Privacy Policy

Last updated: April 13, 2026

This Privacy Policy explains how we collect, use, disclose, and protect information in connection with the Hysight app (the "App") made available through the Shopify App Store. When you install or use the App, you agree to the collection and use of information in accordance with this Privacy Policy.

This document is intended to help you meet Shopify App Store requirements and general privacy regulations (such as GDPR and CPRA), but it does not constitute legal advice. You are responsible for reviewing and customizing it with your legal counsel.

1. Who we are

The App is provided by Marq LLC, a Delaware limited liability company ("we", "us", or "our").

  • App name: Hysight
  • Operator: Marq LLC
  • Registered address: 16192 Coastal Highway, Lewes, DE 19958, United States
  • Platform: Shopify App Store
  • Contact: the support email listed on our Shopify App Store listing and inside the App

2. Scope of this Privacy Policy

This Privacy Policy applies to:

  • Merchants who install or use the App on their Shopify store
  • Individuals who use the App on behalf of a merchant (such as employees or contractors)
  • Limited information about customers of merchants, to the extent their data is processed through Shopify and connected platforms in order for the App to provide its services

It does not apply to:

  • The practices of Shopify itself (see Shopify's own privacy policy and terms)
  • Third-party platforms you connect to the App (such as Meta, TikTok, Google Ads, Klaviyo, or other marketing platforms), which have their own privacy policies

3. Information we collect

When you install and use the App, we access and process information from:

3.1 Shopify store data (via Shopify APIs)

Depending on your configuration and the scopes approved during installation, this may include:

  • Store information: store name, store URL, primary domain, currency, timezone, and Shopify plan
  • Account identifiers: store ID, shop domain, API access tokens or session tokens provided by Shopify
  • Orders and revenue data: order IDs, order timestamps, line items, prices, discounts, taxes, refunds, and shipping costs
  • Customer contact and shipping information associated with orders: customer email address, phone number, and full shipping address (name, street address, city, state/province, postal code, country)
  • Product and catalog data: product IDs, titles, variants, SKUs, pricing, inventory levels, and collections
  • Marketing attribution fields: UTM parameters and referral sources where available through Shopify

Unless specifically required for the App's functionality, we do not intentionally access or store:

  • Full payment card numbers or CVV codes
  • Sensitive authentication data
  • Shopify account passwords

3.2 Advertising and marketing platform data (if you connect them)

If you connect third-party platforms (for example Meta Ads, TikTok Ads, Google Ads, Klaviyo, or similar services), we may access:

  • Campaign and ad performance metrics (impressions, clicks, spend, conversions, revenue, ROAS)
  • Campaign and ad identifiers, names, and structure (campaigns, ad sets or ad groups, ads, creatives)
  • Basic account information necessary to link the integration (account IDs, account names)

3.3 Usage and analytics data

To operate, secure, and improve the App, we may collect:

  • Log data about how you use the App (pages viewed, features used, timestamps)
  • Technical information (browser type, device type, IP address, operating system, approximate location)
  • Error and performance logs to help diagnose issues and improve reliability

3.4 Support and communications

When you contact us for support, we may collect:

  • Your name, email address, and role
  • Details about your request and any information you choose to provide (for example, screenshots or error descriptions)

4. How we use information

We use the information described above to:

4.1 Provide and operate the App

  • Fetch and combine Shopify data with advertising and marketing data to calculate metrics such as revenue, profit, ROAS, CAC, and other performance indicators
  • Display dashboards, reports, alerts, and insights inside the App
  • Run background sync jobs and scheduled reports you configure

4.2 Maintain and improve the App

  • Monitor performance, usage, and error rates
  • Develop new features and improve existing ones
  • Test changes safely and securely

4.3 Security, fraud prevention, and compliance

  • Protect the App, our infrastructure, and merchants from unauthorized access or abuse
  • Detect, investigate, and prevent fraud, abuse, or security incidents
  • Comply with applicable legal obligations and Shopify's requirements

4.4 Support and communications

  • Respond to your support requests and questions
  • Send you important notices about the App (for example, billing issues, service updates, or security alerts)

We do not sell your data or your customers' data.

5. Legal bases for processing (EEA/UK/Swiss users)

Where applicable privacy laws (such as GDPR or UK GDPR) require a legal basis, we rely on:

  • Performance of a contract: to provide the App and fulfill our obligations under our agreement with you (for example, our Terms of Service).
  • Legitimate interests: to maintain and improve the App, secure our services, prevent fraud, and understand how merchants use the App, provided these interests are not overridden by your rights and interests.
  • Compliance with legal obligations: to comply with applicable laws, regulations, and requests from authorities.
  • Consent: where required by law (for example, for certain types of cookies or marketing communications), and only to the extent consent is given.

6. How we share information

We may share information in the following limited circumstances:

6.1 Service providers (processors)

We use third-party service providers to host and operate the App, store and process data, send emails, and provide analytics and logging. These providers may include:

  • Supabase (database hosting and authentication)
  • Netlify (application hosting and serverless functions)
  • Sentry (error tracking and performance monitoring — may receive technical context such as URLs, browser type, and error stack traces)

These service providers are authorized to use data only as necessary to provide their services to us and are subject to contractual confidentiality and data protection obligations.

