Welcome to Truereff ("Truereff," "we," "our," or "us"). This Privacy Policy applies to our app "Truereff," operated by GRIFEN INCORPORATED, and available at truereff.com. Our app integrates with Instagram via our Facebook App "truereff_fabk_instg" to facilitate collaborations between brands and content creators.

By accessing or using the Services, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy. If you do not agree with the practices described herein, please do not use the Services.

1. Definitions

• Brand: Any company that registers on the Site to find and collaborate with creators.
• Creator: An individual registering on the Site to collaborate with brands.
• Personal Information: Any data that can identify a person, under GDPR/CCPA.
• Meta Platform: Refers to Meta Platforms, Inc. and affiliated services (Instagram, Facebook).

2. Scope of This Policy

This policy applies to Personal Information we process when you use Truereff’s website, tools, and integrations with Meta (e.g., Instagram Graph API).

3. Information We Collect

3.1 Directly from You:

• Account info (name, email, etc.)
• Profile details and preferences
• Campaign-related data

3.2 Via Instagram Integration: Data accessed via Instagram Graph API like public profile, media, comments, and DMs (with user consent).

3.3 Automatically: IP, device info, usage data, cookies.

4. Shopify App Integration

Our Shopify app, Truereff, integrates with your Shopify store to enable affiliate management and product collaboration through truereff.com. Below, we outline how we collect, use, and share data via this integration.

Information We Collect
When you install Truereff, we access the following information from your Shopify account:

Shop Domain: The unique domain of your Shopify store (e.g., yourstore.myshopify.com), used to identify your store for CRM connection.

Unique ID: A secure identifier generated by the App to authenticate and connect your Shopify store to truereff.com.

Product Data: Information about products in your Shopify store, such as names, prices, descriptions, and images, accessed via Shopify’s APIs to enable product import.

Order Data: Information about orders, which may include customer names, shipping addresses, email addresses, order details, and payment information, accessed via Shopify’s APIs for commission tracking.

Affiliate Tracking Data: Data collected by a tracking script that runs on your shop’s pages, including affiliate parameters or fingerprints (e.g., UTM parameters, unique identifiers), to track affiliate link performance.

Usage Data: Logs of your interactions with the App, such as clicks or navigation, to improve functionality and performance.

4.b How We Use Your Information

• Facilitate the connection between your Shopify store and truereff.com, enabling product import, affiliate link generation, discount code creation, commission tracking, and affiliate parameter tracking via the app.
• Provide customer support, troubleshoot issues, and enhance the App’s performance.
• Comply with legal obligations, such as responding to data requests.
• Analyze usage patterns to improve functionality, using aggregated and anonymized data where possible.

4.c How We Share Your Information

• We do not sell your personal information. We may share Shopify-related data as follows:
• With truereff.com: Shop domain, unique ID, product data, order data, and affiliate tracking data are shared with truereff.com for affiliate management and commission tracking.
• With Shopify: Some data is processed by Shopify per their Privacy Policy.
• Service Providers: We may share data with trusted providers (e.g., hosting for the tracking script) under confidentiality agreements.
• Legal Requirements: We may disclose information if required by law.

4.d Data Security

We use HTTPS, encryption, and access controls to protect Shopify-related data. The tracking script complies with Shopify’s security standards and respects customer consent.

4.e Data Retention

Shopify-related data is retained only as long as necessary for service delivery or legal obligations. Upon app uninstallation, data is deleted within a reasonable period, except where legally required.

4.f GDPR Compliance

If your store serves customers in the EEA, UK, or Switzerland, we comply with GDPR by implementing mandatory webhooks for data subject requests (e.g., access, deletion). You, the merchant, are the data controller for customer data, and we act as a data processor, assisting with GDPR obligations.

4.g Your Rights

You have rights to access, correct, delete, restrict, or object to data processing. Contact us at contact.trf@truereff.com to exercise these rights. We assist with customer data requests as a data processor.

5. Additional Key Sections

• Legal Basis: GDPR lawful bases (contract, consent, legal obligation).
• Use of Data: Managing accounts, campaigns, Instagram interactions, and more.
• Sharing: Limited to campaign-related parties, service providers, or required by law.
• Meta Compliance: Follows Meta’s Developer and Data Deletion policies.
• Cookies: Uses cookies for analytics, personalization, and session management.
• Data Retention: Data is retained only as long as necessary or legally required.
• Security: Follows strong encryption and security practices (AES-256, TLS 1.3).
• International Transfers: Handled via SCCs and appropriate safeguards.
• Your Rights: Access, correct, delete, restrict, or object to data processing.
• Children: Not intended for users under 16.
• Third Party Links: Truereff is not responsible for third-party privacy practices.
• Policy Changes: Updates will be announced clearly on the platform.
• Contact: Email: contact.trf@truereff.com