Customerch
Features How It Works Pricing FAQ
Start Free Trial

Privacy Policy

Effective Date: January 29, 2025

Last Updated: January 29, 2025

1. Introduction

Welcome to Customerch.

Best App ("us", "we", "our", or "Customerch") operates the Customerch application and website at https://customerch.app (hereinafter referred to as "Service").

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. It also describes how we handle personal data of your end-customers when you use Customerch to provide product personalization features.

By using our Service, you acknowledge and agree to the practices described in this Privacy Policy. Where required by applicable law (such as GDPR), we will seek your explicit consent separately.

Contact Information:
Email: contact@customerch.app
Address: Best App, Palacowa 125, 08-110 Stok Lacki, Poland

2. Definitions

  • Service – the Customerch application, website, and related services operated by Best App.
  • Personal Data – any information relating to an identified or identifiable natural person.
  • Usage Data – data collected automatically through the use of the Service (e.g., page views, session duration).
  • Cookies – small files stored on your device that help us improve your experience.
  • Data Controller – the entity that determines the purposes and means of processing personal data.
  • Data Processor – the entity that processes personal data on behalf of the Data Controller.
  • Merchant/User – a business or individual who uses Customerch to offer product personalization to their customers.
  • End-Customer – a customer of the Merchant who uses personalization features on the Merchant's store.
  • Sub-processor – a third-party service provider engaged by Customerch to process personal data.
  • GDPR – the General Data Protection Regulation (EU) 2016/679.
  • CCPA – the California Consumer Privacy Act.
  • CalOPPA – the California Online Privacy Protection Act.

3. Our Role: Data Controller vs. Data Processor

3.1 When We Act as Data Controller

We act as a Data Controller when we collect and process personal data for our own purposes, including:

  • Managing your Customerch account
  • Communicating with you about our Service
  • Billing and payments
  • Marketing (with your consent)
  • Analytics to improve our Service

3.2 When We Act as Data Processor

We act as a Data Processor when Merchants use Customerch to process personal data of their end-customers. In this role:

  • The Merchant is the Data Controller
  • We process end-customer data only according to Merchant instructions
  • We do not use end-customer data for our own purposes
  • We do not sell, share, or disclose end-customer data to third parties for independent use

Our obligations as a Data Processor are governed by our Data Processing Agreement (DPA), available upon request at contact@customerch.app.

4. Information We Collect

4.1 Information You Provide to Us

When you register for or use our Service, we may collect:

  • Account Information – name, email address, company name
  • Store Information – Shopify store URL, configuration settings
  • Payment Information – billing details (note: payment card data is processed securely by Shopify and is never stored by Customerch)
  • Communications – messages you send to our support team, feedback

4.2 Information Collected Automatically

When you use our Service, we automatically collect:

  • Usage Data – pages visited, features used, clicks, navigation patterns
  • Device Information – device type, operating system, browser type and version
  • Technical Data – IP address, time zone, language settings
  • Cookies and Similar Technologies – see Section 11 for details

4.3 End-Customer Information (Processed on Behalf of Merchants)

When Merchants use Customerch, we may process the following end-customer data solely to provide the Service:

  • Identification Details – end-customer name, email (if provided)
  • Order Information – products purchased, order details
  • Personalization Inputs – custom text, uploaded images, design choices, dates, locations (for features like star maps, street maps, moon phases)

This data is processed exclusively to:

  • Enable product personalization
  • Generate production-ready files
  • Facilitate order fulfillment through POD providers

We never use end-customer data for marketing, advertising, or any purpose unrelated to providing the Service to the Merchant.

5. How We Use Your Information

5.1 As Data Controller (Merchant Data)

We use your personal information to:

  • Provide and Maintain the Service – account management, feature access, troubleshooting
  • Communicate with You – support responses, service updates, important notices
  • Process Payments – billing, invoicing (via Shopify)
  • Improve Our Service – analytics, performance monitoring, feature development
  • Marketing – newsletters, product updates (only with your consent; you can opt out anytime)
  • Legal Compliance – comply with applicable laws, regulations, and legal requests
  • Security – fraud prevention, abuse detection, protecting our users and Service

5.2 As Data Processor (End-Customer Data)

We process end-customer data exclusively to:

  • Enable Personalization – render custom designs based on end-customer inputs
  • Generate Production Files – create print-ready files (PNG, PDF, SVG, etc.)
  • Facilitate Fulfillment – transmit necessary data to POD providers selected by the Merchant
  • Provide Support – assist Merchants with order-related issues

We do NOT:

  • Use end-customer data for Customerch's own marketing or advertising
  • Sell or share end-customer data with third parties for their independent use
  • Aggregate end-customer data for purposes unrelated to the Merchant's use of the Service

6. Data Sharing and Third Parties

We do not sell your personal information. We share data only as described below:

6.1 Sub-processors

We use the following third-party service providers to operate our Service:

Sub-processor Purpose Location
OVH / Dedicated Server Hosting & Infrastructure France (EU)
Shopify Platform Integration, Payments Canada/USA
Printful POD Fulfillment (when selected by Merchant) USA/EU
Google Analytics Website Analytics USA
Meta (Facebook Pixel) Analytics & Remarketing USA

We ensure appropriate contractual safeguards (including Standard Contractual Clauses where required) are in place with all sub-processors.

