Privacy Policy

1. What We Collect

Information You Give Us

When you create an account or use the Service, you provide:

• Name, email address, and phone number
• Business name, address, and type
• Tax identification and licensing information
• Login credentials (passwords are hashed, never stored in plain text)
• Product catalogs, pricing, and event details you create
• Support messages and communications with us

Information We Collect Automatically

• IP address and approximate location
• Device type, operating system, and browser
• Pages visited, features used, and session duration
• Transaction metadata (amounts, timestamps, order details)
• Device identifiers for order attribution

Referral Program Data

If you participate in the Rowie referral program, we collect and process:

• Your referral code and link
• The identity of users you refer (and, if you were referred, who referred you)
• Referral status, activation dates, and expiration dates
• Earnings amounts, commission calculations, payout history, and clawback records
• Stripe transfer IDs associated with referral payouts

Payment Data

Rowie does not collect, store, or have access to full card numbers, CVV codes, or sensitive payment authentication data. All payment information is collected and processed directly by Stripe. We only receive transaction references and limited payment tokens from Stripe.

2. How We Use Your Information

• Operate and improve the Service
• Process transactions through Stripe Connect
• Send transactional emails (receipts, order confirmations, password resets)
• Detect and prevent fraud, abuse, and security threats
• Provide customer support
• Generate analytics and business insights for your dashboard
• Track referral relationships, calculate commissions, process referral payouts, and detect referral program abuse
• Report referral earnings to tax authorities where required by law
• Comply with legal, tax, and regulatory requirements
• Communicate service updates and operational notices

We do not sell your personal information. We do not use your data for advertising purposes.

3. Who We Share Data With

Stripe

We share necessary information with Stripe to facilitate payment processing, manage disputes, and meet compliance requirements. Stripe's use of data is governed by Stripe's Privacy Policy.

Infrastructure Providers

We use third-party services for hosting, email delivery, error monitoring, and analytics. These providers process data on our behalf under contractual obligations to protect it.

Legal Requirements

We may disclose information when required by law, subpoena, or court order, or when necessary to protect our rights, investigate fraud, or respond to government requests.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change.

4. Cookies and Analytics

We use Google Analytics (GA4) to understand how visitors use our marketing website. For visitors in the EU/EEA/UK, analytics cookies are only set after you provide consent through our cookie banner, in accordance with GDPR. Non-EU visitors are tracked automatically with cookieless pings until consent state is determined.

The Rowie app and vendor dashboard do not use third-party analytics cookies.

5. How Long We Keep Data

We retain your information for as long as your account is active and as needed to provide the Service. After account closure:

• Transaction records may be retained for up to 7 years for tax and compliance purposes
• Account data is deleted or anonymized within 90 days, unless we are legally required to keep it
• Backup copies may persist in encrypted backups for up to 30 additional days

6. How We Protect Your Data

• All data is encrypted in transit (TLS) and at rest
• Passwords are hashed with BCrypt (never stored in plain text)
• Access to production systems is restricted by role
• Payment data is handled entirely by Stripe (PCI-DSS Level 1 certified)
• We use webhook signature verification to prevent tampering

No system is 100% secure. We take reasonable measures to protect your data but cannot guarantee absolute security.

7. Your Rights

Depending on where you are located, you may have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your data (subject to legal retention obligations)
• Object to or restrict certain processing
• Data portability (receive your data in a structured format)
• Withdraw consent for analytics cookies at any time

To exercise any of these rights, email us at support@rowie.io. We will respond within 30 days.

8. Your Responsibilities as a Merchant

If you collect customer data through Rowie (e.g., email addresses for receipts, customer names for orders), you are responsible for:

• Maintaining your own privacy policy if required by law
• Obtaining customer consent where applicable
• Complying with data protection laws in your jurisdiction (GDPR, CCPA, etc.)
• Training your staff on data handling best practices

9. Children

Rowie is not intended for use by anyone under 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with data, contact us and we will delete it promptly.

10. International Transfers

Rowie LLC is based in Wyoming, United States. If you use the Service from outside the US, your information will be transferred to and processed in the United States. By using the Service, you consent to this transfer. We rely on standard contractual clauses and other lawful mechanisms for international data transfers where required.

11. Updates to This Policy

We may revise this Privacy Policy from time to time. Material changes will be communicated via email or an in-app notice at least 14 days before they take effect. Continued use of the Service after the effective date constitutes acceptance.

12. Contact

For privacy questions, data requests, or concerns:

Rowie LLC
30 N Gould St #R, Sheridan, WY 82801
support@rowie.io