Privacy Policy

Welcome to OnPitch.io! Owned and operated by OnPitch Holdings Inc., we are committed to protecting your privacy. This Privacy Policy outlines how we collect, use, and safeguard your personal information.

We collect personal information that you voluntarily provide when using our website. This may include:

• Contact Information: Such as your name and email address when you register or contact us.
• Profile Information: Details you provide in your user profile.
• Communications: Messages you send to other users or to us.
• Usage Data: Information about how you interact with our website.
• Third-Party Platform Data: Information from connected platforms like Instagram and Shopify, including account details, access tokens, shop metadata, and transaction history.

We use the information we collect for various purposes, including:

• To Provide and Maintain Our Service: Ensuring the website functions properly and managing third-party integrations.
• To Improve Our Service: Analyzing usage to enhance user experience and platform performance.
• To Communicate with You: Responding to inquiries, updates, and promotional materials.
• To Enforce Our Terms: Preventing misuse of our platform and ensuring compliance with third-party platform policies.
• To Manage Third-Party Integrations: Processing Instagram and Shopify connections, syncing customer data, and managing access tokens.

We may share your information in the following situations:

• With Your Consent: When you agree to share information.
• Service Providers: With trusted third parties who assist us in operating our website.
• Legal Requirements: If required by law or to protect our rights.
• Third-Party Platforms: With Meta/Instagram and Shopify as required by their platform policies and for authentication purposes.

All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.

We use cookies and similar technologies to enhance your experience. You can adjust your browser settings to refuse cookies, but some features may not function properly.

Our website may contain links to third-party sites not operated by us. We have no control over their content or privacy practices and encourage you to review their policies.

We strive to protect your personal information using reasonable security measures. However, please be aware that no method of transmission over the internet is entirely secure.

Our service is not intended for individuals under the age of 13. We do not knowingly collect personal information from children.

You may update or delete your account information at any time. If you wish to unsubscribe from our communications, you can do so by following the instructions provided in our emails. You also have the right to request deletion of your personal data, including data shared with third-party platforms.

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page with an updated revision date.

If you have any questions or concerns about this Privacy Policy, please contact us at: ian@onpitch.io.

When you connect your Instagram account to OnPitch.io, we collect and process the following information:

• Instagram Account Information: Your Instagram username, account ID, page ID, and connection status
• Access Tokens: Secure tokens that allow us to send messages on your behalf
• Connection Data: When you connected your account and connection status
• Message Data: Content and metadata of messages sent through our platform
• Webhook Data: Deauthorization and data deletion requests from Meta

How We Use Instagram Data:

• To send automated responses to your Instagram followers
• To manage your Instagram Business account connection
• To provide customer support and troubleshoot issues
• To comply with Meta's platform policies and data deletion requests
• To process deauthorization requests and maintain compliance

Data Sharing: We share Instagram data only with Meta/Instagram as required by their platform policies and for authentication purposes.

Data Retention: Instagram connection data is retained while your account is connected and for up to 30 days after disconnection for compliance purposes.

Your Rights: You can disconnect your Instagram account at any time, and we will delete all associated data within 30 days.

OnPitch.io integrates with third-party platforms including Instagram (Meta) and Shopify. When you use these integrations:

• We comply with each platform's data handling requirements
• We process data deletion requests as required by platform policies
• We maintain audit logs of data access and modifications
• We implement security measures required by platform guidelines
• We maintain webhook endpoints for compliance verification

For Instagram specifically, we comply with Meta's Data Deletion Requirements. For Shopify specifically, we comply with Shopify's API Terms and handle all mandatory webhooks related to data protection (GDPR/CCPA).

We process your personal data based on the following legal grounds:

• Contract Performance: To provide our services and manage your account
• Legitimate Interest: To improve our services and ensure platform security
• Consent: When you explicitly agree to data processing
• Legal Obligation: To comply with applicable laws and platform requirements

For Instagram integration specifically, we process data based on your consent to connect your account and our legitimate interest in providing the requested services.

Your data may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards. When sharing data with Meta/Instagram, we rely on their compliance with applicable data protection frameworks.

In the event of a data breach that affects your personal information, we will notify you and relevant authorities in accordance with applicable laws. We maintain incident response procedures and will provide timely updates on any security incidents affecting your data.

When you connect your Shopify store to OnPitch.io, we collect and process the following information:

• Shop Information: Your store name, shop domain, and contact information
• Customer Data: Names, email addresses, phone numbers, and marketing consent states (email and SMS)
• Transactional Data: Order history, total spend, and purchase frequency to facilitate audience segmentation
• Product Data: Product titles, IDs, and images used for campaign engagement
• Access Tokens: Secure authentication tokens provided by Shopify to sync your data

How We Use Shopify Data:

• To sync your customer database and identify audience segments
• To track revenue and attribution for your engagement campaigns
• To provide automated rewards based on purchase behavior
• To maintain store connection and data synchronization

Mandatory Webhooks: In accordance with Shopify's policies, we process mandatory webhooks for customer data deletion (customers/redact), customer data requests (customers/data_request), and shop data deletion (shop/redact).

Data Retention and Deletion: We retain Shopify data as long as your store is connected. When you uninstall the OnPitch app or disconnect your store, we begin the deletion process. In compliance with Shopify's requirements, all store data is permanently deleted within 48 hours of receiving an uninstallation notification.