Privacy Policy

autometick ("we", "our", or "us") is a WhatsApp automation and AI agent platform operated from India. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our services at autometick.com ("Services"), including our Shopify App available on the Shopify App Store.

By using our Services, you agree to the collection and use of information in accordance with this policy. If you disagree with any part, please discontinue use immediately.

We collect information you provide directly and information collected automatically:

• ›Personal identifiers: name, email address, phone number, company name
• ›Account credentials: username, password (stored encrypted)
• ›Billing and payment information (processed securely via Razorpay or Shopify Billing API)
• ›WhatsApp Business account details and connected phone numbers
• ›Messages and conversation data processed through our platform
• ›Device information, IP address, browser type, and usage logs
• ›Industry type, company size, and onboarding information

Data obtained from Shopify (for merchants installing via the Shopify App Store):

• ›Shopify store domain, shop name, owner email and phone number
• ›Order data: order number, total value, payment method (COD or prepaid), fulfillment status, tracking URLs, and creation date
• ›Customer phone numbers and names associated with orders
• ›Customer billing and shipping addresses (province/state used for broadcast filters)
• ›Product IDs and collection data (used for broadcast targeting filters)
• ›Abandoned checkout data: cart value, customer contact details, checkout URL
• ›Shopify OAuth access token (stored encrypted, used solely to access your store on your behalf)

We use the information collected to:

• ›Provide, operate, and improve our WhatsApp automation Services
• ›Process payments and manage subscriptions
• ›Send transactional emails, OTP verification codes, and account notifications
• ›Send WhatsApp messages to your customers on your behalf (order confirmations, COD confirmations, order status updates, abandoned cart reminders)
• ›Respond to support requests and communicate with you
• ›Detect fraud, abuse, and ensure platform security
• ›Comply with legal obligations under Indian law
• ›Analyze usage patterns to improve our product

We do not sell your personal data to third parties.

autometick acts as a processor of WhatsApp conversation data on your behalf. Messages sent and received through our platform are stored to enable features such as conversation history, AI agent context, and analytics. You remain the data controller for your end-customers' data.

By using our Services you confirm compliance with WhatsApp Business Platform policies and Meta's terms of service regarding data handling and messaging consent.

When you install autometick via the Shopify App Store, we access your Shopify store data through the Shopify Admin API using OAuth 2.0. The following applies specifically to Shopify merchants:

API Scopes & Purpose

We request only the permissions necessary to provide our Services:

• ›read_orders, write_orders — to receive order webhooks, send order notifications, and handle COD confirmations
• ›read_checkouts — to access abandoned checkout data for recovery messaging
• ›read_customers — to access customer contact details for messaging
• ›read_fulfillments, write_fulfillments — to track and update order fulfillment status
• ›read_products — to enable product and collection-based broadcast filters

Merchant as Data Controller

You (the Shopify merchant) are the data controller for your customers' personal data. autometick acts as a data processor, processing your customers' data solely to provide the Services you have configured. You are responsible for ensuring you have obtained the necessary consents from your customers to send them WhatsApp messages.

GDPR Compliance Webhooks

autometick complies with Shopify's mandatory privacy webhooks:

• ›customers/data_request — we log and process data access requests from your customers within 30 days
• ›customers/redact — we permanently delete all data associated with a customer upon receipt of a redact request
• ›shop/redact — we permanently delete all store data (orders, messages, templates, schedules) within 30 days of receiving an app uninstall redact webhook

Data Deletion on App Uninstall

When you uninstall autometick from your Shopify store, we receive a webhook notification. All data associated with your store — including orders, customer phone numbers, message history, templates, and configurations — is permanently deleted within 30 days of the uninstall date. You may request immediate deletion by contacting us at autometick.com@gmail.com.

Access Token Security

Your Shopify OAuth access token is stored encrypted in our database and is never exposed to third parties. It is used exclusively to make API calls on your behalf to deliver the Services.

We share data only in the following limited circumstances:

• ›Service providers: Supabase (database), Razorpay (payments), Resend (email), Anthropic (AI processing) — bound by data processing agreements
• ›Meta / WhatsApp: messages are transmitted via WhatsApp Cloud API per Meta's platform policies
• ›Shopify: your store data is accessed via Shopify's Admin API pursuant to your authorization; we do not share data back to Shopify beyond what is required for webhook acknowledgements
• ›Legal compliance: when required by Indian courts, regulators, or law enforcement
• ›Business transfers: in the event of a merger or acquisition, with prior notice to users

We have not sold or shared personal information to third parties for commercial purposes.

We retain your account data for as long as your account is active. Conversation messages are retained for 12 months by default and can be deleted on request. Upon account deletion, personal data is purged within 30 days, except where retention is required by law.

For Shopify merchants: all store data is deleted within 30 days of app uninstall, or immediately upon request. Individual customer data is deleted upon receipt of a customers/redact webhook from Shopify.

We implement industry-standard technical and organizational security measures including encrypted data transmission (TLS), hashed passwords, encrypted OAuth tokens, and role-based access controls. However, no method of transmission over the internet is 100% secure and we cannot guarantee absolute security.

Depending on your jurisdiction, you may have the right to:

• ›Access the personal data we hold about you
• ›Request correction of inaccurate data
• ›Request deletion of your personal data
• ›Object to or restrict processing of your data
• ›Data portability (receive your data in machine-readable format)

Shopify merchants may also exercise rights on behalf of their customers by contacting us directly or via Shopify's privacy request tools.

To exercise these rights, email us at autometick.com@gmail.com.

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. You can configure your browser to refuse cookies, though this may affect platform functionality.

Our Services are not directed to anyone under the age of 18. We do not knowingly collect personal information from minors. If we become aware of such data being collected, it will be deleted promptly.

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of our Services after changes constitutes acceptance of the revised policy.

For privacy-related queries or requests: