Privacy Policy
Privacy Policy
This Privacy Policy ("Policy") describes how Unifynd Technologies Pvt. Ltd., the entity operating StackBack ("we", "us", or "our"), collects, uses, stores, shares, and protects information when you access or use our website at stackback.ai, our Shopify application, our customer portal, and any related services (collectively, the "Service").
By installing our Shopify application or accessing any part of the Service, you acknowledge that you have read, understood, and agree to the practices described in this Policy. If you do not agree, please do not use the Service.
1. Definitions
"Merchant" or "You" refers to any business, individual, or entity that installs or uses the StackBack application on a Shopify store.
"End Customer" refers to individuals who purchase products or services from a Merchant’s Shopify store and interact with StackBack features such as the customer portal, subscription widgets, bundles, or flash sale pages.
"Personal Data" means any information relating to an identified or identifiable natural person, as defined under applicable Indian law, including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 (as and when notified and applicable).
"Shopify Data" refers to data accessed through Shopify’s APIs and webhooks in connection with the Merchant’s store, including but not limited to order data, product data, customer data, and store settings.
2. Information We Collect
2.1 Information from Merchants
When you install and use our Shopify application, we may collect:
Shopify store information: store name, store URL, store owner name, email address, store locale, currency, and timezone.
Account and billing information: plan selections, billing cycle, and payment status as managed through Shopify’s billing system.
Product and catalogue data: product titles, descriptions, variants, pricing, images, and inventory data necessary to configure subscription plans, bundles, and other selling formats.
Order and transaction data: order details, delivery schedules, fulfilment status, and payment status for orders created through StackBack.
Communication preferences: email addresses and notification settings for receiving service-related communications.
Usage data: actions taken within the StackBack admin dashboard, feature usage patterns, configuration settings, and session information.
2.2 Information from End Customers
When End Customers interact with StackBack-powered features on a Merchant’s store, we may collect:
Contact information: name, email address, phone number, and shipping/billing address as provided during checkout or portal access.
Order and subscription data: subscription plans selected, delivery schedules, order history, product preferences, and renewal information.
Portal activity data: actions taken within the customer portal, including subscription management activities such as rescheduling, pausing, swapping products, and browsing bundles.
Authentication data: email addresses used for magic link authentication to access the customer portal.
Device and browser data: IP address, browser type, device type, operating system, and general location data derived from IP address.
2.3 Automatically Collected Information
We automatically collect certain technical information when you access the Service:
Log data: server logs, access times, pages viewed, referring URLs, and error logs.
Cookies and similar technologies: we use cookies, local storage, and similar tracking technologies to maintain sessions, remember preferences, and analyse usage. See Section 8 for details.
Shopify webhook data: we receive real-time data from Shopify through webhooks for events including order creation, order updates, product changes, app uninstallation, and compliance-related events (data request, data erasure, shop redact).
When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email. We (or service providers on our behalf) may then send communications and marketing to these email addresses. You may opt out of receiving this advertising by visiting https://app.retention.com/optout.
3. How We Use Your Information
We use the information collected for the following purposes:
3.1 Service Delivery and Operations
To install, configure, and operate the StackBack application on your Shopify store.
To create and manage subscription plans (prepaid and pay-as-you-go), bundles (fixed and build-your-own-box), flash sales, and try-before-you-buy campaigns.
To generate and punch Shopify orders for scheduled subscription deliveries.
To operate the customer portal, including magic link authentication, subscription management, delivery tracking, product swaps, and bundle browsing.
To send transactional emails, including order confirmations, delivery reminders, renewal notifications, PAYG payment nudges, and rescheduling confirmations.
To process billing through Shopify’s billing system.
3.2 Service Improvement
To analyse usage patterns and improve the Service’s features, performance, and user experience.
To identify and fix bugs, errors, and security vulnerabilities.
To develop new features and selling format modules.
3.3 Communication
To send you service-related notices, updates, and administrative messages.
