Privacy Policy

⚠ Draft — pending legal review

This document is an early working draft provided for IndieMagic's private beta and for integration-partner onboarding. It has not yet been reviewed by legal counsel, does not constitute legal advice, and is not a final or binding policy. A reviewed policy will be published before IndieMagic leaves beta.

1. Scope

This policy describes how IndieMagic ("IndieMagic," "we," "us") handles information when independent retailers and their authorized team members use the Service. It covers account information, the store and business data that flows through connected systems, and usage information. The IndieMagic operating legal entity and any region-specific disclosures will be added upon legal review.

2. Information we collect

Account information. When you sign in (for example, with Google or an email-based code), we collect identifiers such as your name and email address and basic account and team membership details.

Store and business data. When your store connects a system, we import and process data from it to provide the Service — for example, inventory, catalog, and sales data from your point-of-sale, customer contact lists for email-marketing sync, and menu and order data for delivery-marketplace features.

Usage and log data. We collect technical information such as log records, device and browser information, and actions taken in the Service to operate, secure, and improve it.

3. How we use information

We use information to provide, maintain, secure, and improve the Service; to operate the integrations and automations you enable; to communicate with you about your account and the beta; and to comply with legal obligations. We do not sell personal information.

4. Third-party services and data sharing

The Service shares data with third-party providers only as needed to deliver the features you enable, including:

• Point-of-sale providers (such as BookManager) — to import your store's inventory, catalog, and sales data.
• Email-marketing providers (such as Mailchimp) — to sync the customer contact data you choose to send.
• Delivery marketplaces (such as DoorDash) — when your store enables a delivery integration, we share store, menu, and item-availability data derived from your inventory, and we process order and cancellation data DoorDash sends so your store can fulfill and reconcile those orders.
• Authentication providers (such as Google) — to sign you in.
• Infrastructure and hosting providers — to run the Service.

Each third-party provider processes data under its own terms and privacy policy. We may also disclose information if required by law or to protect the Service and its users.

5. Data retention

We retain information for as long as your account is active or as needed to provide the Service, and afterward as required for legitimate business or legal purposes. Specific retention periods will be detailed upon legal review.

6. Security

We use reasonable technical and organizational measures to protect information, including encryption of stored integration credentials. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Your choices

You can disconnect integrations, stop syncing data, or request closure of your account at any time from within the Service or by contacting us. Depending on your location, you may have additional rights regarding your personal information; those rights and how to exercise them will be detailed upon legal review.

8. Children's privacy

The Service is intended for use by businesses and their staff and is not directed to children.

9. Changes to this policy

We may update this policy as the Service evolves out of beta. Material changes will be communicated through the Service or by email.