We will notify Merchants of any material changes to our sub-processor list.

6.2 POD Providers

When Merchants use our fulfillment features, we transmit order and personalization data to the POD provider selected by the Merchant (e.g., Printful). This transfer is necessary to fulfill the order and is performed under the Merchant's instruction.

6.3 Legal Requirements

We may disclose personal information if required by law, court order, or government request, or to protect the rights, property, or safety of Customerch, our users, or others.

6.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal information may be transferred to the acquiring entity, subject to the same privacy protections.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this Privacy Policy.

7.1 Merchant Data

  • Account Information – retained while your account is active and for up to 2 years after account deletion for legal and administrative purposes
  • Billing Records – retained as required by tax and accounting laws (typically 5-7 years)

7.2 End-Customer Data

  • Uploaded Files (images, photos) – automatically and permanently deleted after 90 days from upload, unless earlier deletion is requested by the Merchant
  • Order and Personalization Data – retained for up to 12 months from order creation to support fulfillment, returns, and customer service, unless earlier deletion is requested by the Merchant

Upon termination of your Customerch account, or upon your documented request, we will delete or return end-customer data, subject to any legal obligations requiring longer retention.

8. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encryption – data transmitted via TLS/SSL encryption
  • Secure Hosting – dedicated servers located in France (EU) with physical and network security controls
  • Access Controls – restricted access to personal data on a need-to-know basis
  • Regular Updates – security patches and software updates applied promptly

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but commit to promptly addressing any security incidents.

9. International Data Transfers

Our servers are located in France (European Union).

For transfers of personal data outside the EU/EEA (e.g., to sub-processors in the USA), we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy Decisions where applicable
  • Other valid transfer mechanisms under GDPR

By using our Service, you acknowledge that your data may be transferred to and processed in countries outside your country of residence.

10. Your Rights

10.1 Rights Under GDPR (EU/EEA/UK Residents)

If you are located in the European Union, European Economic Area, or United Kingdom, you have the following rights:

  • Right of Access – request a copy of your personal data
  • Right to Rectification – request correction of inaccurate data
  • Right to Erasure – request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing – request limitation of how we use your data
  • Right to Data Portability – receive your data in a portable format
  • Right to Object – object to processing based on legitimate interests or for marketing
  • Right to Withdraw Consent – withdraw consent at any time (where processing is based on consent)
  • Right to Lodge a Complaint – file a complaint with your local data protection authority

To exercise these rights, contact us at contact@customerch.app.

For End-Customers: If you are an end-customer who used personalization features on a Merchant's store, please contact the Merchant directly to exercise your rights. The Merchant is the Data Controller for your data. We will assist Merchants in responding to such requests.

10.2 Rights Under CCPA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

  • Right to Know – request information about the categories and specific pieces of personal information we collect, use, and disclose
  • Right to Delete – request deletion of your personal information
  • Right to Opt-Out – opt out of the "sale" of personal information (note: we do not sell personal information)
  • Right to Non-Discrimination – we will not discriminate against you for exercising your rights

To exercise these rights, contact us at contact@customerch.app.

10.3 CalOPPA Compliance

In accordance with the California Online Privacy Protection Act, we:

  • Allow users to visit our site anonymously
  • Include a link to this Privacy Policy on our homepage
  • Notify users of any Privacy Policy changes on this page
  • Allow users to change their personal information by logging into their account or contacting us

Do Not Track Signals: Our Service does not currently respond to "Do Not Track" browser signals.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and deliver relevant advertising.

11.1 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Required for Service functionality Session
Analytics (Google Analytics) Understand how users interact with our Service Up to 2 years
Marketing (Facebook Pixel) Measure ad effectiveness, remarketing Up to 2 years

11.2 Your Cookie Choices

You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.

Opt-out Links:

12. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting the updated Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification (for material changes)

We encourage you to review this Privacy Policy periodically.

14. Data Processing Agreement (DPA)

For Merchants who require a Data Processing Agreement to comply with GDPR or other data protection laws, please contact us at contact@customerch.app to request a signed DPA.

15. Contact Us

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:

Best App (Customerch)
Palacowa 125
08-110 Stok Lacki
Poland

Email: contact@customerch.app

This Privacy Policy is provided in English. In case of any discrepancy between translated versions, the English version shall prevail.