To respond to your enquiries and support requests.
To send marketing communications where you have consented to receive them (you may opt out at any time).
3.4 Legal and Compliance
To comply with applicable laws, regulations, and legal processes.
To enforce our Terms and Conditions and protect our rights and property.
To respond to Shopify compliance webhooks (customer data requests, customer data erasure, and shop data erasure).
4. Data Sharing and Disclosure
We do not sell your Personal Data. We may share information in the following circumstances:
4.1 Service Providers
We engage trusted third-party service providers who process data on our behalf to deliver the Service. These include:
Cloud infrastructure and hosting providers for application delivery and data storage.
Email delivery providers for sending transactional communications on behalf of Merchants.
Authentication service providers for secure customer portal access.
Shopify: as the platform on which the application operates, data is shared with Shopify as necessary for app functionality, billing, and compliance.
Payment processors: billing for the Service is handled through Shopify’s built-in billing system; we do not directly process Merchant payment card information.
All service providers are bound by contractual obligations to process data only for the purposes we specify and to maintain appropriate security measures.
4.2 Legal Obligations
We may disclose information if required to do so by law, regulation, legal process, or governmental request, including requests from Indian law enforcement or regulatory authorities.
4.3 Business Transfers
In the event of a merger, acquisition, reorganisation, or sale of all or a portion of our assets, your information may be transferred as part of the transaction. We will notify you of any such change and any choices you may have regarding your information.
4.4 With Your Consent
We may share your information for purposes not described in this Policy with your explicit consent.
5. Data Processing Roles
With respect to End Customer data: the Merchant is the data fiduciary (controller) and StackBack acts as a data processor. We process End Customer data solely on the Merchant’s behalf and in accordance with the Merchant’s instructions.
With respect to Merchant account data: StackBack is the data fiduciary (controller) and processes Merchant data for the purposes described in this Policy.
Merchants are responsible for ensuring that their collection and use of End Customer data through StackBack complies with applicable privacy laws and that appropriate notices and consents have been obtained from their End Customers.
6. Data Storage and Security
6.1 Storage
Your data is stored on secure cloud servers with data centre presence in India and other locations as necessary for service delivery.
6.2 Security Measures
We implement reasonable technical and organisational measures to protect your data, including:
Encryption of data in transit using TLS/SSL.
Access controls and authentication mechanisms for internal systems.
Regular security reviews and updates.
Secure magic link authentication (no passwords stored) for the customer portal.
No method of transmission or storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security.
6.3 Retention
We retain your data for as long as your account is active or as needed to provide the Service. Upon termination or uninstallation of the StackBack application, we will retain data only as necessary to comply with legal obligations, resolve disputes, and enforce agreements. We respond to Shopify’s mandatory compliance webhooks (48-hour customer data requests, customer data erasure, and shop data erasure within 30 days) as required by Shopify’s platform policies.
7. Your Rights
Subject to applicable Indian law, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (as and when effective), you may have the following rights:
Access: request access to the Personal Data we hold about you.
Correction: request correction of inaccurate or incomplete Personal Data.
Erasure: request deletion of your Personal Data, subject to our legal retention obligations.
Grievance redressal: raise complaints regarding the processing of your Personal Data.
Nominate: nominate another individual to exercise your rights on your behalf in the event of your death or incapacity, as provided under applicable law.
To exercise any of these rights, please contact us at the details provided in Section 12. We will respond to your request within a reasonable timeframe, and in any event within the time required by applicable law.
For End Customers: if you are an End Customer and wish to exercise your data rights, please contact the relevant Merchant directly in the first instance, as they are the data fiduciary for your data. You may also contact us, and we will assist the Merchant in responding to your request.
8. Cookies and Tracking Technologies
We use cookies and similar technologies for the following purposes:
Essential cookies: required for the functioning of the Service, including session management and authentication (e.g., magic link sessions in the customer portal).
