Privacy Policy for VATify - Smart EU VAT Exempt


Last updated: 28 April 2026

This Privacy Policy explains how WEBSOUL INFOTECH ("we", "us", "our") collects, uses, stores, and shares personal data when merchants use the VATify - Smart EU VAT Exempt Shopify app ("App"), and when buyers interact with storefront features powered by the App.

If you have questions about this policy, contact us at: goyanidevelopers@gmail.com.


Quick summary: what data we store and what we do not store

What we store

    • Merchant account and app session data (shop domain, authentication/session records, app settings).
    • Data needed for VAT/B2B workflows (for example VAT details, customer IDs/emails/tags, and related status records).
    • Operational and billing records (validation logs, email delivery statuses, subscription/billing transactions).
    • Support and configuration data provided by merchants (preferences, optional feedback, and support messages).

What we do not store

    • Payment card numbers or full card details.
    • Unrelated customer browsing analytics for advertising/tracking purposes.
    • Data that is not required to deliver VATify features and legal/compliance obligations.

Important: We do not sell personal data and we do not use tracking cookies.


1) Who we are

    • Controller / Business name: WEBSOUL INFOTECH
    • Registered address: 2nd Floor, Office no.212 Billenium Business Corner, Nr. Savaliya circle, Yogi Chowk, Surat, GJ, 395006, IN
    • Country of establishment: INDIA
    • Email: goyanidevelopers@gmail.com
    • DPO (if applicable): Not applicable

2) Scope of this policy

This policy applies to:

    • Merchants installing and using the App in Shopify admin.
    • Merchant customer data processed through Shopify APIs to provide App features (for example VAT validation and B2B workflows).
    • Data captured via App storefront components (for example VAT/B2B forms), where enabled by the merchant.

This policy does not cover data handled solely by Shopify under Shopify's own privacy terms.


3) Data we collect

A) Data collected through Shopify APIs

Depending on app settings and merchant usage, we may access and store:

    • Shop information (for example shop domain, app language, plan status, and tax-related app settings).
    • Order information needed for VAT and invoice-related features.
    • Customer information needed for VAT/B2B processing (for example customer ID, email, tags, and VAT-related fields).
    • App installation/session data required for authentication and secure app operation.

B) Data merchants provide directly to us

We may collect information provided by merchants in app settings or support communications, such as:

    • Contact details (for example merchant email used for notifications/support).
    • Business preferences and configuration choices (for example widget settings, B2B settings, and invoice options).
    • Optional uninstallation feedback (reason/notes) if provided by the merchant.

C) Data collected from merchant customers through app forms (if enabled)

When merchants enable storefront widgets/forms, data submitted can include:

    • Name
    • Email
    • Company name
    • VAT number
    • Business details (address, country, website, phone)
    • B2B application status, review timestamps, rejection reason, and internal notes

D) Technical and operational records

We may generate and store operational records, including:

    • VAT validation outcomes and related status/error details
    • B2B email delivery tracking records (for example received/approved/rejected email sent status)
    • Security and audit timestamps needed to keep the App reliable and traceable
    • Billing and subscription transaction records

4) How we use data

We use personal data to:

    • Provide and operate App functionality (VAT validation, B2B application workflows, discount and customer tag syncing, invoice and notification features).
    • Maintain App security, prevent abuse, and debug technical issues.
    • Communicate operational messages (for example B2B application updates) when configured by the merchant.
    • Meet legal obligations, including responding to privacy rights requests.

We do not sell personal data.


5) Legal bases (EEA/UK where applicable)

Where GDPR/UK GDPR applies, we rely on one or more of:

    • Contract: To provide the App to merchants.
    • Legitimate interests: To secure, improve, and support the App.
    • Legal obligation: To comply with applicable legal requirements.
    • Consent: Where required by law.

6) Data retention

We retain data only for as long as needed to provide the App, maintain service integrity, comply with legal obligations, resolve disputes, and enforce agreements.

When the App is uninstalled or data is no longer required for these purposes, we delete, anonymize, or securely aggregate data within a reasonable period, subject to legal requirements.


7) International data transfers

If we transfer personal data outside the country where it was collected, we use appropriate safeguards as required by applicable law, such as:

    • Standard Contractual Clauses (SCCs), where relevant.
    • Equivalent approved transfer mechanisms.

8) Sharing and disclosure

We share personal data only when necessary to run the App and our business, for example:

    • Infrastructure and hosting providers
    • Email delivery providers
    • Professional advisors or authorities when legally required

We require service providers to protect personal data and process it under contract.


9) Cookies and similar technologies

We do not use tracking cookies.


10) Merchant and end-customer rights

Depending on jurisdiction, individuals may have rights to:

    • Access personal data
    • Correct inaccurate data
    • Delete data
    • Restrict or object to processing
    • Data portability
    • Withdraw consent (where processing relies on consent)

Requests can be sent to: goyanidevelopers@gmail.com.

For Shopify App Store apps, we also support required privacy/compliance workflows (including Shopify compliance webhooks) for data request and redaction handling.


11) Security

We use reasonable technical and organizational safeguards to protect personal data, including access controls, secure transport, and operational monitoring. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.


12) Children's data

The App is intended for businesses and is not directed to children.


13) Changes to this policy

We may update this Privacy Policy from time to time to reflect changes to our App, legal requirements, or business operations. We will post the updated version at the policy URL and update the "Last updated" date above.


14) Contact

Contact: goyanidevelopers@gmail.com

Address: 2nd Floor, Office no.212 Billenium Business Corner, Nr. Savaliya circle, Yogi Chowk, Surat, GJ, 395006, IN


image
image
image
image
image

We are a leading IT firm that offers professional Shopify Store and Shopify Application Development service as well as Offshore Website Solutions to clients both, global and domestic..

Company

Our products

  • image