Privacy Policy - Multi Store Redirect

Last Updated: June 28, 2026

Data Controller

Grupo IO Ecommerce S.L., with Tax ID B21822408 and registered address at Calle Eduardo Morales, 32, 2ºA – 28025, Madrid (Spain), is the data controller responsible for the processing of personal data collected through the Multi Store Redirect Shopify application. You can contact us at:

info@migraciones.io.

1. Purpose of Data Processing

We process data for the following purposes:

  • Manage the technical and administrative relationship arising from the use of our Shopify application.
  • Allow merchants to configure country and continent store redirect options.
  • Store destination URLs, popup settings, excluded countries, custom CSS, and app configuration preferences.
  • Display a configurable storefront popup that helps visitors choose the appropriate country or regional store.
  • Check whether the theme app extension is active in the merchant’s published theme.
  • Record basic popup events such as shown, accepted, rejected, or excluded for app functionality and troubleshooting.
  • Respond to support requests and provide technical assistance.
  • Improve app functionality and reliability using aggregated, non-personal usage information.
  • Send service-related communications, including maintenance notices, security updates, and important product information.

The data provided will not be used for purposes other than those described without explicit consent.

2. Legal Basis

The legal basis for processing your data is:

  • Performance of a contract or pre-contractual measures when you install and use the application.
  • The merchant's use and configuration of the application.
  • Legitimate interest of Grupo IO Ecommerce S.L. for improving the service, providing technical support, and maintaining application security.
  • Compliance with applicable legal obligations.

3. Data We Collect

3.1 Store Information

When you install and use the application, we may process information such as:

  • Shop domain and basic shop information.
  • OAuth access tokens and session data required for authentication.
  • Theme information required to check whether the app embed is active.
  • Configured countries, continents, destination URLs, visibility settings, and ordering preferences.
  • Popup settings such as title, message, CTA text, logo, colors, close button visibility, flag visibility, excluded countries, and custom CSS.
  • Basic popup event logs required for operation, troubleshooting, and support.

3.2 Customer Personal Data

The application is designed to configure storefront redirection options and does not intentionally collect customer names, email addresses, payment information, order information, or account data. The storefront popup may process a visitor’s detected country or region in order to decide whether to show configured store options.

The storefront may use browser local storage to remember when a visitor has selected a store or dismissed the popup, so the popup is not shown repeatedly in the same context.

4. Data Recipients

Data may be shared only when necessary:

  • Legal obligation or operational necessity.
  • Shopify Platform: Through official Shopify APIs required for authentication, theme app extension functionality, app proxy requests, and application operation.
  • Technology Providers:
    • Vercel, for application hosting.
    • Database and infrastructure providers used to securely store application data.

International transfers are carried out using appropriate GDPR safeguards where applicable.

5. Data Retention

  • During subscription: Data required to provide the service is retained while the application remains installed.
  • After uninstall or Shop Redact webhook:
    • Store-specific data is deleted within 48 hours of uninstall or a valid redaction request.
    • Limited records may be retained only where required by law or for security purposes.

6. User Rights

You may exercise your rights of access, rectification, deletion, restriction, portability, and objection by contacting info@migraciones.io and providing proof of ownership of the store where appropriate.

You may also file a complaint with the Spanish Data Protection Agency: www.aepd.es.

7. Security Measures

  • TLS/SSL encryption for data in transit.
  • Secure storage of authentication credentials and application data.
  • OAuth 2.0 authentication following Shopify security standards.
  • Access controls, monitoring, and regular security reviews.

8. Cookies and Storage

The application uses authentication tokens and server-side session storage required to provide the service. The storefront popup may use browser local storage to remember popup dismissal or selected store preferences. The application does not place advertising cookies on merchant storefronts.

9. Shopify Mandatory Webhooks

We implement the mandatory Shopify privacy webhooks:

  • customers/data_request: Processed according to Shopify requirements.
  • customers/redact: Customer personal data is deleted where applicable.
  • shop/redact: Deletes store-specific application data associated with the merchant.

10. Contact Information

  • Email: info@migraciones.io
  • Postal Address: Grupo IO Ecommerce S.L., Calle Eduardo Morales, 32, 2ºA – 28025, Madrid, Spain
  • Shopify App: Multi Store Redirect

Informacion adicional

Migraciones.io ofrece servicios especializados de migracion a Shopify y Shopify Plus, optimizacion tecnica SEO, mejora de conversion y soporte de crecimiento para ecommerce. En cada proyecto trabajamos con metodologia, control de calidad y enfoque en resultados medibles para aumentar rendimiento, estabilidad y ventas.

Indice de contenidos por idioma: Blog EN | Blog FR | Blog PT | Paginas EN | Pages FR | Paginas PT

© 2026 migraciones.io.