Privacy Policy

Last Updated: 01/04/2025

At Commerce Engine ("we," "us," "our," or "Commerce Engine"), trust is the foundation of our relationship with you. This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you access our platform, products, services, websites, and interact with us.
By using Commerce Engine, you agree to the practices described in this policy. If you do not agree, please do not use our services.

1. Who This Policy Applies To

This Privacy Policy applies to:

• Merchants: Businesses using Commerce Engine to manage or operate online stores.

• Customers: Individuals who shop at stores powered by Commerce Engine.

• Partners: Developers, affiliates, or service providers who build apps, themes, integrations, or stores for merchants.

• Users: Individuals using Commerce Engine apps, modules, or services.

• Visitors: Anyone visiting Commerce Engine’s websites, dashboards, or contacting our support teams.

2. Our Privacy Values

We are committed to your privacy, based on three core principles:

• Your Information Belongs to You: We collect only what is necessary, and retain it no longer than required.

• We Protect Your Information: We safeguard your data and refuse unauthorized third-party access unless legally required or expressly permitted by you.

• We Empower You: We provide the tools and transparency needed to control your information and meet privacy obligations.

3. Information We Collect

We collect and process the following categories of information:

a. Identifiers

• Full Name

• Email Address

• Mobile Number

• Mailing Address

• Company Name (for merchants)

• Government IDs (only when legally necessary)

b. Commercial Information

• Purchase History

• Shopping Cart Contents

• Subscription Details

• Billing and Payment Metadata (handled securely via third-party processors)

c. Device and Usage Data

• IP Address

• Browser Type and Settings

• Device Identifiers

• Time Zone and Geolocation (where enabled)

• Pages Visited, Click Paths, and Behavioral Data

d. Sensitive Data

• Financial Information (tokenized, no raw card numbers stored)

• Government-issued Identification Numbers (only for merchant verification)

• Biometric Data (only where required, with your explicit consent)

4. How We Use Your Information

We use your information for the following purposes:

• Platform Operations: Authenticate users, manage accounts, process transactions.

• Service Improvement: Analyze usage to enhance performance, design, and features.

• Marketing and Personalization: Provide tailored communications, with your consent.

• Security and Fraud Prevention: Detect, investigate, and prevent security breaches and fraud.

• Compliance and Legal Obligations: Fulfill legal, regulatory, and contractual requirements.

• Customer Support: Help respond to inquiries, issues, and service requests.

Machine Learning: We use machine learning models to improve our services. These processes are subject to human oversight and do not produce significant legal effects without human review.

5. Sharing Your Information

We may share your information in the following ways:

• Service Providers: Secure sharing with cloud storage providers (e.g., AWS), payment processors (e.g., Razorpay, Stripe), email/SMS vendors (e.g., SendGrid, Twilio), and analytics providers (e.g., Google Analytics).

• Partners and Integrations: With authorized partners such as app developers, affiliates, and platform integration partners (e.g., Meta, Google Ads) to enable service functionality.

• Legal and Regulatory Authorities: When required by applicable law, regulation, legal process, or governmental request.

• Corporate Transactions: In connection with mergers, sales, or acquisitions, with proper confidentiality safeguards.

Important:
We do not sell your personal information.

6. Data Retention

We retain your personal data only for as long as necessary for the purposes outlined in this policy or as required by applicable laws.

Data TypeRetention PeriodMerchant AccountsDuration of account + 90 days after account closureCustomer DataManaged according to Merchant instructions (merchant is controller)Analytics and Usage DataAnonymized after 12 monthsSystem LogsRetained for 180 days unless needed for security/legal cases

Data is securely deleted or anonymized after these periods.

7. Your Privacy Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you.

• Correct inaccurate or incomplete information.

• Delete your information ("Right to be Forgotten").

• Restrict or Object to certain processing activities.

• Port your data to another service.

• Withdraw Consent at any time for activities based on your consent.

To exercise your rights, please contact us through our Contact Us portal.

Note:
If you are a customer of a Commerce Engine-powered store, please contact the store's merchant directly, as they are the primary controller of your purchase and profile data.

8. International Data Transfers

We are based in India, but we may process data in other jurisdictions, including the United States and regions where our service providers are located.

We take steps to ensure that any transfer complies with applicable data protection laws, using mechanisms such as:

• Standard Contractual Clauses (SCCs)

• Data Processing Agreements (DPAs)

9. Data Security

We employ strong technical and organizational measures to protect your data, including:

• TLS/SSL encryption for data in transit

• Industry standard encryption for sensitive data

• Token-based authentication and role-based access control (RBAC)

• Multi-factor authentication (MFA) for merchant accounts

• Regular penetration testing and security audits

• Limited employee access to personal data on a need-to-know basis

While we work diligently to protect your data, no security system is entirely impenetrable. We encourage you to use strong passwords and protect your credentials.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Keep you logged in

• Save your preferences

• Analyze usage patterns

• Facilitate advertising and retargeting (Meta Pixel, Google Ads, etc.)

You can opt-out of optional cookies through your browser settings.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time.
If we make material changes, we will notify you by email (if you have an account) or through a prominent notice on our websites before changes take effect.
Your continued use of Commerce Engine after any update constitutes your acceptance of the new terms.

12. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us at:

Tark AI Private Limited
info@tarkai.com
Online Portal: Contact Us