ReactivateIQ Customer ListPrivacy Policy
ReactivateIQ Customer List processes only the data needed to identify dormant customers and create consent-aware export lists.
Data processed
- Store domain and app session data.
- Customer identifiers and safe customer labels.
- Encrypted customer email, email marketing state, email validity, opt-in level, and marketing update timestamp.
- Customer order count and spend fields.
- Order identifiers, order names, order dates, order totals, and currency.
- Dormant/reactivation metrics, segment metrics, export job metadata, suppression records, settings, billing status, sync job status, and operational logs.
Protected customer data
The app requests customer email because campaign-platform export is core functionality. The app does not request customer phone, billing address, shipping address, first name, last name, or display name by default.
Storage and exports
Shopify access tokens and customer emails are encrypted at rest. A normalized SHA-256 email hash is used for dedupe/export matching. Export files are temporary, stored with short retention, and expire. Owner/admin views do not display customer emails or raw customer/order data.
Campaign responsibility
The app does not send campaigns. Merchants decide how to use exported lists and are responsible for complying with applicable marketing laws and campaign-platform policies.
Privacy webhooks
The app supports Shopify privacy webhooks for customer data requests, customer redaction, and shop redaction. Merchants can request deletion through the app support channel.