Analytics cookies: to understand how the Service is used and to improve performance.
Preference cookies: to remember your settings and configuration choices.
You can manage cookie preferences through your browser settings. Disabling essential cookies may impair the functionality of the Service.
9. Third-Party Links and Integrations
The Service operates as a Shopify application and integrates with the Shopify platform. The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of third parties, including Shopify. We encourage you to review the privacy policies of any third-party services you interact with.
10. Children’s Privacy
The Service is not directed at individuals under the age of 18. We do not knowingly collect Personal Data from children. If we become aware that we have inadvertently collected Personal Data from a child, we will take steps to delete such data promptly.
11. Changes to This Policy
We may update this Policy from time to time. When we make material changes, we will notify you by updating the effective date at the top of this Policy and, where appropriate, by sending you a notice via email or through the Service. Your continued use of the Service after such changes constitutes your acceptance of the updated Policy.
12. Grievance Officer and Contact Information
In accordance with applicable Indian law, we have appointed a Grievance Officer to address your concerns regarding data processing. You may contact us at:
Email: hello@unifyndlabs.com
Address: E4, Gul, Pali Hill, Bandra West. Mumbai - 400050
We will acknowledge your grievance within 24 hours and endeavour to resolve it within 30 days of receipt, or within such time as required by applicable law.
13. Governing Law
This Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising from or relating to this Policy shall be subject to the exclusive jurisdiction of the courts in Mumbai, Maharashtra, India.
This Privacy Policy ("Policy") describes how Unifynd Technologies Pvt. Ltd., the entity operating StackBack ("we", "us", or "our"), collects, uses, stores, shares, and protects information when you access or use our website at stackback.ai, our Shopify application, our customer portal, and any related services (collectively, the "Service").
By installing our Shopify application or accessing any part of the Service, you acknowledge that you have read, understood, and agree to the practices described in this Policy. If you do not agree, please do not use the Service.
1. Definitions
"Merchant" or "You" refers to any business, individual, or entity that installs or uses the StackBack application on a Shopify store.
"End Customer" refers to individuals who purchase products or services from a Merchant’s Shopify store and interact with StackBack features such as the customer portal, subscription widgets, bundles, or flash sale pages.
"Personal Data" means any information relating to an identified or identifiable natural person, as defined under applicable Indian law, including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 (as and when notified and applicable).
"Shopify Data" refers to data accessed through Shopify’s APIs and webhooks in connection with the Merchant’s store, including but not limited to order data, product data, customer data, and store settings.
2. Information We Collect
2.1 Information from Merchants
When you install and use our Shopify application, we may collect:
Shopify store information: store name, store URL, store owner name, email address, store locale, currency, and timezone.
Account and billing information: plan selections, billing cycle, and payment status as managed through Shopify’s billing system.
Product and catalogue data: product titles, descriptions, variants, pricing, images, and inventory data necessary to configure subscription plans, bundles, and other selling formats.
Order and transaction data: order details, delivery schedules, fulfilment status, and payment status for orders created through StackBack.
Communication preferences: email addresses and notification settings for receiving service-related communications.
Usage data: actions taken within the StackBack admin dashboard, feature usage patterns, configuration settings, and session information.
2.2 Information from End Customers
When End Customers interact with StackBack-powered features on a Merchant’s store, we may collect:
Contact information: name, email address, phone number, and shipping/billing address as provided during checkout or portal access.
Order and subscription data: subscription plans selected, delivery schedules, order history, product preferences, and renewal information.
Portal activity data: actions taken within the customer portal, including subscription management activities such as rescheduling, pausing, swapping products, and browsing bundles.
Authentication data: email addresses used for magic link authentication to access the customer portal.
Device and browser data: IP address, browser type, device type, operating system, and general location data derived from IP address.
2.3 Automatically Collected Information
We automatically collect certain technical information when you access the Service:
Log data: server logs, access times, pages viewed, referring URLs, and error logs.
