Privacy Policy

Last updated: February 15, 2026

This Privacy Policy describes how Loomic ("we", "us", or "our") collects, uses, and shares information when you install and use the BuyAgain application ("the App") through the Shopify platform.

1. Information We Collect

When you install and use BuyAgain, we access certain information from your Shopify store through Shopify's APIs. Specifically:

• Order data: Order history including order dates, product information, quantities, and order values. We use this to calculate reorder intervals and predict when customers need to repurchase.
• Customer data: Customer names and email addresses associated with orders. We use this to display predictions in the app and to enable you to contact customers who need to reorder.
• Product data: Product titles, IDs, and variant information. We use this to identify which products are consumable and calculate repurchase intervals.
• Store information: Your store domain and basic store settings needed to operate the App.

We do not collect any data directly from your customers. All data is accessed through Shopify's secure APIs with permissions you grant during installation.

2. How We Use Your Information

We use the information we collect solely to provide and improve the BuyAgain service:

• To calculate product reorder intervals based on historical purchase patterns
• To predict when individual customers are likely to need a product replenishment
• To display customer predictions, statuses, and metrics in the App dashboard
• To enable you to export customer data (CSV, copy emails) for your own marketing purposes
• To send events to Klaviyo on your behalf, if you have configured the Klaviyo integration
• To improve the accuracy of our prediction algorithms

3. Data Storage and Security

We store calculated predictions and intervals derived from your order data on secure servers. We implement industry-standard security measures to protect your data, including encrypted connections (TLS/SSL) for all data in transit and secure hosting infrastructure.

Your raw order data is processed and then stored in aggregated or calculated form (intervals, prediction dates, statuses). We do not retain raw order data beyond what is necessary for the calculations.

4. Data Sharing

We do not sell, rent, or trade your data or your customers' data to any third parties. We may share data only in these limited circumstances:

• Klaviyo (only if you enable the integration): If you connect your Klaviyo account, we send reorder events to Klaviyo on your behalf. This is entirely under your control.
• Infrastructure providers: We use hosting services (such as Fly.io) to run the App. These providers process data on our behalf under strict contractual obligations.
• Legal requirements: We may disclose information if required by law or in response to valid legal processes.

5. Data Retention

We retain your data for as long as you have the App installed. When you uninstall BuyAgain, we delete all data associated with your store within 30 days of receiving Shopify's uninstall webhook. This includes all calculated predictions, intervals, and stored customer information.

6. Your Rights

Depending on your location, you and your customers may have certain rights regarding personal data:

• Access: You can request a copy of the data we hold about your store.
• Correction: You can request that we correct any inaccurate data.
• Deletion: You can request deletion of your data at any time by uninstalling the App or contacting us directly.
• Data portability: You can export your prediction data from within the App (CSV export feature).

We respond to data subject requests within 30 days. We also comply with Shopify's mandatory privacy webhooks (customer data requests, customer data erasure, and shop data erasure) to ensure your customers' rights are respected.

7. GDPR Compliance

For users in the European Economic Area (EEA), United Kingdom, or Switzerland: we process personal data as a data processor on behalf of you, the merchant (data controller). Our legal basis for processing is the performance of our contract with you (providing the BuyAgain service). We do not transfer data outside the EEA unless adequate protections are in place.

8. CCPA / US Privacy Laws

For California residents and residents of other US states with privacy legislation: we do not sell personal information. We do not use personal information for purposes other than providing the BuyAgain service as described in this policy. You may contact us to exercise your rights under applicable state privacy laws.

9. Cookies and Tracking

BuyAgain does not use cookies or any tracking technologies on your storefront. The App operates entirely within the Shopify admin panel and does not interact with your customers' browsing experience.

10. Children's Privacy

BuyAgain is a business-to-business application designed for Shopify merchants. We do not knowingly collect personal information from children under the age of 16.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the App after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, your data, or wish to exercise your privacy rights, please contact us: