Privacy Policy

Effective date: 2025-09-27

This Privacy Policy describes how CapitalOS ("CapitalOS," "we," "us," or "our") collects, uses, shares, and protects information in connection with our websites (including capitalos.io and app.capitalos.io), products, services, integrations, and related activities (the "Services"). It also explains your choices and rights regarding your information.

If you have questions or requests, contact us at support@capitalos.io.

Who we are

  • CapitalOS provides analytics, campaign tracking, and operational tooling for e‑commerce teams and marketers, including integrations with Meta (Facebook/Instagram), Shopify, and Slack.
  • For most merchant data processed through our integrations (e.g., Shopify store data, Meta Conversions API events), we act as a processor/service provider to our business customers (the "Customer"). For our own marketing websites, accounts, billing, support, and platform telemetry, we are a controller.

Scope

This Policy covers:

  • Our websites and applications at capitalos.io and app.capitalos.io
  • APIs, SDKs, and integrations we provide
  • Data we process on behalf of our Customers via third‑party platforms (Meta, Shopify, Slack, etc.)
  • Data we collect from end users interacting with our Customers’ stores and ads, where applicable

It does not cover third‑party sites/services governed by their own policies.

Information we collect

  1. Account, organization, and user data
  • Name, email, password hashes, organization, roles, preferences
  • Billing/contact details and subscription metadata (if enabled)
  1. Service and usage data
  • App configuration, feature flags, logs, diagnostic events, error traces
  • Device/browser info, IP address, timestamps, cookies, and similar identifiers
  1. Integration data you authorize us to access
  • Meta Marketing/Graph APIs: ad accounts, campaigns, insights, pixels/datasets, and related metadata you grant access to
  • Shopify: store info, orders, line items, customer identifiers (e.g., email), UTM parameters, and operational metrics, as configured by you
  • Slack: workspace/team ID, channel ID(s), bot/user tokens required to post notifications, message delivery metadata
  1. Event and attribution data (if you enable attribution features)
  • Server‑side Conversions API events (e.g., Purchase, ViewContent) and associated attributes (SKU/content_ids, currency, value, timestamps)
  • user_data for matching (e.g., email, phone). For Meta CAPI, we SHA‑256 hash these fields before sending to Meta, in line with Meta Business Tools Terms
  • UTM parameters, click identifiers (fbclid), and browser identifiers (fbp) when available
  1. Support and communications
  • Emails, support tickets, product feedback, and survey responses

We do not intentionally collect sensitive categories such as government IDs, precise geolocation, health, or biometric data.

How we use information

We use information to:

  • Provide and operate the Services and integrations you configure
  • Authenticate users, manage organizations, and deliver in‑app functionality
  • Retrieve marketing performance and insights from Meta and other platforms
  • Send server‑side events to Meta (Conversions API) to improve attribution accuracy
  • Analyze and improve reliability, security, and performance
  • Provide support, training, and service notifications
  • Comply with legal obligations and enforce terms

Legal bases (EEA/UK): contract (to deliver Services), legitimate interests (e.g., product improvement, security), consent (where required), and legal obligations.

How we share information

We share information only as necessary to operate the Services, at your direction, or as required by law:

  • Meta (Facebook/Instagram)

    • When you connect Meta and enable Conversions API, we send server‑to‑server events to your configured pixel/dataset. We hash user_data fields (e.g., email, phone) using SHA‑256 before transmission. We may include fbc/fbp, IP address, and user agent if available and configured. We may query Marketing/Graph APIs for ad accounts, campaigns, and insights per your authorization.
    • We comply with Meta Business Tools Terms and applicable platform policies. We do not sell or license Meta Business Tools Data. We only use the data on your behalf to provide the Services you requested (e.g., attribution and reporting).

  • Shopify

    • When you connect Shopify, we retrieve store, orders, line items, and related data per the scopes you grant for attribution and analytics. We process this data solely to provide the Services and do not sell it.

  • Slack

    • When you connect Slack, we use tokens you authorize to post notifications to specified channels. We do not read or store Slack message history beyond what is necessary to deliver your chosen notifications.

  • Infrastructure and subprocessors

    • Hosting, databases, and storage providers (e.g., cloud hosting, Supabase, and S3‑compatible storage) to securely run and store the Service. We engage vendors under data processing agreements with appropriate safeguards.

  • Professional advisors, security, and legal compliance

    • To comply with valid legal requests or protect rights, safety, and security.

We do not sell personal information. For CPRA, we do not "sell" personal information, and we only "share" personal information for cross‑context behavioral advertising to the extent you enable Meta Business Tools on your properties; you can disable or instruct us to disable such sharing.

