Privacy Policy
Last updated: 12 July 2026
ShopiLab respects your privacy and is committed to protecting your personal information. This Privacy Policy explains what information we collect, how we use it, who we may share it with and what rights you have regarding your information.
By using our website or contacting us, you acknowledge the practices described in this Privacy Policy.
1. Who We Are
ShopiLab provides Shopify development, website design, conversion rate optimization and related e-commerce services.
Website: https://shopilab.org
Email: contact@shopilab.org
Development email: development@shopilab.org
WhatsApp: +358 40 446 7912
Country of operation: Finland
References to “ShopiLab,” “we,” “us” or “our” in this Privacy Policy refer to ShopiLab.
2. Information We Collect
The information we collect depends on how you interact with our website and services.
We may collect:
- Your name
- Email address
- Telephone or WhatsApp number
- Company name
- Website or Shopify store address
- Project requirements
- Services you are interested in
- Estimated project budget
- Competitor or reference website links
- Messages and communication sent to us
- Documents, images, screenshots or files you upload
- Billing and transaction information
- IP address
- Browser type
- Device information
- Operating system
- Pages visited
- Time and date of visits
- Referring website
- Login and account information
- Cookie and website usage information
Please do not send sensitive personal information unless it is necessary for the service and specifically requested by us.
3. How We Collect Information
We may collect information when you:
- Visit our website
- Submit a contact or quotation form
- Book a consultation
- Purchase a service
- Contact us by email
- Contact us through WhatsApp
- Upload a project brief or other file
- Provide access to your Shopify store or website
- Create an account
- Leave a comment
- Communicate with us during a project
Some technical information is collected automatically through cookies, server logs and similar technologies.
4. How We Use Your Information
We may use your information to:
- Respond to your enquiries
- Understand your project requirements
- Prepare quotations and proposals
- Book and manage consultations
- Process service orders
- Provide Shopify, website and e-commerce services
- Communicate with you during a project
- Provide customer support
- Request project information or store access
- Process invoices and payments
- Maintain business and accounting records
- Improve our website and services
- Monitor website performance
- Detect spam, fraud and security threats
- Protect our website and systems
- Resolve complaints or disputes
- Comply with legal and regulatory obligations
- Send relevant service updates where permitted
We will not use your personal information for purposes that are unrelated to those described in this Privacy Policy unless legally permitted or you have given your consent.
5. Legal Basis for Processing
Where applicable, we process personal information on one or more of the following legal grounds:
Contract
We process information when it is necessary to provide a service you purchased or requested.
Steps Before Entering a Contract
We process information to answer enquiries, prepare quotations and discuss potential projects.
Legal Obligations
We may process and retain information to comply with accounting, taxation, regulatory and other legal requirements.
Legitimate Interests
We may process information where reasonably necessary to operate our business, maintain website security, prevent fraud, improve our services and communicate with clients.
Consent
Where consent is required, such as for certain marketing or non-essential cookies, we process information based on your permission.
You may withdraw your consent at any time.
6. Contact and Quotation Forms
When you submit a contact, quotation or project form, we may collect information such as:
- Name
- Email address
- Telephone number
- Company name
- Website address
- Selected service
- Estimated budget
- Project description
- Reference website links
- Uploaded files
We use this information to review your request, understand your project, contact you and prepare a quotation or proposal.
Submitting a form does not create a contract unless both parties separately agree to proceed.
7. Consultation Bookings
When you book a consultation, we may collect your name, email address, telephone number, preferred meeting time and any project information you provide.
This information is used to schedule the meeting, send booking information and discuss your project requirements.
A third-party booking or video-meeting provider may also process your information according to its own privacy policy.
8. Service Orders and Payments
When you purchase a service, we may collect:
- Name
- Email address
- Billing information
- Service selected
- Order details
- Payment status
- Transaction reference
- Invoice information
Payments may be processed by an independent payment provider. The payment provider may collect payment-card or bank information directly.
