How We Do Business
For the sake of transparency, we would like to introduce you to how we make money. Every time you open a deal or a catalog in ShopGun, we get paid a certain amount of money by the store. We do not prioritize any stores over others and there's no auction. We do not show external ads or sell your personal data. We will always be free to use for people and you aren’t the product either.
Creating Your Account
When creating your account we ask for as few things as possible:
- Email:With an email we can find your account again.
- Name:To identify you with a friendly name towards others. This is currently used for shared shopping lists. It doesn't have to be your own name. It can be anything you want.
- Password:A password allowing only you to access your account.
Your data is stored in our database. You can always delete your account later.
You can subscribe to stores, currently for receiving notifications about new catalogs. By subscribing to a store, we technically create a link between a store and your account. This is stored in our database. You can always unsubscribe again, or delete your account.
You can create shopping lists and add items to them. Your data is stored in our database. You can always delete your items and lists or entirely delete your account.
Delete Your Account
If you have an account and you don't want it anymore, you can delete it on our website. You just have to login and go to settings. It will be deleted immediately without any grace period so beware, you cannot change your mind after doing this.
If you don't delete your account your data will remain in our database.
Access Your Data
If you don't have an account, we don't have any of your data, meaning we can't provide it to you or delete it. If you have an account, we can provide you with your data which currently your account, shopping lists and subscriptions to stores. Just contact us. We'll try to do it quickly but please bear with us if it takes a few days.
Who Can Access Your Data
We maintain a principle of “least permissions” internally, meaning that only those who need to access your data can access it. This means that only our CTO and very few engineers at ShopGun can technically access your data. Please note that this does not mean that we can see your password, as this is encrypted and not visible to us.
It's important for us to know our key metrics, such as how many times a catalog or deal has been seen. Not just because we need to know the overall health of our products but also to ensure our revenue as stated in how we do business to keep delivering a great app to you.
To do this, we've developed an anonymous event format that isn't personally identifiable which ensures your privacy.
For instance, let’s say that you opened a catalog in ShopGun. The following would then be sent to our servers:
|_v||The version of the event format|
|_t||When the event happened|
|_a||The ShopGun app where the event was recorded|
|_i||An autogenerated identifier that allows us to send the event multiple times to our servers without counting more than once. Technically, this is a UUID v4|
|_e||The event type. In this case it means a catalog was opened|
|l.h||Where the event was recorded. It has a precision of ±20 km meaning we have no idea where it actually happened. It uses a technique called Geohash and we only receive it if you've enabled and allowed GPS usage in ShopGun|
|l.ht||When the geohash was obtained. We use this to evaluate if the location is actually up to date. For instance, if the geohash was obtained 2 months ago, it's fair to say the location is not correct anymore|
|l.c||The country where the event was recorded. The way we detect this is by looking at your IP address and convert it via a local database. The IP is then dismissed and isn't sent around in our infrastructure. We don't store IP adresses anywhere and we can't technically prevent receiving your IP address|
|pp.id||The identifier of the catalog|
|vt||To ensure we don't bill our clients too much when you open the same catalog multiple times, we have this attribute. We call it a view token. It doesn't identify you but it makes sure it's always the same when you open the same catalog. Technically, what happens is we concatenate the catalog identifier and an autogenerated identifier from when ShopGun was installed (or website opened for the first time) and hash it. It also means if you open another catalog, we have no idea it was you opening the other catalog|
With this event format we ensure privacy for you without compromising our ability to ensure our revenue and measure key metrics. We think this is a great solution and we'd love to see more organizations use the same format.
Since these events are anonymous we store them for an unlimited period so that we have historic data.
These are the events that we currently track:
- When you open a catalog
- When you see a page in a catalog
- When you open a deal
- When you search for something
For all search events, we discard queries that are lengthy, look like a phone number, social security number, credit card number, or email. When we start tracking more events in ShopGun, we'll be sure to add them here. (We will add more events going forward but they will all be anonymous.)
Unfortunately, this section is not about actual cookies. Instead, when organizations talk about cookies, they essentially mean the data that is saved on your devices so that the next time you visit a website or use an app, you don't have to start from the beginning. With cookies, you can continue to be logged in, have your settings saved, etc.