6.2 Third-party platforms you connect

When you choose to connect external platforms (such as ad networks or marketing tools), we may send or receive information to and from those platforms as needed to provide the App's features. Those platforms process your data under their own terms and privacy policies.

6.3 Compliance with law and protection of rights

We may disclose information if we believe in good faith that such disclosure is reasonably necessary to:

  • Comply with any applicable law, regulation, legal process, or governmental request
  • Enforce our agreements or policies
  • Protect the security or integrity of the App
  • Protect us, merchants, customers, or the public from harm or illegal activities

6.4 Business transfers

If we are involved in a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, your information may be transferred as part of that transaction, subject to appropriate confidentiality protections and applicable law.

We do not share your data with third parties for their independent marketing purposes.

7. International data transfers

Our service providers and infrastructure may be located in countries other than your own. This means that your information may be processed in countries that may have different data protection laws than your jurisdiction.

Where required by law, we implement appropriate safeguards for international data transfers, such as:

  • Standard contractual clauses approved by the European Commission or other relevant authorities
  • Contractual data protection commitments with our service providers

8. Data retention and deletion

We generally retain information for as long as your Shopify store has the App installed and for a reasonable period afterward to:

  • Maintain business records for accounting, auditing, and compliance
  • Resolve disputes and enforce our agreements
  • Maintain backups and logs for security and reliability

When you uninstall the App from your Shopify store, we will:

  • Stop accessing new data from your store
  • Schedule your store's data for deletion or irreversible anonymization from our active systems within a commercially reasonable period (typically within 30–90 days, unless we are legally required to retain it longer)
  • Remove or anonymize data from backups according to our standard backup retention cycles

You can also contact us using the support email shown in our App Store listing to request deletion of specific data where applicable law grants you this right.

9. Your rights and choices

Depending on your jurisdiction, you may have certain rights with respect to your personal data, including:

  • Access: request a copy of the personal data we hold about you.
  • Correction: request that we correct inaccurate or incomplete data.
  • Deletion: request that we delete your personal data, subject to certain exceptions.
  • Restriction: request that we limit the processing of your personal data in certain circumstances.
  • Objection: object to certain types of processing, including profiling based on legitimate interests.
  • Data portability: request a copy of your data in a structured, commonly used, and machine-readable format.

As a Shopify merchant, most store and customer data is primarily controlled by Shopify. We may ask you to submit certain requests through Shopify or to verify that you are authorized to act on behalf of a merchant.

To exercise any rights available to you, please contact us using the support email on our App Store listing. We will respond to valid requests within the time limits required by applicable law.

10. Additional disclosures for California residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, "CCPA"), provides you with additional rights regarding your personal information.

Categories of personal information collected

In the preceding 12 months, we may have collected the following categories of personal information:

  • Identifiers: name, email address, phone number, shipping address, customer ID, store URL, account IDs from connected platforms
  • Commercial information: order history, purchase amounts, product details, revenue, and advertising spend data
  • Internet or electronic network activity: log data, browser type, device type, pages viewed, error logs
  • Geolocation data: approximate location derived from shipping addresses or IP addresses

How we use personal information

We use personal information for the business purposes described in Section 4 of this Privacy Policy (providing the App, maintaining and improving it, security, and support).

Sale and sharing of personal information

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We do not have actual knowledge that we sell or share the personal information of consumers under 16 years of age.

Your California privacy rights

Subject to certain exceptions, California residents have the right to:

  • Know and access: request what personal information we have collected, used, disclosed, or sold about you.
  • Delete: request deletion of your personal information, subject to certain exceptions.
  • Correct: request correction of inaccurate personal information.
  • Non-discrimination: we will not discriminate against you for exercising any of your CCPA rights.

To exercise these rights, contact us using the support email on our App Store listing. We will verify your identity before fulfilling your request.

11. Children's data

The App is intended for use by businesses and is not directed to children under 16. We do not knowingly collect or process personal data from children under 16. If you believe that a child has provided us with personal data, please contact us so that we can delete it.

12. Security

We use appropriate technical and organizational measures designed to protect the information we process against loss, misuse, and unauthorized access, disclosure, alteration, and destruction. However, no system is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the security of your Shopify account and any credentials used to access the App and for restricting access to authorized users within your organization.

13. Cookies, local storage, and similar technologies

The App does not use traditional browser cookies. We use the following browser storage mechanisms for essential functionality only:

  • Local storage: to remember your theme preference (light or dark mode) and developer settings. This data stays on your device and is not transmitted to our servers.
  • Session storage: to maintain temporary state during OAuth authentication flows when connecting third-party platforms (such as Shopify, Meta, TikTok, or Google Ads). This data is automatically cleared when you close your browser tab.

We do not use tracking cookies, advertising cookies, or third-party analytics cookies. Authentication is handled via JWT tokens in HTTP headers, not cookies.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the App, our practices, or applicable laws. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you within the App or via email.

Your continued use of the App after any update constitutes your acceptance of the revised Privacy Policy.

15. How to contact us

If you have any questions about this Privacy Policy or our data practices, please contact us using the support email address listed on our Shopify App Store listing and within the App.