ShopiLab does not normally receive or store your complete payment-card details.
9. Client Store and Project Access
To provide Shopify development, website design, CRO or related services, you may give us access to:
- Your Shopify store
- Website administration
- Theme files and source code
- Applications and integrations
- Analytics accounts
- Advertising accounts
- Product information
- Order information
- Customer information
- Business documents
- Project materials
We use this access only to provide the agreed services, resolve technical issues and complete project-related work.
You should provide only the access required for the project. Access may be removed after the project is completed.
Where we process personal information on behalf of a client, the client is generally responsible for deciding how and why that information is processed.
10. Comments
When visitors leave comments on the website, we may collect:
- Information entered in the comment form
- IP address
- Browser user-agent information
This information may be used for comment moderation, security and spam detection.
An anonymized string created from your email address may be provided to the Gravatar service to check whether you use it.
The Gravatar Privacy Policy is available at:
After your comment is approved, your profile picture may be visible publicly next to your comment.
Comments and related metadata may be retained indefinitely so that follow-up comments can be recognized and approved automatically.
11. Uploaded Images and Files
If you upload images, documents, screenshots or other files, they may contain personal information or hidden metadata.
Images may include embedded location information, such as EXIF GPS data. You should remove this information before uploading an image unless it is necessary for the project.
Visitors may be able to download publicly available images and extract location information from them.
Do not upload confidential information or information belonging to another person unless you have permission to provide it.
12. Cookies
Cookies are small files stored on your device when you visit a website.
We may use cookies to:
- Keep the website functioning
- Remember your preferences
- Maintain account sessions
- Improve website performance
- Understand how visitors use the website
- Protect the website from misuse
- Process forms and service orders
Comment Cookies
When you leave a comment, you may choose to save your name, email address and website in cookies.
These cookies are provided for convenience so that you do not need to enter the same information again when leaving another comment. They normally remain for one year.
Login Cookies
When you visit a login page, a temporary cookie may be created to check whether your browser accepts cookies.
This cookie does not contain personal information and is normally removed when you close your browser.
When you log in, cookies may be used to save your login information and display preferences.
Login cookies normally remain for two days. Display preference cookies may remain for one year.
When you select “Remember Me,” your login may remain active for two weeks.
Login cookies are removed when you log out.
Publishing Cookies
When you edit or publish an article, an additional cookie may be stored in your browser.
This cookie does not contain personal information. It only identifies the article that was edited and normally expires after one day.
Analytics Cookies
Analytics cookies may help us understand how visitors use the website, which pages they visit and whether website errors occur.
Where legally required, analytics cookies will only be used after you provide consent.
Marketing Cookies
Marketing cookies may be used to measure advertising performance or provide more relevant advertising.
Where legally required, marketing cookies will only be used after you provide consent.
Managing Cookies
You may manage or disable cookies through your browser settings or through the cookie preference tool displayed on the website.
Disabling essential cookies may cause some parts of the website to stop working correctly.
13. Embedded Content From Other Websites
Pages on our website may contain embedded content, including:
- Videos
- Images
- Maps
- Social-media content
- Articles
- Scheduling tools
- Payment tools
- External forms
Embedded content behaves in a similar way to visiting the third-party website directly.
Those third-party websites may:
- Collect information about you
- Use cookies
- Use additional tracking technologies
- Monitor your interaction with their content
- Connect your activity to an existing third-party account
ShopiLab does not control how these independent third parties process your information.
14. External Links
Our website may include links to third-party websites or platforms, including WhatsApp, LinkedIn, payment providers and booking services.
When you open an external link, the third party may collect and process your information under its own privacy policy.
We are not responsible for the privacy practices, security or content of independent third-party websites.
15. Who We Share Information With
We do not sell or rent your personal information.
