Features
Size Charts Size Quiz
Pricing
Resources
Blog Help Center Privacy Policy
Contact
Get Started
Language
English Español Nederlands Français Deutsch Italiano Português (BR) Português (PT) Svenska

Privacy Policy — SmartSize

General

SmartSize (“the App”) provides sizing solutions (“the Service”) to merchants who use Shopify to power their stores. The Service includes both size charts and an optional AI size quiz. This Privacy Policy describes how personal information is collected, used, shared, and retained when you install or use the App in connection with your Shopify-supported store.

Where We Are Established

SmartSize is established and headquartered in Zug, Switzerland. Switzerland’s Federal Act on Data Protection (FADP) provides a level of personal-data protection equivalent to the European Union’s General Data Protection Regulation (GDPR). When data is transferred outside Switzerland or the European Economic Area, we rely on adequacy decisions and contractual safeguards as described in the International Data Transfers section below.

Personal Information the App Collects

From merchants (via Shopify APIs)

When you install the App, we are automatically able to access the following types of information from your Shopify account:

  • Store owner: Name, email address, phone number, physical address
  • Edit products: Product listings, products, or collections
  • Edit your Online Store: Theme, or Online Store page content on a path controlled by the App
  • Edit Shopify admin: Files
  • View other data: Locales

Directly from merchants

When you use the App’s admin interface, we collect the configuration you create — size charts, size quizzes, style presets, translations, button placement settings, and similar — together with your in-app interactions (page views, feature usage, error logs) so we can operate, support, and improve the Service.

From merchants’ customers (shoppers)

When a shopper uses the AI size quiz on a merchant’s storefront, we process — but do not store on our servers — the following types of information:

  • Gender
  • Height
  • Weight
  • Age
  • Body shape
  • Bra size
  • Bust
  • Waist
  • Hips

The data is processed in an anonymous manner and is never linked to a customer profile or to a Shopify customer ID. The shopper’s measurements and recommended size are cached in the shopper’s own browser (via the browser’s local storage) so that returning visits don’t require retaking the quiz.

The size chart capability does not collect any shopper-side personal information.

Cookies and tracking technologies

  • Storefront (the popup): the size quiz uses the shopper’s browser local storage to remember measurements and recommendations across visits. This storage is local to the shopper’s device and is not transmitted to SmartSize servers. No advertising or cross-site tracking cookies are set by the storefront popup. The shopper can clear this data at any time through their browser.
  • Embedded admin app (inside Shopify): the App relies on Shopify’s standard session and authentication mechanisms (App Bridge). No additional tracking cookies are set.
  • Marketing site (smartsize.io): this website uses Google Analytics to understand how visitors find and use the site. Google Analytics may set cookies on your browser to measure traffic. You can opt out via your browser’s cookie controls or Google’s Analytics Opt-out Browser Add-on.

How We Use Personal Information

We use the personal information we collect from you and your customers in order to:

  • Provide the Service and operate the App
  • Provide customer support and respond to your enquiries
  • Improve the App’s features, performance, and reliability
  • Communicate with you about your account, the Service, and changes to it
  • Send you product news and information that may be of interest to you (you can opt out at any time — see Your Rights)

We do not use shopper data for any purpose other than producing the requested size recommendation and remembering it for that shopper across visits.

Sharing Your Personal Information

We do not sell your personal information, and we do not share it with advertisers or data brokers. We share personal information only with the trusted subprocessors listed below, and only as necessary to operate the Service. We may also disclose personal information when required to:

  • Comply with applicable laws and regulations
  • Respond to a subpoena, search warrant, or other lawful request for information
  • Protect our rights, property, or safety, or that of our merchants or their customers

We never share shoppers’ quiz data and do not use it for any purpose other than providing the requested size chart, size recommendation, or related sizing service.

Subprocessors

We work with the following third-party service providers, each engaged under contractual data-protection commitments:

SubprocessorRoleData accessed
DigitalOceanCloud hosting for application servers, databases, and cacheMerchant configuration; no shopper personal data is stored
Mantle (Heya, Inc.)Subscription, billing, and usage analyticsMerchant account data only — store domain, plan, usage metrics. No shopper personal data.
Google AnalyticsMarketing-site analytics (smartsize.io only)Visitors to our marketing site. Not used inside the embedded app or on merchants’ storefronts.
ShopifyAuthentication, app distribution, and storefront integrationStandard Shopify app data per the scopes listed above

Data Security

We use industry-standard safeguards to protect personal information, including encryption in transit (TLS) for all communication between merchants, shoppers, and our servers, encryption at rest for our databases, restricted access on a need-to-know basis, and routine review of our security practices. No method of transmission over the Internet is 100% secure, but we work to keep your data safe.

International Data Transfers

SmartSize is established in Switzerland. The personal information we process may be stored or processed by our subprocessors in jurisdictions outside Switzerland and the European Economic Area, including the United States and Canada. Where required, we rely on legal mechanisms such as adequacy decisions, Standard Contractual Clauses, or equivalent safeguards.

Data Retention

We retain personal information for as long as necessary to provide the Service and to fulfill the purposes described in this Privacy Policy:

  • Merchant data (store configuration, product details, contact information, subscription records): retained for up to two years following the uninstallation of the App, to support service continuity, troubleshooting, and legal compliance.
  • Shopper data: not retained on our servers. Size quiz measurements and recommendations are cached only in the shopper’s browser and can be cleared by the shopper at any time. Upon merchant uninstallation, any residual shopper-related records are removed in accordance with Shopify’s customers/redact and shop/redact privacy webhooks.

You may request deletion of your or your customers’ personal data at any time by contacting us at [email protected].

Your Rights

If you are a resident of the European Economic Area, the United Kingdom, or Switzerland

You have the right to:

  • Access the personal information we hold about you
  • Rectify information that is inaccurate or incomplete
  • Erase your personal information (“right to be forgotten”)
  • Restrict or object to the processing of your personal information
  • Data portability — receive a copy of your personal information in a machine-readable format
  • Withdraw consent at any time where processing is based on consent
  • Lodge a complaint with your local data protection authority

We process your information to fulfill contracts we may have with you (e.g., your subscription to the App), to pursue our legitimate business interests in operating and improving the Service, and to comply with legal obligations.

If you are a California resident

Under the California Consumer Privacy Act (CCPA / CPRA), you have the right to:

  • Know what personal information we collect, use, disclose, or sell
  • Delete personal information we have collected
  • Correct inaccurate personal information
  • Opt out of the sale or sharing of personal information — note that we do not sell or share personal information for cross-context behavioral advertising
  • Non-discrimination for exercising any of these rights

To exercise any of these rights, contact us at [email protected].

Marketing communications

You can opt out of marketing communications at any time by clicking the Unsubscribe link at the bottom of any marketing email we send.

Children’s Privacy

The Service is intended for use by Shopify merchants and their adult customers. We do not knowingly collect personal information from children under the age of 13 (or under 16 in the European Economic Area). If you believe a child has provided us with personal information, please contact us at [email protected] and we will take steps to delete such information.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The “Last Updated” date at the bottom of this page reflects the most recent revision. Material changes will be communicated to merchants by email or in-app notice.

Contact Us

For questions about our privacy practices, to exercise any of the rights described above, or to make a complaint, please contact us at:

Last Updated: April 28, 2026