Introduction
Who we are: BlackBox is attribution software for Shopify stores, operated by Heal Ventures LLC, which also runs shopifyappauthority.com.
What this policy covers: This privacy policy applies to both getblackbox.io and shopifyappauthority.com. Both sites are operated by the same company and may share certain data for advertising purposes.
Contact information: You can reach us at healventuresllc@gmail.com or hello@shopifyappauthority.com.
Effective Date: October 1, 2025
Our Properties
- getblackbox.io: Attribution software SaaS product for Shopify stores
- shopifyappauthority.com: Affiliate site reviewing Shopify apps and providing educational content
This policy covers both sites. Each site has its own purpose and audience but are both operated by Heal Ventures LLC, located in Las Vegas, Nevada, United States.
Information We Collect
Information You Provide
On getblackbox.io:
- Account information: Email address, Shopify store URL, business name
- Payment information: Collected and processed by Stripe. We only store the last 4 digits of your payment method
- Support communications: Emails and chat messages when you contact support
On shopifyappauthority.com:
- Email address: If you subscribe to our newsletter or updates
- Name: Optional, if you choose to provide it
- Comments: If you leave comments on blog posts
- No payment information: We do not collect payment information on this site
Information We Collect Automatically
On both sites:
- Usage data: Pages visited, features used, time spent on site
- Device information: Browser type, operating system, IP address
- Cookies and tracking: Via Google Tag Manager (GTM-M5L9MW5H)
- Referral source: How you found us (search engines, ads, social media)
On getblackbox.io specifically:
- Feature usage: Which BlackBox features you use
- Dashboard interactions: Clicks, navigation patterns
Information From Your Shopify Store (getblackbox.io only)
Order data: We collect order ID, date, amount, and customer journey data to provide attribution analytics.
We collect: Order totals, timestamps, UTM parameters, session data, traffic source information
We do NOT collect: Customer emails, names, addresses, payment information, or any personally identifiable customer data
We only store aggregated attribution data needed for analytics.
How We Use Your Information
On getblackbox.io:
- Provide attribution analytics service: Process and analyze your order data
- Process payments: Via Stripe for subscription billing
- Send transactional emails: Receipts, trial reminders, important feature updates
- Improve our product: Analyze feature usage to make BlackBox better
- Customer support: Respond to your questions and issues
On shopifyappauthority.com:
- Send newsletter: If you opted in - Shopify app reviews, tips, and guides
- Improve content: Understand what articles are helpful
- Respond to comments: Engage with community
- Generate affiliate revenue: We earn commissions when you click affiliate links and make purchases
We Do NOT:
- Sell your data to third parties
- Share customer PII from your Shopify store
- Use your data to train AI models
- Cross-contaminate email lists (shopifyappauthority.com subscribers will NOT receive BlackBox marketing emails unless they separately sign up for BlackBox)
- Send spam emails
Email List Separation
Important:
- shopifyappauthority.com email list: Receives only content about Shopify apps, reviews, and tips
- getblackbox.io email list: Receives only BlackBox product updates and attribution tips
- We do NOT share or cross-market between lists
- Each list has separate unsubscribe options
- Subscribing to one does NOT subscribe you to the other
Cross-Site Advertising and Remarketing
We may share anonymized audience data between our properties for advertising purposes:
- If you visit shopifyappauthority.com, you may see BlackBox ads on other websites
- If you visit getblackbox.io, you may see shopifyappauthority.com content promoted to you
- This uses cookie-based ad tracking and remarketing
- These cookies may track you across both getblackbox.io and shopifyappauthority.com
- Used to show you relevant ads for both sites
- You can opt-out via our cookie banner or browser settings
We use Facebook Custom Audiences and Google Customer Match with hashed emails for remarketing. When we create remarketing audiences, emails are hashed before upload - platforms never receive plain text.
Affiliate Links on shopifyappauthority.com
- We earn commissions when you click certain links and make purchases
- These are clearly marked as affiliate links
- Does not cost you extra
- We only recommend products we genuinely believe in
- Affiliate cookies track your clicks to attribute commissions properly
Third-Party Services We Use
Vercel
Purpose: Hosting and infrastructure for getblackbox.io
Data: Application data, logs
Privacy policy: vercel.com/legal/privacy-policy
Supabase
Purpose: Database and authentication for getblackbox.io
Data: Account data, store data, attribution data
Data location: US-West region
Privacy policy: supabase.com/privacy
Stripe
Purpose: Payment processing for getblackbox.io
Data: Billing information, payment methods
Privacy policy: stripe.com/privacy
Google Tag Manager and Analytics
Purpose: Product and content analytics on both sites
Data: Usage patterns, session information
Privacy policy: policies.google.com/privacy
Facebook (Meta Platforms)
Purpose: Advertising pixels and remarketing
Data: Cookie IDs, hashed emails for Custom Audiences
Note: No personally identifiable information is shared, only cookie IDs. Emails are hashed before upload.
Privacy policy: facebook.com/privacy
Your Rights
Under GDPR (EU users):
- Access: Request a copy of your data from either or both sites
- Rectification: Correct inaccurate data
- Erasure: Delete your account and data
- Data portability: Export your data in a machine-readable format
- Object: Opt-out of marketing from either site
- Restrict processing: Limit how we use your data
Under CCPA (California users):
- Know: What data we collect on each site
- Delete: Your data from either or both sites
- Opt-out of data sale: We do not sell data, but we do share for remarketing
- Opt-out of sharing: For targeted advertising purposes
To exercise your rights: Email healventuresllc@gmail.com and specify which site(s) your request concerns.
Data Retention
getblackbox.io:
- Account data: Kept while account is active
- After cancellation: Deleted within 30 days
- Backups: Retained for 90 days then permanently deleted
- Analytics data: Retained for 14 months
shopifyappauthority.com:
- Email subscribers: Kept until you unsubscribe
- After unsubscribe: Removed within 30 days
- Analytics data: Retained for 14 months
- Comments: Kept indefinitely unless deletion requested
Data Security
- Encryption in transit: TLS/SSL on both sites
- Encryption at rest: Database encryption
- Access controls: Role-based permissions (admin, support, user)
- Regular security audits
- Secure password hashing: Industry-standard algorithms
- Data location: US-West region (Vercel and Supabase)
Children's Privacy
Our services are not intended for users under 18. We do not knowingly collect data from minors. If you believe we have collected data from a minor, please contact us immediately at healventuresllc@gmail.com.
International Data Transfers
Data is stored in US servers via Vercel (US-West region) and Supabase (US-West region).
EU data protection: Protected under standard contractual clauses approved by the European Commission.
Changes to This Policy
We may update this policy from time to time. Changes will be:
- Posted on this page
- Email notification sent for material changes
- Applies to both getblackbox.io and shopifyappauthority.com
Contact Us
Email: healventuresllc@gmail.com
For shopifyappauthority.com: hello@shopifyappauthority.com
Address: 10257 Missouri Meadows St, Las Vegas, NV 89183
Company: Heal Ventures LLC
Data Protection Officer: BlackBox Team, healventuresllc@gmail.com
Last updated: October 1, 2025
Effective date: October 1, 2025