Meta (Facebook/Instagram) specifics

  • Business Tools Data and Conversions API
    • We act as your processor/service provider for Meta Business Tools Data processed through our platform.
    • For Conversions API, we send events to your pixel/dataset. Where user_data is used, we SHA‑256 hash fields (e.g., email/phone) before transmission. We may include IP address, user agent, fbc/fbp for matching, and event_id for deduplication.
    • We support event deduplication by coordinating browser (pixel) and server (CAPI) events via a shared event_id when you choose to implement both.
  • Dataset Quality and Insights
    • At your direction, we can call Dataset Quality and Insights endpoints to display diagnostics and reporting in your dashboard. We only access assets you authorize.
  • Limited Data Use and regional signals
    • Where applicable and at your instruction, we honor signals intended to limit data use for certain jurisdictions. You are responsible for ensuring you have a lawful basis for collecting and sharing data and for configuring your Meta assets accordingly.
  • No sensitive categories
    • You must not send sensitive personal data to our Services or to Meta via our Services. We prohibit the use of our Services to collect or transmit data that violates Meta’s policies or applicable law.
  • Data retention for Meta Business Tools Data
    • We minimize and do not retain hashed user_data beyond what is necessary to construct and transmit CAPI requests. We do not store raw user_data used solely for CAPI beyond transient processing.
    • We may retain minimal metadata (e.g., event_id, timestamps, pixel/dataset ID, response status) for troubleshooting and audit for a limited period.
  • Your responsibilities
    • You must maintain appropriate notices and obtain any legally required consents from your end users (e.g., cookie consent, disclosures about sharing data with Meta).
    • You must configure your Meta assets and app permissions consistent with Meta policies and your legal obligations.

Data retention

  • Account, organization, and billing records: retained while your account is active and as required by law thereafter.
  • Operational logs and telemetry: typically 90–180 days unless needed to investigate security issues or comply with law.
  • Conversions API user_data used solely for matching: processed transiently and not retained in identifiable form after transmission.
  • Shopify/Slack tokens and configuration: retained while the integration is active and deleted upon disconnect or at your request.
  • Backups: retained per our disaster recovery policies for limited durations.

We may anonymize/de‑identify information and use it for legitimate business purposes where permitted.

International transfers

We may transfer information to countries other than your own where we or our subprocessors operate. We implement appropriate safeguards for cross‑border transfers (e.g., Standard Contractual Clauses) where required.

Security

We implement technical and organizational measures to protect information, including:

  • Encryption in transit; encryption at rest for managed databases and storage
  • Access controls, least privilege, and audit logging
  • Key/token management and environment segregation
  • Vulnerability management and monitoring

No system is perfectly secure; please notify us immediately at support@capitalos.io of any suspected incidents.

Your choices and rights

Depending on your location and role (controller vs. processor), you may have rights to:

  • Access, correct, or delete your personal information
  • Object to or restrict processing; withdraw consent (where applicable)
  • Port your data
  • Opt out of sharing for cross‑context behavioral advertising (CPRA)
  • Lodge a complaint with a supervisory authority (EEA/UK)

Exercising rights:

  • If you are an end user of a Customer, contact the relevant Customer (data controller) first; we will support them in responding.
  • If you are a direct CapitalOS user or have questions about this Policy, email support@capitalos.io.

Cookies and tracking: manage cookie preferences via your browser and/or in‑site controls (where provided). For Meta ads preferences, see your Facebook Ad Preferences.

Children’s privacy

Our Services are not directed to children under 16 (or the age defined by applicable law). We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact support@capitalos.io.

Data deletion instructions

For a concise summary, see https://capitalos.io/en/legal/data-deletion . You (or your controller) can request deletion by:

  1. In‑app: Disconnect integrations and use available deletion controls, and/or
  2. Email: Send a deletion request to support@capitalos.io from the verified account email, specifying the organization and scope (e.g., Meta connection, Shopify data, Slack tokens).

Upon verification, we will delete or anonymize data within a reasonable period, subject to lawful retention requirements. For Meta App Review, these instructions serve as our Data Deletion Instructions.

Processor/Service Provider terms

Where we process personal data on behalf of a Customer:

  • We act as a processor/service provider and will process personal data only on documented instructions from the Customer (controller), including with respect to integration configurations and data flows to Meta/Shopify/Slack.
  • We maintain confidentiality, implement security measures, assist with data subject requests, and support compliance with applicable laws.
  • We engage subprocessors under written agreements with equivalent protections; a current list or categories is available on request.

Third‑party integrations

  • Meta: When enabled, we process Meta Business Tools Data and Conversions API events to your configured assets. We hash user_data fields prior to transmission and support event deduplication via event_id. We do not retain hashed user_data beyond transient processing.
  • Shopify: When enabled, we access the scopes you grant (e.g., orders, line items, customers’ emails where applicable). We process this data solely to provide the Services you request.
  • Slack: When enabled, we store minimal tokens necessary to send notifications to your chosen channels. We do not read or store Slack message history beyond what is necessary to deliver notifications you configure.

Do Not Sell or Share (CPRA)

We do not sell personal information. To the extent "sharing" for cross‑context behavioral advertising may occur through your use of Meta Business Tools, you can disable such sharing through your configuration and/or instruct us to implement controls that limit sharing. You may also contact support@capitalos.io to exercise your rights.

Changes to this Policy

We may update this Policy from time to time. Material changes will be posted on capitalos.io with an updated Effective date. Your continued use of the Services after an update constitutes acceptance.

Contact us

CapitalOS Website: https://capitalos.io Email: support@capitalos.io