We may share information with trusted providers where necessary to operate our website and provide services, including:
- Website hosting providers
- Domain providers
- WordPress service providers
- Shopify
- Email providers
- Communication platforms
- Booking and meeting providers
- Payment processors
- Accounting providers
- Analytics providers
- Website-security providers
- Backup and file-storage providers
- Spam-detection services
- Contractors assisting with client projects
- Professional advisers
- Government authorities where legally required
These providers may only receive the information reasonably required to perform their services.
Visitor comments and form submissions may be checked by automated spam-detection or website-security services.
If you request a password reset, your IP address may be included in the password-reset email.
16. International Data Transfers
Some third-party providers may process or store information outside Finland or outside the European Economic Area.
Where required, appropriate safeguards may be used for international transfers, including:
- An adequacy decision
- Standard Contractual Clauses
- Other legally recognized transfer protections
Third-party providers may provide additional information about international transfers in their own privacy policies.
17. How Long We Keep Your Information
We keep personal information only for as long as reasonably necessary for the purpose for which it was collected.
Enquiries and Quotations
Enquiry and quotation information may normally be retained for up to 24 months after the latest communication.
Client and Project Information
Client and project information may be retained throughout the business relationship and afterwards where necessary for support, recordkeeping, disputes or legal claims.
Accounting and Transaction Records
Invoices, payment information and accounting records may be retained for the period required by applicable accounting and taxation laws.
Uploaded Files
Uploaded files may be retained while reviewing an enquiry or completing a project. Files that are no longer required may be deleted.
Account Information
Account information may be retained while the account remains active.
Certain information may remain after account deletion where required for security, legal, accounting or fraud-prevention purposes.
Comments
Comments and their metadata may be retained indefinitely to recognize and approve follow-up comments.
Security Logs
Technical and security logs may be retained for a limited period for troubleshooting, fraud prevention and website protection.
Backups
Deleted information may remain temporarily in secure backups until those backups are replaced or deleted.
18. Your Privacy Rights
Depending on applicable law, you may have the right to:
- Request access to your personal information
- Request a copy of your personal information
- Correct inaccurate information
- Complete incomplete information
- Request deletion of your information
- Request restriction of processing
- Object to certain processing
- Object to direct marketing
- Request data portability
- Withdraw your consent
- Submit a complaint to a data-protection authority
These rights may be subject to legal limitations.
For example, we may need to retain certain information for accounting, taxation, security, dispute-resolution or other legal purposes.
To make a privacy request, contact:
We may request reasonable information to verify your identity before processing your request.
19. Marketing Communications
We may send information about our services where you have provided consent or where otherwise permitted by law.
You may stop receiving marketing messages at any time by:
- Using the unsubscribe option in the message
- Contacting contact@shopilab.org
Stopping marketing messages will not prevent us from sending necessary messages relating to an active enquiry, order, project or account.
20. Data Security
We use reasonable technical and organizational measures to protect information against:
- Unauthorized access
- Accidental loss
- Misuse
- Alteration
- Disclosure
- Destruction
These measures may include:
- Access restrictions
- Password protection
- Secure website connections
- Authentication controls
- Security updates
- Monitoring
- Backups
No website, internet transmission or electronic storage system can be guaranteed to be completely secure.
21. Children’s Privacy
Our website and services are intended for businesses and adults.
We do not knowingly collect personal information from children who are not legally able to provide valid consent.
If you believe that a child has provided personal information through our website, contact us so that we can review and remove the information where appropriate.
22. Automated Processing
We may use automated tools for:
- Spam detection
- Fraud prevention
- Website security
- Analytics
- Error detection
We do not normally use automated systems to make decisions that create legal or similarly significant effects for visitors or clients.
23. Changes to This Privacy Policy
We may update this Privacy Policy when:
- Our website changes
- Our services change
- Our data-processing practices change
- Legal requirements change
- We begin using new service providers
The updated policy will be published on this page with a revised “Last updated” date.
24. Contact Us
For questions, requests or concerns regarding this Privacy Policy or your personal information, contact:
ShopiLab
Website: https://shopilab.org
Email: contact@shopilab.org
WhatsApp: +358 40 446 7912
Country: Finland