Skip to main content
Blogs Free Audit
Legal

Privacy Policy

We respect your privacy. Here's exactly how we handle your data — clearly and without legalese.

Last updated: 13 July 2026 ~5 min read GDPR-aware
Plain-English summary: We collect only what's necessary to run our website and Shopify apps. We don't sell your data. We use trusted third-party tools (analytics, email) and keep your data secure. You can request deletion at any time by emailing [email protected].
01

Who we are

This Privacy Policy applies to Webrex Studio ("Webrex", "we", "us", "our"), a Shopify Partner agency and app developer operating at www.webrexstudio.com.

We operate the website webrexstudio.com and publish Shopify apps including WB: Frequently Bought Together, WB: SEO Schema JSON-LD, and WB: SEO Audit Optimizer.

If you have questions about this policy, reach us at [email protected].

02

Data we collect

We collect information in two ways: information you give us directly, and information collected automatically when you use our site.

Information you provide:

  • Contact forms & email: your name, email address, and any message content when you reach out to us.
  • Booking (Cal.com): name, email, and scheduling preferences when you book a call.
  • Shopify app installation: Shopify store URL and the store owner's email (provided by Shopify) when you install one of our apps.

Information collected automatically:

  • Usage data: pages visited, referral source, browser type, device type, and time spent — collected via analytics tools (see Section 4).
  • IP address: your approximate location is logged by our hosting and CDN providers for security and performance.
  • Cookies: small files stored in your browser — see Section 4 for full details.
03

How we use your data

We use the information we collect for the following purposes:

  • To provide our services — operating our website, answering enquiries, and delivering our Shopify apps.
  • To improve our products — understanding how visitors use the site so we can make it better.
  • To communicate with you — sending responses to contact requests, onboarding emails for app installs, and occasional updates (you can unsubscribe at any time).
  • To prevent abuse — detecting fraud, spam, or misuse of our services.
  • To meet legal obligations — complying with applicable laws and regulations.

We do not use your data for automated decision-making or profiling that produces legal effects.

04

Cookies & analytics

We use cookies and similar tracking technologies to understand how our website is used. Here's what's running:

  • Google Analytics (GA4): Page views, session data, and traffic sources. Data is anonymised (IP anonymisation enabled). You can opt out via Google's opt-out tool.
  • Plausible Analytics: Privacy-first, cookieless analytics. No personal data stored, no cross-site tracking.
  • Hotjar: Heatmaps and session recordings to improve UX. No personally identifiable information is captured. You can opt out at hotjar.com/legal/compliance/opt-out.
  • Crisp Chat: Live chat widget. A cookie is set to maintain your chat session. Data is handled per Crisp's Privacy Policy.

You can manage or delete cookies at any time through your browser settings. Note that disabling cookies may affect some features of the site.

05

Sharing & third parties

We do not sell your personal data. We share data only where necessary to operate our services:

  • Shopify Inc. — our apps are built on the Shopify platform. Shopify processes merchant and customer data per their Privacy Policy.
  • Cal.com — meeting scheduling. Data is handled per Cal.com's Privacy Policy.
  • Google — analytics and workspace tools.
  • DigitalOcean / CDN providers — hosting and content delivery.
  • Legal obligations — we may disclose data if required by law, court order, or government authority.

All third-party processors are required to handle your data securely and only for the purposes we specify.

06

Shopify apps

Our Shopify apps (WB: Frequently Bought Together, WB: SEO Schema JSON-LD, WB: SEO Audit Optimizer) access your Shopify store data solely to deliver app functionality.

  • We access only the Shopify API scopes required for each app's features (e.g., product data for bundle recommendations).
  • We do not store or process your store's customer payment data.
  • App data is not shared with or sold to any third parties.
  • When you uninstall an app, we delete associated store data within 30 days, unless retention is required by law.

Each app's specific data practices are also detailed in its Shopify App Store listing.

07

Data retention

We retain your personal data only for as long as necessary:

  • Contact/enquiry data: up to 2 years from last contact, then deleted.
  • Analytics data: typically 14 months rolling (Google Analytics default), or non-expiring and aggregated (Plausible).
  • Shopify app data: retained while the app is installed, deleted within 30 days of uninstall.
  • Legal/billing records: retained for up to 7 years where required by law.

You can request deletion of your data at any time — see Section 8.

08

Your rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — request a copy of the data we hold about you.
  • Correction — ask us to fix inaccurate or incomplete data.
  • Deletion — request that we delete your data ("right to be forgotten").
  • Restriction — ask us to limit how we process your data in certain circumstances.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent — where processing is based on consent, withdraw it at any time (this won't affect prior lawful processing).

To exercise any of these rights, email us at [email protected]. We will respond within 30 days. We may need to verify your identity before fulfilling a request.

If you are in the EU/UK and believe we are processing your data unlawfully, you have the right to lodge a complaint with your local data protection authority.

09

Security

We take reasonable technical and organisational measures to protect your data, including:

  • HTTPS encryption on all web traffic.
  • Access controls limiting who can access personal data internally.
  • Using trusted infrastructure providers with their own security certifications.

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. If you believe your data has been compromised, please contact us immediately at [email protected].

10

Children's privacy

Our website and apps are not directed to children under 13 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

11

Policy changes

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this page periodically. Continued use of our website or apps after a change constitutes your acceptance of the updated policy.

12

Contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please get in touch:

Webrex Studio

[email protected] · www.webrexstudio.com

Email us