Articles in this section

Happy Birthday Privacy Policy

Steve Jones
  • Updated

Happy Birthday is an application that is operated under licence by Union Works Ltd. 

The Happy Birthday app is committed to protecting your privacy and we adhere to the General Data Protection Regulation.

Union Works Ltd (“we,” “us” or “our”) are committed to protecting and respecting your privacy. This Privacy Policy sets out how we collect, use and share information which identifies you or is associated with you (“personal information”).

Please read this Privacy Policy carefully to understand our views and practices regarding your personal information and how we will treat it. By installing the Happy Birthday app, you consent to the use of your personal information as described in this Privacy Policy.

For the purpose of the Data Protection Act 1998 (the “Act”) and GDPR the data controller is Union Works Ltd. Our registered office is at 86-90 Paul Street, London, EC2A 4NE. Our company registration number is 10900591.

For more specific GDPR information and to generate a Data Processing Agreement between your store and Union Works, please see the following article: GDPR

Overview of the app

Happy Birthday "the App” provides an end to end Birthday email campaign "the Service" to merchants who use Shopify to power their stores. The App collects the birthdates of your customers and sends them a birthday email including discount on or before their Birthday. This Privacy Policy describes how personal information is collected, used, and shared when you install or use the App in connection with your Shopify-supported store.

Quick Links

Personal information the app collects

Merchant data

When you install the App, we are automatically access and store the following information from your Shopify store and the associated main contact account:

  • Shopify Store URL (both the .myshopify.com URL and your custom URL if set)
  • First name
  • Last name
  • Store timezone
  • Store currency setting
  • Store Shopify plan
  • Store admin email address
  • Preferred email address - we will ask you to set a preferred email address that we can use to send you app related information.

Customer protected data

We collect the following types of personal information from your customers when they join your Birthday Club:

  • Shopify Customer ID
  • First Name
  • Last Name
  • Email Address
  • Mobile Phone Number
  • Date of Birth
  • Discount Code used
  • Order Total
  • Order Subtotal
  • Discount Amount

We do not collect any other personal information directly or indirectly from your customers.

Collection of customer personal data

Most of the customer data that we collect is submitted via one of the Birthday Sign-up Forms that appear on the Merchant's Shopify store. It can, however, be added manually by a Merchant importing lists of customers into the App, or through manual addition within the App's user interface one at a time.

We also have integrations with 3rd party service providers that, if enabled, will send us the personal data of a customer for the purpose of joining the Merchant's Birthday Club.

Integrations

The following integrations are available and once enabled, they are able to send us customer protected data:

Shopify script tags

We inject Shopify script tags into the Merchant's storefront to determine when to show the Happy Birthday Sign-up Form. We occasionally modify these script tags.

Processing the personal data

We only process the customer personal data for the purpose of delivering the Service. We require the following scopes of access in order to run and report on that campaign:

Scopes

To collect the data, we request access to certain scopes so that we can read and write data to and from customers and orders

  • Read and write orders - we use this to find out if a birthday discount code has been used for reporting on campaign conversions. We also have an option to tag an order with the customer's birthdate.
  • Read and write customers - We use this to find out if the person that joined your Birthday Club is also a Customer in your Shopify store. We also have an option to tag a Shopify customer record with the customer's birthdate.

Webhooks

Orders/created Webhook - When a new order is placed on the Merchant store, we look to see if one of our Birthday Discounts has been used. If it has, we store details about the order amount and the value of the discount code.

How do we use a Merchant's personal information?

  • To communicate with the Merchant to optimize or improve the App;
  • To communicate with the Merchant to announce new features
  • To communicate with the Merchant when a plan upgrade is required to ensure continuity of the Service.
  • To provide the Merchant with information or advertising relating to our other products or services.

How do we use your customers personal information?

We use the personal information we collect from your customers to send them a Birthday email once per calendar year and to provide you with a campaign overview within the UI of the App.

Sharing your customers personal information

Some of the customer personal data collected is shared with third party service providers and our business partners.

Google

We use GSuite by Google. All email we receive passes through Google Mail, and all data associated with email such as your email address and any headers are stored by Google. In addition we use Google Drive to store spreadsheets and other documents which may include your name and email address. We use Google Analytics for our marketing website https://unionworks.co.uk

Zendesk

Emails sent to support@birthday-app.com or support@birthday-app.zendesk.com is stored in Zendesk, an email support platform. They store all data associated with email sent to this address, such as your email address and any headers.

Mailgun

We use Mailgun to send transactional email to customers (the birthday email). To do this, we provide them with the email address of the customer whenever a Birthday email is sent.

AWS - Amazon Web Services

We use AWS EC2 to power our virtual cloud computing environment.

We use AWS RDS to provide the database service for the App.

We use AWS Cloudwatch to monitor the AWS resources used to run the App.

We use AWS Simple Queue Service (SQS) to send, store, and receive messages between the software components of the App.

We use AWS S3 service to store images uploaded to the App and to backup the App database. The App database contains your store's App specific settings and tables containing customer details.

User.com

We use user.com as a CRM tool to provide an onboarding sequence of emails when the App is first installed. It is also used to let Merchant's know when they need to upgrade and to inform them of any new features related to the App.

Oh Dear

We use the Oh Dear service to provide uptime and performance monitoring of the App and status pages.

Understand.io

We use Understand.io for error tracking and log management for the App.

App Integrations

If any of the following integrations are enabled within the App by the Merchant, we are able to send customer protected data to that service:

Cookies

We do not use cookies to track your customers activity on your store.

Change of business ownership

Personal information may also be shared with a company that acquires our business, whether through merger, acquisition, bankruptcy, dissolution, reorganization, or other similar transaction or proceeding. If this happens, we will post a notice on our home page.

Legal requests

Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Your rights

If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.

Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.

Data retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.

For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.

Changes

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

Contact us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at: dpo@unionworks.co.uk or by mail using the details provided below:

DATA PROTECTION OFFICER

Steven Jones
Union Works Ltd.
86-90 Paul Street
London
England
EC2A 4NE

Related articles