Introduction

Anthem ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

Information We Collect

Information You Provide

Account Information

Name, email address, password, company name, and contact details when you create an account

Business Information

Merchant or partner business details, tax information, and payment details

Communications

Information you provide when contacting support or providing feedback

Information from Third-Party Integrations

When you connect third-party services (such as Shopify), we collect:

Product Data

Product names, descriptions, images, prices, variants, and inventory levels

Order Data

Order numbers, dates, line items, prices, discounts, taxes, and fulfillment status

Customer Data

Customer names, email addresses, phone numbers, and shipping/billing addresses associated with orders

Automatically Collected Information

  • Device information and browser type
  • IP address and general location
  • Usage patterns and interactions with the Service
  • Log data and analytics

How We Use Your Information

We use the collected information for the following purposes:

Store Management

  • Syncing and displaying orders in merchant dashboards
  • Tracking order fulfillment and status
  • Managing product catalogs and inventory
  • Generating sales reports and analytics

App Functionality

  • Processing orders placed through partner storefronts
  • Calculating and distributing commissions
  • Facilitating communication between merchants and partners
  • Providing customer support

Service Improvement

  • Analyzing usage patterns to improve the platform
  • Debugging and fixing technical issues
  • Developing new features

Data Sharing and Disclosure

We do not sell your personal data. We may share information in the following circumstances:

  • Between Merchants and Partners: Order and product information is shared between connected merchants and partners as necessary to fulfill orders
  • Service Providers: We use third-party services (hosting, payment processing, analytics) that may process data on our behalf
  • Legal Requirements: We may disclose information if required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

Data Security

We implement appropriate technical and organizational measures to protect your data:

Encryption

Data is encrypted in transit (TLS/HTTPS) and at rest

Access Controls

Role-based access controls limit who can access personal data

Token Security

Third-party access tokens are encrypted before storage

Audit Logging

We maintain logs of access to sensitive data

Regular Backups

Data is backed up regularly with encrypted backups

Data Retention

We retain your information for as long as necessary to provide the Service and comply with legal obligations:

Account Data

Retained while your account is active and for a reasonable period after deletion

Order Data

Retained for the period required by tax and accounting regulations (typically 7 years)

Analytics Data

Aggregated and anonymized data may be retained indefinitely

Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a portable format
  • Opt-Out: Opt out of certain data processing activities
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at legal@onanthem.com.

Third-Party Services

Our Service integrates with third-party services that have their own privacy policies:

Shopify

View Shopify Privacy Policy

Stripe

View Stripe Privacy Policy

Supabase

View Supabase Privacy Policy

International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where applicable.

Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Privacy Inquiries

legal@onanthem.com

California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising privacy rights

We do not sell personal information as defined by the CCPA.

GDPR Compliance

For users in the European Economic Area (EEA), we process personal data based on the following legal bases:

Contract

Processing necessary to provide the Service

Legitimate Interests

Processing for fraud prevention, security, and service improvement

Legal Obligation

Processing required by law

Consent

Where you have provided explicit consent