Last updated on: August 13, 2021
Aheadworks Inc. (hereinafter - “we”, “us”, “Langshop”) is the American company that provides the Langshop App (hereinafter “App”) https://apps.shopify.com/langshop to Customers through a https://www.shopify.com/ Software as a Service (SaaS) model or through the website located at https://langshop.app/, together (the “Platform”).
Also our App/Platform does not sell your personal information to third parties. A “sale” of Personal Information under the CCPA is defined broadly to include the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means” the Personal Information of a Consumer to another business or third party “for monetary or other valuable consideration.” If we decide to sell our App/Platform (our business), we will inform you about this, so you can forbid us to transfer your personal data together with our business. If so, we will delete your data from the databases prior to a business transfer.
For the purposes of this policy, we define the term “Customer” as a person which have concluded the installation of LangShop App through shopify.com, the term “End User” as any individual who interacts directly with Customer without interacting directly with us and the term “Visitor” as an individual who visits our App/Platform (https://langshop.app/) and fills our contact form.
We adhere to the following principles in order to protect your privacy:
principle of purposefulness - we process personal data fairly and in a transparent manner only for the achievement of determined and lawful objectives, and they shall not be processed in a manner not conforming to the objectives of data processing;
principle of minimalism - we collect personal data only to the extent necessary for the achievement of determined purposes and do not keep personal data if it is no longer needed;
principle of restricted use - we use personal data for other purposes only with the consent of the data subject or with the permission of a competent authority;
principle of data quality - we update personal data shall be up-to-date, complete and necessary for the achievement of the purpose of data processing;
principle of security - security measures shall be applied in order to protect personal data from unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures;
principle of individual participation - the persons shall be notified of data collected concerning him or her, the persons shall be granted access to the data concerning him or her and the persons have the right to demand the correction of inaccurate or misleading data.
1. Data we collect
1.1. Platform Visitors
1.1.1. We may collect, record and analyze information of Visitors of our App/Platform. We use Google Analytics and Facebook Pixel for the purpose of analytics. Information collected by this way is stored no longer than 1 year.
1.1.2. We collect data through visits to the App/Platform including count of Visitors and visits, length of time spent on the App/Platform, pages clicked on or from where Visitors have come.
1.1.3. We collect names, e-mail addresses and the store names only in a case when Visitors want to contact us and fill our contact form.
1.1.4. We use the collected data only to communicate with Visitors. If You do not want us to collect your data, please do not use our contact form and do not give your consent for it.
1.1.5. While processing Personal Data of our Visitors, we rely on your consent to the processing of your Personal Data for the purpose to communicate with you. When we share such information with our contractors (which may be located outside of the European Economic Area) in order to provide a requested answer or solution promptly and correctly, we also rely on your consent. We use such data in ways you would reasonably expect and which have a minimal privacy impact. You can withdraw your consents at any time by sending us one more email with your withdrawal and your Personal Data will be deleted in 72 hours.
1.1.6. Please be aware while visiting our App/Platform. Visitors can follow links to other Platforms that are beyond our sphere of influence. We are not responsible for the content or privacy policies of these other Platforms.
1.2. Platform Customers
1.2.1. In order to provide services to our Customers we collect its personally identifiable information such as email address and name.
1.2.2. After finishing the installation of our App/Platform, Shopify provides us with Customers information such as:
184.108.40.206. Store`s name
220.127.116.11. The main Store`s code
18.104.22.168. Store`s currency code
22.214.171.124. Store`s language code
126.96.36.199. Time zone difference to Greenwich Mean Time (GMT);
188.8.131.52.and other relevant data. This information is used by us to identify the Customers and provide them with services, mailings, notification, support and marketing actions, and to meet other contractual obligations.
1.3. Сompliance with General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) and Brazil's General Data Protection Law (Lgpd (Lei Geral De Proteção De Dados))
1.3.1. For Visitors and Customers located in the European Economic Area (EEA) privacy rights are granted and all processing of Personal Data is performed in accordance with regulations and rules following the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR).
1.3.2. For Visitors and Customers located in California all processing of Personal Data is performed in accordance with regulations and rules following the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq. (“CCPA”)
1.3.3. For Visitors and Customers located in Brazilia, all processing of Personal Data is performed in accordance with regulations and rules following the Lei Geral de Proteção de Dados (“LGPD”).
1.3.4. We process Personal Data both as a Processor and as a Controller, as defined in the GDPR:
Aheadworks Inc. with whom you as a Customer has entered into an agreement when installing the App/Platform will be the Processor for Customer data.
Also Aheadworks Inc. will be the Controller for Visitor data, as outlined above in the “Visitor” section.
2. Data access, data correction, data deletion, data portability and withdrawal of the consent
2.1. Visitors and Customers can review, correct, update, delete or transfer their personally identifiable information. For that, contact us directly at https://help.langshop.app/hc/en-us. We will acknowledge your request within seventy-two (72) hours and handle it promptly and as required by law.
2.1.1. Right to access. Any Visitors and Customers may contact us to get confirmation as to whether or not we are processing Customer’s/Visitor’s personal data. Where we do process Customer’s/Visitor’s personal data, we will inform Customer/Visitor of what categories of personal data we process regarding him/her, the processing purposes, the categories of recipients to whom personal data have been or will be disclosed and the envisaged storage period or criteria to determine that period.
2.1.2. Right to withdraw consent. In case our processing is based on a consent granted by the Customer/Visitor, the Customer/Visitor may withdraw the consent at any time by contacting us or by using the functionalities of our Services. You can withdraw your consents at any time by replying to the email with your withdrawal and your Personal Data will be deleted in 48 hours. Withdrawing a consent may lead to fewer possibilities to use our Services.
