Privacy Policy

Last updated: February 19, 2026

Your privacy matters. CartKrate is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, and safeguard your data in compliance with GDPR, CCPA, and other privacy regulations.

1. Information We Collect

1.1 Information You Provide

When you use CartKrate, we may collect information you voluntarily provide:

Newsletter Subscription: Email address, name (optional), subscription preferences
Contact Forms: Name, email address, message content
Account Information: If you create an account, username, email, and password
Tool Usage: Data you enter into our calculators and tools (processed locally, not stored)

1.2 Information Collected Automatically

We automatically collect certain information when you visit CartKrate:

Analytics Data: Page views, time on site, referral source (via self-hosted Plausible Analytics)
Technical Data: IP address, browser type, device type, operating system
Cookies: Essential cookies only (see Section 3)

1.3 Information From Third Parties

We collect publicly available data about ecommerce apps and tools from:

Shopify App Store API
WooCommerce Plugin Repository
BigCommerce Marketplace
Reddit public discussions (sentiment analysis)

Note: This data does not include personal information about individual users.

2. How We Use Your Information

We use collected information for the following purposes:

Newsletter Delivery: Send weekly "CartKrate Insider" emails with app reviews and recommendations
Customer Support: Respond to your inquiries and provide assistance
Site Improvement: Analyze usage patterns to improve content and user experience
Legal Compliance: Comply with legal obligations and protect our rights
Security: Detect and prevent fraud, spam, and abuse

We do NOT: Sell your personal data to third parties, use your data for targeted advertising, or share your information with data brokers.

3. Cookies and Tracking

3.1 Essential Cookies Only

CartKrate uses minimal, essential cookies only:

Session Cookies: Temporary cookies that expire when you close your browser
Preference Cookies: Remember your dark mode preference and tool settings (stored locally)

3.2 No Third-Party Tracking

We do NOT use:

Google Analytics (we use self-hosted Plausible)
Facebook Pixel
Third-party advertising cookies
Cross-site tracking technologies

3.3 Analytics

We use Plausible Analytics, a privacy-friendly, GDPR-compliant analytics tool that:

Does not use cookies
Does not collect personal data
Does not track users across websites
Anonymizes IP addresses

4. Your Privacy Rights

4.1 GDPR Rights (EU/UK Users)

If you are located in the European Union or United Kingdom, you have the following rights:

Right to Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data
Right to Restrict Processing: Limit how we use your data
Right to Data Portability: Receive your data in a portable format
Right to Object: Object to processing of your data
Right to Withdraw Consent: Withdraw consent at any time

4.2 CCPA Rights (California Users)

If you are a California resident, you have the right to:

Know: Request disclosure of personal information collected
Delete: Request deletion of personal information
Opt-Out: Opt-out of the sale of personal information (we do not sell data)
Non-Discrimination: Not receive discriminatory treatment for exercising your rights

4.3 How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: [email protected]
Response Time: We will respond within 30 days

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

Encryption: All data transmitted via HTTPS/TLS
Access Controls: Limited access to personal data on a need-to-know basis
Regular Audits: Periodic security assessments and vulnerability scans
Data Minimization: We collect only what is necessary
Secure Hosting: Data stored on secure, EU-based servers (for EU users)

6. Data Retention

We retain your personal data only as long as necessary:

Newsletter Subscribers: Until you unsubscribe or request deletion
Contact Form Data: 90 days after resolution of inquiry
Analytics Data: Aggregated data retained indefinitely (no personal identifiers)
Backup Data: 30 days in encrypted backups

7. International Data Transfers

CartKrate operates globally. If you are located outside the United States:

EU Users: Data stored on EU servers; transfers comply with GDPR
Standard Contractual Clauses: Used for any necessary international transfers
Data Processing Agreements: In place with all third-party processors

8. Third-Party Services

We use the following third-party services:

Email Delivery: [Your email service provider] - for newsletter delivery
Hosting: WPX Hosting - secure website hosting
Analytics: Plausible Analytics (self-hosted) - privacy-friendly analytics
Payment Processing: [If applicable] - for premium features

Each service has its own privacy policy and data protection measures.

9. Children's Privacy

CartKrate is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately at [email protected].

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Posting the updated policy on this page
Updating the "Last updated" date at the top
Sending an email to newsletter subscribers (for significant changes)

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: [email protected]
Website: cartkrate.com/contact
Data Protection Officer: [email protected]

Supervisory Authority: EU users have the right to lodge a complaint with their local data protection authority if they believe we have not addressed their concerns.