Cookies and similar technologies: we use cookies, local storage, and similar tracking technologies to maintain sessions, remember preferences, and analyse usage. See Section 8 for details.
Shopify webhook data: we receive real-time data from Shopify through webhooks for events including order creation, order updates, product changes, app uninstallation, and compliance-related events (data request, data erasure, shop redact).
When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email. We (or service providers on our behalf) may then send communications and marketing to these email addresses. You may opt out of receiving this advertising by visiting https://app.retention.com/optout.
3. How We Use Your Information
We use the information collected for the following purposes:
3.1 Service Delivery and Operations
To install, configure, and operate the StackBack application on your Shopify store.
To create and manage subscription plans (prepaid and pay-as-you-go), bundles (fixed and build-your-own-box), flash sales, and try-before-you-buy campaigns.
To generate and punch Shopify orders for scheduled subscription deliveries.
To operate the customer portal, including magic link authentication, subscription management, delivery tracking, product swaps, and bundle browsing.
To send transactional emails, including order confirmations, delivery reminders, renewal notifications, PAYG payment nudges, and rescheduling confirmations.
To process billing through Shopify’s billing system.
3.2 Service Improvement
To analyse usage patterns and improve the Service’s features, performance, and user experience.
To identify and fix bugs, errors, and security vulnerabilities.
To develop new features and selling format modules.
3.3 Communication
To send you service-related notices, updates, and administrative messages.
To respond to your enquiries and support requests.
To send marketing communications where you have consented to receive them (you may opt out at any time).
3.4 Legal and Compliance
To comply with applicable laws, regulations, and legal processes.
To enforce our Terms and Conditions and protect our rights and property.
To respond to Shopify compliance webhooks (customer data requests, customer data erasure, and shop data erasure).
4. Data Sharing and Disclosure
We do not sell your Personal Data. We may share information in the following circumstances:
4.1 Service Providers
We engage trusted third-party service providers who process data on our behalf to deliver the Service. These include:
Cloud infrastructure and hosting providers for application delivery and data storage.
Email delivery providers for sending transactional communications on behalf of Merchants.
Authentication service providers for secure customer portal access.
Shopify: as the platform on which the application operates, data is shared with Shopify as necessary for app functionality, billing, and compliance.
Payment processors: billing for the Service is handled through Shopify’s built-in billing system; we do not directly process Merchant payment card information.
All service providers are bound by contractual obligations to process data only for the purposes we specify and to maintain appropriate security measures.
4.2 Legal Obligations
We may disclose information if required to do so by law, regulation, legal process, or governmental request, including requests from Indian law enforcement or regulatory authorities.
4.3 Business Transfers
In the event of a merger, acquisition, reorganisation, or sale of all or a portion of our assets, your information may be transferred as part of the transaction. We will notify you of any such change and any choices you may have regarding your information.
4.4 With Your Consent
We may share your information for purposes not described in this Policy with your explicit consent.
5. Data Processing Roles
With respect to End Customer data: the Merchant is the data fiduciary (controller) and StackBack acts as a data processor. We process End Customer data solely on the Merchant’s behalf and in accordance with the Merchant’s instructions.
With respect to Merchant account data: StackBack is the data fiduciary (controller) and processes Merchant data for the purposes described in this Policy.
Merchants are responsible for ensuring that their collection and use of End Customer data through StackBack complies with applicable privacy laws and that appropriate notices and consents have been obtained from their End Customers.
6. Data Storage and Security
6.1 Storage
Your data is stored on secure cloud servers with data centre presence in India and other locations as necessary for service delivery.
6.2 Security Measures
We implement reasonable technical and organisational measures to protect your data, including:
Encryption of data in transit using TLS/SSL.
Access controls and authentication mechanisms for internal systems.
Regular security reviews and updates.
Secure magic link authentication (no passwords stored) for the customer portal.
No method of transmission or storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security.