Cookies, however, can also be used to track your behavior which is why they can be a bad thing. When you use ShopGun, we don't store cookies that can be used to track your behavior after you leave ShopGun. (This includes no advertising tracking cookies.)
These are the cookies that may be saved when using ShopGun:
We create a session cookie, which is required for ShopGun to work. It allows you to login and it isn't stored anywhere.
When you specify your address to find content near you, we save it in a cookie for your next visit for your convenience. It is only stored on your device, not on our servers. We only work with the address when you ask for content, such as deals and catalogs.
You can make shopping lists without an account. Your data is then stored in a cookie so that your shopping list is still there the next time you use ShopGun. You can always delete it and we don't store it on our servers - it’s only stored on your device.
We use Google Analytics to the count number of visitors, how many times our various pages are shown, etc. We anonymize your IP address for this and we don't use it to build a profile about you.
Third Party Services
|Company||Product||Enabled by Default||Description||Links||Implementation|
|TrackJS||TrackJS||No||Saves all client-side errors generated on the website. This allows us to detect errors and fix them quickly. They store your IP address, which is why we've disabled it by default.||Website|
|Firebase Crash Reporting||No||Firebase Crash Reporting is a monitoring service provided by Google.||Android app and iOS app|
|SDK||No||Allows you to create an account via Facebook for convenience. It also helps us understand the demographics of people who engage with our app.||Android app, iOS app and website|
|Apple||iOS||Yes||If you install our app on Apple's iOS platform certain things are emitted to Apple we can't change. This is the same for all apps you install.||iOS app|
|Android||Yes||If you install our app on Google's Android platform certain things are emitted to Google we can't change. This is the same for all apps you install.||Android app|
|Google Tag Manager||Yes||A service that gives us the ability to change analytics tracking, etc. without updating the website.||Android app, iOS app and website|
|Google Analytics||Yes||A service that allows us to measure activity in our apps and on our website. Here, we can see sessions, returning/new users, etc. We've enabled IP anonymization on Google Analytics so they don't know what your IP address is.||Android app, iOS app and website|
|Google Maps||Yes||We use Google Maps to show places on a map. It doesn't save any cookies.||Android app, iOS app and website|
|Campaign Monitor||Emails||Yes||Campaign Monitor allows us to send emails to people. For example, when creating a new account or resetting your password. Campaign Monitor currently stores a log of emails we've emailed but when you delete your account, we'll submit a request to them so that all of the logs are deleted. We are in contact with Campaign Monitor to find a better solution where logs are deleted automatically.||When requesting an email via Android app, iOS app or website|
|Amazon||Amazon Web Services||Yes||Amazon Web Services power the entire infrastructure at ShopGun. Databases, servers, image hosting, etc. We are constantly making adjustments to improve security both online and physically. For example, enabling database encryption to prevent physical access to data in AWS' data centers.||All services and apps.|
|Zendesk||Support||Yes||When you contact us everything is managed by a Danish company called Zendesk. In the contact form we ask for your name and email, which is sent to Zendesk. You can always contact us if you want to have your previous requests deleted.||Android app, iOS app and email.|
We only send you push notifications if...
- You've created an account and
- Added store subscriptions and
- Allowed ShopGun to send you push notifications
You can always remove your subscriptions or delete your account to stop receiving push notifications. Or disallow notifications for ShopGun in your settings on iOS or Android.
- You create a user to verify your email
- You request your password to be reset
- Your password has been reset
- Someone shares their shopping list with you
File a Complaint
ShopGun is responsible for your data. If you want to file a complaint you can always reach out to the data protection agency in your country:
This is the legal information about ShopGun you can use when contacting them:
|Legal Name||Founding Date||VAT Number||Address|
Arne Jacobsens Allé 16, 3.
2300 Copenhagen S
- Never sell your personal data
- Never prioritize specific stores over others
- Never spam you
Our work is not done yet. In the future we hope to:
- Encrypt shopping list. Whenever you add something to your shopping lists, it should be encrypted so that we cannot see what you add to your shopping lists
- Implement password-less login and two-factor authentication so you can sign in easier and be better secured
We'll continue to improve privacy at ShopGun and this policy. If we make any important updates to the policy, we'll be sure to give you a heads up.
If you have a need to contact us please see our contact page. We'd love to improve this page and answer any questions.