Privacy Policy

Last updated: May 27, 2026

Yona Technology ("we," "our," or "us") operates the Yona Revenue Agent application for Shopify stores. This Privacy Policy explains how we collect, use, and protect information when you use our service.

1. Information We Collect

We collect the following categories of information to provide and improve our service:

• Store Data via Shopify API: When you install Yona Revenue Agent, we access your Shopify store data through Shopify's official API. This includes product information, order details, and customer data (names, email addresses, and purchase history) necessary to operate our email recovery campaigns.
• Email Addresses: We collect and process customer email addresses from your Shopify store to send personalized recovery and re-engagement emails on your behalf.
• Usage Analytics: We collect anonymized usage data about how you interact with our application, including campaign performance metrics and dashboard usage patterns.
• Account Information: Your Shopify store URL, merchant email, and plan selection when you install the app.

2. How We Use Information

We use the information we collect for the following purposes:

• To provide and operate the Yona Revenue Agent service, including generating and sending AI-personalized email campaigns to your customers
• To send cart recovery, checkout recovery, browse abandonment, re-engagement, and post-purchase emails on behalf of your store
• To improve our AI models, email personalization, and overall product experience
• To provide customer support and respond to your inquiries
• To detect and prevent fraud or abuse of our service
• To comply with legal obligations

3. Shopify API Usage

Yona Revenue Agent accesses your Shopify store data through Shopify's official API in accordance with Shopify's API Terms of Service. We only request the minimum scopes necessary to operate our service, including read access to products, orders, and customers, and write access for order attribution. Our use of Shopify data complies with Shopify's Partner Program Agreement and App Store requirements. You can revoke our API access at any time by uninstalling the app from your Shopify admin.

4. Email Communications

We send the following types of emails:

• Transactional Emails: Cart recovery, checkout recovery, browse abandonment, re-engagement, and post-purchase follow-up emails sent to your customers on your behalf. These are essential to the service and cannot be opted out of by the merchant without disabling the relevant campaign.
• Service Emails: Welcome emails, billing notifications, and important account updates sent to you as the merchant.
• Marketing Emails: Occasional product updates, tips, and promotional offers sent to you as the merchant. You can opt out of marketing emails at any time using the unsubscribe link in each email.

Your store's customers can unsubscribe from recovery emails at any time via the unsubscribe link included in every email we send.

5. Analytics

We use Plausible Analytics to understand how visitors interact with our marketing website (revenue-marketing.yonamark.com). Plausible is a privacy-friendly analytics service that does not use cookies, does not collect personal data, and is fully compliant with GDPR, CCPA, and PECR. Plausible does not track users across websites or devices and does not collect any personally identifiable information. We do not use Google Analytics or any other tracking platform that relies on cookies.

6. Data Sharing

We do not sell, rent, or trade your data or your customers' data to any third party. We share data only with the following service providers who assist us in operating our service:

• Email Delivery: We use a third-party email delivery service to send recovery and transactional emails on your behalf. This provider processes email addresses and email content solely for the purpose of delivering emails.
• Cloud Hosting: Our application is hosted on a cloud infrastructure provider that stores and processes data on our behalf under strict data processing agreements.
• AI Processing: We use AI services to generate personalized email content. These providers process store and customer data only to generate content as directed by our system and do not retain or use this data for their own purposes.
• Shopify: As a Shopify app, we share data with Shopify as required by the platform's integration, subject to Shopify's own privacy policy.

All service providers are bound by data processing agreements that restrict their use of data to providing services on our behalf.

7. Data Retention

We retain your store data and customer data only while your Yona Revenue Agent account is active. If you uninstall the app, we initiate a data deletion process within 30 days, removing all store data, customer data, and email records from our systems, except where retention is required by law. Campaign performance data may be retained in anonymized, aggregated form for product improvement purposes. You may request earlier deletion by contacting us at support@yonamark.com.

8. GDPR Rights

If you are a data subject located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can request correction of inaccurate personal data.
• Right to Erasure: You can request deletion of your personal data, subject to legal retention requirements.
• Right to Data Portability: You can request your personal data in a structured, commonly used, machine-readable format.
• Right to Object: You can object to the processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.
• Right to Restrict Processing: You can request that we limit how we use your data in certain circumstances.

To exercise any of these rights, please contact us at support@yonamark.com. We will respond to your request within 30 days. As a Shopify merchant, you also have the right to lodge a complaint with your local supervisory authority.

9. Data Security

We take the security of your data seriously and implement appropriate technical and organizational measures to protect it:

• All data is encrypted in transit using TLS 1.2 or higher
• Sensitive data is encrypted at rest using AES-256 encryption
• Access to production systems and data is restricted to authorized personnel on a least-privilege basis
• We conduct regular security audits and vulnerability assessments
• We maintain incident response procedures and will notify affected users of any data breach within 72 hours as required by GDPR

While no system is completely secure, we continuously work to protect your information against unauthorized access, alteration, disclosure, or destruction.

10. Children's Privacy

Yona Revenue Agent is not directed at children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@yonamark.com and we will take steps to delete such information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you by sending an email to the address associated with your Shopify merchant account and by updating the "Last updated" date at the top of this page. Your continued use of the service after such changes constitutes your acceptance of the updated policy.

12. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us at:

support@yonamark.com