6.3 Retention
We retain your data for as long as your account is active or as needed to provide the Service. Upon termination or uninstallation of the StackBack application, we will retain data only as necessary to comply with legal obligations, resolve disputes, and enforce agreements. We respond to Shopify’s mandatory compliance webhooks (48-hour customer data requests, customer data erasure, and shop data erasure within 30 days) as required by Shopify’s platform policies.
7. Your Rights
Subject to applicable Indian law, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (as and when effective), you may have the following rights:
Access: request access to the Personal Data we hold about you.
Correction: request correction of inaccurate or incomplete Personal Data.
Erasure: request deletion of your Personal Data, subject to our legal retention obligations.
Grievance redressal: raise complaints regarding the processing of your Personal Data.
Nominate: nominate another individual to exercise your rights on your behalf in the event of your death or incapacity, as provided under applicable law.
To exercise any of these rights, please contact us at the details provided in Section 12. We will respond to your request within a reasonable timeframe, and in any event within the time required by applicable law.
For End Customers: if you are an End Customer and wish to exercise your data rights, please contact the relevant Merchant directly in the first instance, as they are the data fiduciary for your data. You may also contact us, and we will assist the Merchant in responding to your request.
8. Cookies and Tracking Technologies
We use cookies and similar technologies for the following purposes:
Essential cookies: required for the functioning of the Service, including session management and authentication (e.g., magic link sessions in the customer portal).
Analytics cookies: to understand how the Service is used and to improve performance.
Preference cookies: to remember your settings and configuration choices.
You can manage cookie preferences through your browser settings. Disabling essential cookies may impair the functionality of the Service.
9. Third-Party Links and Integrations
The Service operates as a Shopify application and integrates with the Shopify platform. The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of third parties, including Shopify. We encourage you to review the privacy policies of any third-party services you interact with.
10. Children’s Privacy
The Service is not directed at individuals under the age of 18. We do not knowingly collect Personal Data from children. If we become aware that we have inadvertently collected Personal Data from a child, we will take steps to delete such data promptly.
11. Changes to This Policy
We may update this Policy from time to time. When we make material changes, we will notify you by updating the effective date at the top of this Policy and, where appropriate, by sending you a notice via email or through the Service. Your continued use of the Service after such changes constitutes your acceptance of the updated Policy.
12. Grievance Officer and Contact Information
In accordance with applicable Indian law, we have appointed a Grievance Officer to address your concerns regarding data processing. You may contact us at:
Email: hello@unifyndlabs.com
Address: E4, Gul, Pali Hill, Bandra West. Mumbai - 400050
We will acknowledge your grievance within 24 hours and endeavour to resolve it within 30 days of receipt, or within such time as required by applicable law.
13. Governing Law
This Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising from or relating to this Policy shall be subject to the exclusive jurisdiction of the courts in Mumbai, Maharashtra, India.
Subscriptions Were impossible - Until now.
Subscriptions Were Impossible - Until now.
Go live in under 10 minutes. Start Selling Subscriptions. That Actually Work.
Go live in under 10 minutes. Start Selling Subscriptions. That Actually Work.
India's only Customer Lifetime Experience Engine for Indian D2C Brands. D2C tools and solutions were all made in the west, for a global standardised usage profile. Indian businesses and customers are fundamentally different. Yet no one solved for this. Until now. StackBack powers your revenue growth through subscriptions, bundles, upsells, try-before-you-buy, flash-sale campaigns and more, all activated in minutes.
Copyright © 2026 U.Labs. All rights reserved.
India's only Customer Lifetime Experience Engine for Indian D2C Brands. D2C tools and solutions were all made in the west, for a global standardised usage profile. Indian businesses and customers are fundamentally different. Yet no one solved for this. Until now. StackBack powers your revenue growth through subscriptions, bundles, upsells, try-before-you-buy, flash-sale campaigns and more, all activated in minutes.
Copyright © 2026 U.Labs. All rights reserved.