Privacy Policy

ConversionPath (“we”, “us”) is a marketing attribution and abandoned cart recovery service for Shopify merchants. This policy explains what data we collect, why, how we use it, and your rights.

From merchants (our direct customers): name, email, hashed password or OAuth identifier, workspace settings, Stripe customer and subscription IDs, and integration credentials (API keys for Klaviyo, OAuth tokens for Meta and Google) which we encrypt at rest.

From merchant stores (via Shopify): shop domain, orders, customers (name, email, phone if you grant access), products, checkout events, and web-pixel events (page views, cart activity, checkout progress).

From connected advertising platforms: campaign metadata, ad spend, click and impression data when you connect Meta Ads or Google Ads.

From visitors to merchant stores:our tracking pixel records page views, referrers, UTM parameters, and a first-party visitor ID in order to attribute conversions to marketing channels. The pixel runs in Shopify's Web Pixel sandbox under the merchant's privacy settings.

• Provide attribution analytics and reporting inside the merchant dashboard.
• Recover abandoned carts by forwarding checkout events to the merchant's connected Klaviyo account.
• Sync order and conversion data to Meta and Google via Conversions API / Enhanced Conversions so the merchant's ad reporting reflects true performance.
• Operate, secure, and improve the service.
• Bill merchants via Stripe and comply with legal obligations.

We do not sell personal data. We do not use merchant-customer data for our own marketing.

We share data only with the service providers we use to run the product, and only as needed:

• Railway — application hosting and managed Postgres database.
• Stripe — payment processing for merchant subscriptions.
• Klaviyo — only when the merchant explicitly connects their Klaviyo account; we push abandoned checkout events using the merchant's own API key.
• Meta, Google — only when the merchant connects these integrations; we send conversion events via their Conversions APIs.
• Anthropic — for the in-product AI auditor feature; merchant-identifying data is not sent.

• Abandoned cart records: 90 days from capture, then deleted.
• Order, pixel, and attribution data: for the lifetime of the merchant's subscription, plus 30 days after cancellation, after which it is deleted on request or on our regular cleanup cycle.
• Billing records: retained for 7 years to meet tax and accounting obligations.
• Logs containing personal data: 30 days.

If you are a merchant customer or an end customer of a merchant, you have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. End customers should first contact the merchant whose store they shopped at, since the merchant is the data controller for their customer data. You may also contact us directly at hello@conversionpath.app.

Data is encrypted in transit (TLS) and at rest. Integration credentials and tokens are encrypted with a per-record key before being written to the database. Access to production is restricted, logged, and reviewed. We run automated database backups, which are also encrypted.

Our infrastructure runs in the United States. By using ConversionPath you acknowledge that your data may be processed in the US and other countries where our sub-processors operate.

ConversionPath is a business-to-business service and is not directed at children under 16. We do not knowingly collect personal data from children.

If we make material changes we will notify merchants by email and update the effective date above. Continued use of the service after a change constitutes acceptance of the new policy.

Questions or data requests: hello@conversionpath.app.