our Services are not intended for children. We do not knowingly collect personal information from individuals under 18 years of age.
Your Rights and Choices
Depending on your location, you may have the right to:
- Access — request a copy of the personal information we hold about you
- Correction — request correction of inaccurate personal information
- Deletion — request deletion of your personal information
- Portability — receive your data in a portable format
- Restriction — request that we limit processing of your information
- Withdrawal of Consent — withdraw consent where processing is based on consent
- Opt-out of marketing — unsubscribe from promotional communications at any time
To exercise any of these rights, contact us at ethan@numisync.app. We will respond within 30 days and will not discriminate against you for exercising your rights.
Data Processing Agreement
When NumiSync processes personal data on behalf of merchants in connection with third-party channel integrations (such as Shopify order data), NumiSync acts as a data processor and the merchant acts as the data controller. Our obligations as data processor are set out in our Terms of Service, which includes a Data Processing Agreement governing how we handle such data in compliance with applicable privacy law including GDPR.