Back to Home

Privacy Policy

Last Updated: 19 November 2025

Effective Date: 19 November 2025

1. Introduction

This Privacy Policy explains how Imum, UAB ("we", "us", "our", "RightPrice") collects, uses, stores, and protects your personal data when you use our RightPrice service (the "Service").

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

Imum, UAB Company Registration: 305898444 VAT Number: LT100013542617 Address: S. Konarskio g. 2-29, LT-03122 Vilnius, Lithuania Email: hello@imum.io Phone: +370 5 2762099

Data Protection Officer: Email: dpo@rightprice.app

3. Personal Data We Collect

3.1 Account Information

  • Email address
  • Full name
  • Company name
  • Shopify store URL
  • Account credentials (encrypted)

3.2 Shopify Integration Data

When you connect your Shopify store, we collect:

  • Product information (titles, SKUs, prices, costs, images, descriptions)
  • Product catalog data
  • Store configuration
  • Webhook data for real-time synchronization

3.3 Usage Data

  • Service usage analytics
  • Feature interaction data
  • Session information
  • Device and browser information
  • IP address
  • Access logs

3.4 Payment Information

  • Billing name and address
  • Payment method details (processed securely by Stripe)
  • Transaction history
  • Subscription status

We do not store your complete payment card details. Payment processing is handled by our payment processor, Stripe, which is PCI-DSS compliant.

3.5 Communications

  • Support emails and correspondence
  • Feedback and survey responses

4. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract Performance (Article 6(1)(b) GDPR): To provide our Service and fulfill our contractual obligations
  • Legitimate Interests (Article 6(1)(f) GDPR): To improve our Service, prevent fraud, and ensure security
  • Consent (Article 6(1)(a) GDPR): For marketing communications (where required)
  • Legal Obligation (Article 6(1)(c) GDPR): To comply with tax, accounting, and legal requirements

5. How We Use Your Data

We use your personal data to:

5.1 Service Delivery

  • Create and manage your account
  • Connect to your Shopify store
  • Match your products with market data
  • Provide competitive pricing insights
  • Update product prices in Shopify
  • Send service notifications and updates

5.2 Service Improvement

  • Analyze usage patterns
  • Improve product matching accuracy
  • Develop new features
  • Debug and fix issues

5.3 Business Operations

  • Process payments and subscriptions
  • Send invoices and receipts
  • Prevent fraud and abuse
  • Comply with legal obligations

5.4 Communications

  • Respond to support requests
  • Send important service updates
  • Marketing communications (with your consent)

6. Data Storage and Security

6.1 Data Location

Your data is stored in:

  • Primary Database: Germany (Prisma Postgres - Frankfurt region)
  • Application Hosting: United States (Vercel)
  • Backups: Germany

6.2 Data Transfers

When your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Privacy Shield certification (where applicable)
  • Data processing agreements with all processors

6.3 Security Measures

We implement industry-standard security measures:

  • Data encryption in transit (TLS/SSL)
  • Data encryption at rest
  • Regular security audits
  • Access controls and authentication
  • Secure password hashing
  • Regular backups
  • Monitoring and logging

7. Data Sharing and Third Parties

We share your data only with trusted third-party service providers necessary to operate our Service:

7.1 Service Providers

| Provider | Purpose | Location | Safeguards | |----------|---------|----------|------------| | Vercel | Application hosting | USA | Standard Contractual Clauses | | Prisma | Database hosting | Germany (EU) | GDPR compliant | | Stripe | Payment processing | USA/EU | PCI-DSS, SCCs | | Shopify | E-commerce platform integration | Canada/USA | Privacy Shield, SCCs | | Mixpanel | Analytics | USA | SCCs, data minimization | | Google Analytics | Website analytics | USA | IP anonymization, SCCs | | MailerSend | Email delivery | EU | GDPR compliant |

7.2 Legal Disclosures

We may disclose your data if required by law, court order, or government request, or to protect our legal rights.

7.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your data may be transferred. You will be notified of any such change.

8. Data Retention

We retain your personal data for as long as necessary to provide our Service and comply with legal obligations:

  • Active Accounts: Data retained while your account is active
  • Deleted Accounts: Data retained for 180 days after account deletion, then permanently deleted
  • Backups: Backup data may persist for up to 90 days
  • Legal Requirements: Some data (invoices, transaction records) retained for 10 years for tax and accounting purposes
  • Marketing Data: Removed immediately upon unsubscribe request

9. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights:

9.1 Right of Access (Article 15)

You can request a copy of your personal data we hold.

9.2 Right to Rectification (Article 16)

You can request correction of inaccurate or incomplete data.

9.3 Right to Erasure (Article 17)

You can request deletion of your data ("right to be forgotten").

9.4 Right to Restriction (Article 18)

You can request we limit processing of your data.

9.5 Right to Data Portability (Article 20)

You can request your data in a machine-readable format.

9.6 Right to Object (Article 21)

You can object to processing based on legitimate interests.

9.7 Right to Withdraw Consent (Article 7)

You can withdraw consent for marketing communications at any time.

9.8 Right to Lodge a Complaint

You can file a complaint with your local data protection authority:

  • Lithuania: State Data Protection Inspectorate (www.ada.lt)
  • UK: Information Commissioner's Office (www.ico.org.uk)

10. Exercising Your Rights

To exercise any of your rights, contact us:

  • Email: dpo@rightprice.app or support@rightprice.app
  • Subject Line: "GDPR Data Request"
  • Include: Your full name, email address, and specific request

We will respond within 30 days of receiving your request.

10.1 Data Export

You can export your data at any time from your account dashboard, or request a complete export by emailing us.

10.2 Account Deletion

You can delete your account from Settings > Account > Delete Account, or email us at support@rightprice.app.

Upon deletion:

  1. Your access is immediately revoked
  2. Your data is flagged for deletion
  3. After 180 days, all data is permanently erased
  4. Shopify integration is disconnected
  5. All subscriptions are cancelled

11. Cookies and Tracking

We use cookies and similar technologies. See our Cookie Policy for details.

11.1 Essential Cookies

Required for the Service to function (authentication, security).

11.2 Analytics Cookies

Used to understand how you use our Service (Mixpanel, Google Analytics).

11.3 Your Cookie Choices

You can manage cookie preferences through your browser settings or our cookie consent banner.

12. Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect data from children. If you believe we have collected data from a child, contact us immediately at dpo@rightprice.app.

13. International Users

While we are based in Lithuania (EU), our Service is available globally. By using our Service from outside the EU/EEA, you acknowledge that your data will be transferred to and processed in the EU and USA under the safeguards described in this policy.

14. Automated Decision-Making

We use automated systems to:

  • Match your products with market data
  • Generate pricing recommendations

These automated processes do not make decisions that significantly affect you without human review. Pricing changes require your explicit approval before being applied to your Shopify store.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will:

  • Notify you of material changes via email
  • Update the "Last Updated" date
  • Post changes on our website

Continued use of the Service after changes constitutes acceptance of the updated policy.

16. Contact Us

If you have questions about this Privacy Policy or our data practices:

Email: dpo@rightprice.app or hello@imum.io Phone: +370 5 2762099 Address: Imum, UAB, S. Konarskio g. 2-29, LT-03122 Vilnius, Lithuania

Support: support@rightprice.app

Imum, UAB Company Registration: 305898444 VAT: LT100013542617 Lithuania