2.1.3. Right to object. In case our processing is based on our legitimate interest to run, maintain and develop our business, any Customer/Visitor has the right to object at any time to our processing. We shall then no longer process Customer’s/Visitor’s personal data unless for the provision of our Services or if we demonstrate other compelling legitimate grounds for our processing that override Customer’s/Visitor’s interests, rights and freedoms or for legal claims. Notwithstanding any consent granted beforehand for direct marketing purposes, any Customer/Visitor has the right to prohibit us from using his/her personal data for direct marketing purposes, by contacting us or by using the functionalities of the Services or unsubscribe possibilities in connection with our direct marketing messages.
2.1.4. Right to restriction of processing. Any Customer/Visitor has the right to obtain from us restriction of processing of Customer’s/Visitor’s personal data, as foreseen by applicable data protection law, e.g. to allow our verification of accuracy of personal data after Customer’s/Visitor’s contesting of accuracy or to prevent us from erasing personal data when personal data are no longer necessary for the purposes but still required for Customer’s/Visitor’s legal claims or when our processing is unlawful. Restriction of processing may lead to fewer possibilities to use our Services.
2.1.5. Right to data portability. Any Customer/Visitor has the right to receive Customer’s/Visitor’s personal data from us in a structured, commonly used and machine-readable format and to independently transmit those data to a third party, in case our processing is based on Customer’s/Visitor’s consent and carried out by automated means.
2.1.6. How to use these rights. To exercise any of the above mentioned rights, Customer/Visitor should primarily use the functions offered by our Services. If such functions are however not sufficient for exercising such rights, Customer shall send us a letter or email to the address set out below under Contact, including the following information: name, address, phone number, email address and a copy of a valid proof of identity. We may request additional information necessary to confirm the Customer's identity. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded.
2.2.If you are from California and dissatisfied with how we have used your personal information, you can complain to the Information Commissioner’s Office at [email protected] . Also You have the right to lodge a complaint with a supervisory authority if you think that we violate your rights. You could contact The California Department of Justice (Department) via their Website (https://www.oag.ca.gov/privacy/caloppa/complaint-form/privacy-notice).
2.3.If you are from Brazil, you can also file a complaint with Brazil’s National Data Protection Authority (ANPD) through its official channels.
3. Data Retention
3.1. We will retain Personal Data for as long as you, as Customer, use our App/Platform or as you, as Visitor, continue to communicate with our support team. Your information will be deleted if you did not communicate with the support team for more than 12 months.
3.2. When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.
3.3. For tax purposes the law requires us to keep basic information about our Customers (including contact, identity, financial and transaction data) for 12 months after they stop being our Customers.
3.4. In some circumstances we may anonymise Personal Data for research or statistical purposes in which case we may use this information indefinitely without further notice to our Customers or Visitors.
3.5. Any data collected for the purpose of analytics will be deleted in 12 months after being collected.
4. Information Security
4.1. We care to ensure the security of personal data. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain technical, physical, and administrative security measures to provide reasonable protection for your Personal Data. When we or our contractors process Your information, we also make sure that your information is protected from unauthorized access, loss, manipulation, falsification, destruction or unauthorized disclosure. This is done through appropriate administrative, technical and physical measures.
4.2. We always use pseudonymisation as a method of securing the Personal Data we process as the Processor.
4.3. There is no 100% secure method of transmission over the Internet or method of electronic storage. Therefore, we cannot guarantee its absolute security.
4.4. We never process any kind of sensitive data and criminal offence data not as a Controller nor as a Processor. Also we never undertake profiling of personal data.
5. Service Providers
5.1. We may employ third party companies and individuals to facilitate our Service (‘Service Providers’), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our App/Platform is used.
5.2. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
5.3. All data transfers are performed in accordance with the highest security regulations. Transfer of Personal Data to countries outside of the European Economic Area may be possible only in the case, when we have obtained your consent for it.
5.4. All data processed by us is stored exclusively in secure hosting facilities provided by Hetzner GmbH (https://www.hetzner.com) and located in Finland and Germany. Hetzner's infrastructure is secured through a defense-in-depth layered approach.
5.7. We use Fullstory (https://www.fullstory.com/) for tracking issues in the App/Platform. FullStory proactively surfaces top opportunities for optimization, allowing us to understand issues, prioritize fixes, remediate bugs, and measure the impact of changes on our App/Platform.
5.8. We use Zendesk (https://www.zendesk.com/) for prompt and efficient communication with our Customers. Zendesk is a service CRM company that builds software designed to improve customer relationships.
5.9. We use Segment (https://segment.com/), provided by Segment.io, Inc. to collect, unify and connect our customer data.
5.10. Shopify Inc. provides us with the online e-commerce platform that allows us to sell our Services to you. Your personal information is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
5.11. If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card information. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction information is stored only as long as is necessary to complete your transaction. After that is completed, your purchase transaction information is automatically deleted.
5.13. For a complete list of contractors - contact us.
6. Permitted disclosure
6.1 We may have to share your Personal Data with the parties set out below:
6.1.1 Service Providers who provide IT and system administration services.
6.1.2 Professional advisers including lawyers, bankers, auditors and insurers.
6.1.3 Government bodies that require us to report processing activities.
6.1.4 Third parties to whom we transfer or merge parts of our business or our assets.
6.2 We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
8. Acceptance of these Conditions
10. Contact us!
10.1 If you have any questions related to the practices of this App/Platform, or your dealings with this App/Platform, please contact us at:
3111 N UNIVERSITY DRIVE Suite 604
CORAL SPRING FL 33065