Privacy Policy

Effective Date: 27th February 2026

Welcome to BizCred: B2B Credit Management (“BizCred”, “we”, “our”, or “us”). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you install, access, or use the BizCred application (the “App”) and related services (collectively, the “Services”).

We comply with applicable privacy and data-protection laws, including GDPR (EU) 2016/679, UK Data Protection Act 2018, CCPA/CPRA, Singapore PDPA, India DPDP Act 2023, Australian Privacy Act 1988, and other applicable regional laws across the US, EU/UK, and APAC.

Questions? Contact us at apps@seventhtriangle.com

1. Who We Are

BizCred is a Shopify application developed and maintained by Seventh Triangle Consulting. We act as a data processor when processing information on behalf of Shopify merchants (“Merchants”) and a data controller for information collected about visitors to our marketing site or prospective customers.

2. Information We Collect

Categories, Examples, Source, and Purpose

Merchant Account Data

• Examples: store name, store URL, contact email, Shopify plan, locale & currency, Shopify access tokens

• Source: Merchant via Shopify OAuth

• Purpose: provide and maintain the App, authenticate and secure access, connect to Shopify APIs

B2B Configuration & Usage Data

• Examples: credit limit settings, payment term settings, rule configurations (e.g., checkout blocking/restrictions), feature interactions, logs related to configuration and app events, support tickets

• Source: automatically via in-App actions/events and Merchant inputs

• Purpose: operate the App, enforce configured business rules, troubleshooting, product improvements

B2B Transactional References (from Shopify)

• Examples: customer/company references, order identifiers, order totals, payment/fulfillment status needed to evaluate credit usage and rule enforcement

• Source: Shopify APIs (Admin) based on Merchant authorization

• Purpose: compute credit utilization, show ledger/balance views, enable rule enforcement (e.g., restrict payment methods)

Ledger Data (App-stored, Merchant controlled)

• Examples: outstanding balance, credit utilized, due amounts, adjustments/notes created by Merchant users (if your workflow supports it)

• Source: Merchant input and/or derived from Shopify order data

• Purpose: provide ledger visibility and credit management inside the App

Sensitive data

We do not intentionally collect special categories of personal data (e.g., health, biometric, children’s data). Cardholder data is handled by Shopify and payment providers via PCI-DSS compliant systems. We do not receive or store full card details.

3. Cookies & Similar Technologies

We use necessary Shopify cookies/local storage to:

• authenticate Merchants into the App dashboard

• maintain sessions and security

• remember preferences

  Where required by law, we show consent controls for optional cookies.

4. Legal Bases for Processing (GDPR/UK GDPR)

We process personal data based on:

• Contractual Necessity – to provide the Services after App installation

• Legitimate Interests – to secure, maintain, and improve the App; prevent abuse/fraud

• Consent – for optional cookies and marketing communications where required

• Legal Obligation – to comply with tax/accounting and lawful requests

5. How We Use Your Information

We use information to:

• deliver, operate, and maintain BizCred features (credit limits, terms, enforcement, ledger views)

• authenticate users and secure Merchant accounts

• retrieve required Shopify data to calculate credit utilization and display results

• provide customer support and resolve issues

• monitor performance, debug errors, and improve product reliability

• comply with legal obligations and enforce our Terms

6. How We Share Information

We do not sell personal data. We share information only:

• within Seventh Triangle Consulting on a need-to-know basis

• with vendors that help us operate the Services (e.g., cloud hosting, logging/monitoring), under appropriate contracts and safeguards

• with Shopify as required by Shopify API terms and the Shopify App Store Partner Program

• for legal reasons (e.g., to respond to lawful requests or protect rights and safety)

If data is transferred outside the EEA/UK, we rely on approved mechanisms such as Standard Contractual Clauses (SCCs) or adequacy decisions where applicable.

7. International Data Transfers

Our infrastructure may be hosted on cloud services (e.g., AWS). Primary hosting is in AWS Mumbai (ap-south-1). Depending on your location and service providers, data may be processed in other regions. Safeguards may include:

• encryption in transit (TLS 1.2+) and at rest (AES-256 where supported)

• access controls and least-privilege practices

• contractual protections with service providers

8. Data Subject & Consumer Rights

Depending on your jurisdiction, you may have rights to:

• access, correct, delete personal data

• restrict or object to processing

• data portability

• opt out of marketing communications

• withdraw consent where processing is based on consent

• lodge a complaint with a regulator

To exercise rights, email apps@seventhtriangle.com. We respond within legally required timeframes (e.g., typically 30 days under GDPR).

9. Security Measures

We use industry-standard safeguards, including:

• TLS (HTTPS) for data in transit

• encryption at rest where supported by storage services

• role-based access control and least privilege

• monitoring and logging for security and reliability

  No method of transmission/storage is 100% secure; please protect your Shopify credentials and notify us of suspected incidents.

10. Data Retention

We retain Merchant data for as long as your store uses the App, and for a reasonable period afterward as needed for:

• legal, tax, accounting obligations

• dispute resolution

• security investigations

  Upon uninstall, we delete or anonymize data within a reasonable timeframe unless retention is required by law or requested by the Merchant for continuity.

11. Children’s Privacy

The Services are not directed to children under 16. We do not knowingly collect personal data from minors.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post updates with a revised effective date and provide notice where required.

13. Contact Us

Privacy Team

BizCred: B2B Credit Management / Seventh Triangle Consulting

First Floor, 91-Springboard, C-2, Sector-1, Gautum Buddha Nagar, Uttar Pradesh - 201301

Email: apps@seventhtriangle.com

Data Protection Officer (EU/UK): Sushant Gupta, sushant@seventhtriangle.com

© 2026 Seventh Triangle Consulting. All rights reserved.