Custom Fields Privacy Policy

EFFECTIVE: 8/17/2018

This privacy policy applies to (the "Site"), a website operated by Bonify, LLC (the "Company," "us," "we" or "our").

The Site also includes the Custom Fields by Bonify app available on the Shopify platform and the Custom Fields by Bonify Chrome extension.

The Site provides the "Service" as defined in the Terms of Use.

We respect and protect the privacy of our users. This Privacy Policy explains how we collect and use your information and is part of our Terms of Use when you use our Site or Service.


Personal Data

“Personal Data” means any information relating to an identified or identifiable natural person. We collect Personal Data from two (2) classes of users of the service: Administrators for entities that contract with us or that might be interested in contracting with us (“Merchants”) and the persons that Merchants desire to use the Service offered by the Merchants (“Customer End Users”).


For Merchants, we will collect Personal Data such as:

  • First name

  • Last name

  • Email address provided by Merchant

  • Unique Identifier (token provided by Shopify)

  • Log Files, which record errors encountered during app use.

  • Email or contact information in fields that choose to make public on your site by creating and entering fields using the Services.

Customer End Users:

We do not knowingly collect Personal Data on Merchant Customers or Customer End Users. The Site and Services are not intended to be used to collect Personal Data on Customer End Users.

Tracking Data

We and our third-party service providers may collect certain tracking information about your use of our Site and Service. For example, we collect;

  • Log information (including your dates/time of access and related data)

Cookie Policy

This Cookie Policy ('Policy', henceforth) describes Company Solution's (affiliates 'we', 'us', 'our', or 'Company') cookie handling practices, and how we make use of cookies to collect information that helps us improve your online experience.

This information is collected when you visit our website, including viewing any any of our documents linked to this Policy, use our App, or even The collected information may include personal information or other information considered personal, such as your browser details, the date and time of your visit, and even your Internet Protocol address.

The Policy covers in detail the technologies used by us, why we use them, and your rights to opt in or out of being tracked in your Company account with cookies.

What are cookies?

Cookies are small text files that are downloaded by the browser that you use to reach and use our service. These cookies collect, store, and share data of your activities across websites. They are mainly used to learn about your actions when you interact with the sites and services and "remember" you and your preferences, such as your preferred browser or language, either for a single visit (via a 'session cookie') or for multiple visits (using a 'persistent cookie').

We use both session-based and persistent cookies. Here’s what they are:

Cookies may be set by either the site that you are visiting (‘first party cookies’) or by third parties, such as those who use our services (‘third party cookies’). More information on cookies can be found at

Types of cookies

The table below explains the types of cookies we use on our websites and why we use them.

Category of cookies Why we use these cookies
Necessary These cookies are strictly necessary to perform important activities such as allowing registered users to authenticate themselves to secure areas and perform account related functions. Preference These cookies allow our services to recognize you and remember your preferences when using our services. This enables us to personalize our content for you and provide you with a more personal experience without you having to re-enter your preferences every time you visit our Services.
Security These cookies help to detect, identify, and prevent suspicious or malicious activities on our services. They also detect authentication failures and take measures to increase the security of the service
Analytics These cookies collect information on how users interact with our services. This helps us understand how well our services are doing and what improvements are need. This enables us to operate our Services more efficiently, and to research and develop new Services and features.
Third-Party / Embedded Content Cookies operated by third-party applications or service providers gather browsing activity across multiple websites and across multiple sessions and use them to enhance the experience of website visitors. These cookies may be used for providing certain statistical and analytics purposes and can help to prevent fraudulent traffic or other suspicious activities. They are usually a persistent cookie and continue to stay in your system until you delete them or they expire based on the time period set in each third-party cookie. Please note that we have no direct control over the information collected by these cookies or how they use them. So it is advisable to review each third-party's cookie disclosure before consenting to this use category.

What cookies do we use?

While there are several types of cookies (as specified in the ‘types of cookies’ section), Company uses ‘Strictly Necessary’, ‘Preference’, and ‘Third-Party’ cookies.

‘Strictly Necessary’ cookies are required for using our sites and services. If you refuse to accept these cookies, we are not liable for any security breach nor can we predict how our sites and services will perform.

We use ‘Preference’ cookies to track your behavior and remember your preferences.

The ‘Third-Party’ cookies that we use include Google Analytics, ZenDesk and HotJar. You can turn them off by disabling cookies on your browser and some have opt out policies as well, for more information go to the Google Analytics Privacy Policy, HotJar Privacy Policy and Zendesk Privacy Policy.

How and why do we use cookies?

Company uses cookies to identify you as a unique user, remember you preferences, tailor our products to suit your interests and needs, and to track your usage of our sites and services. Likewise, we may also use cookies to restrict you from accessing certain content or features, protect our sites and services, and to carry out the requests that you make.

Company uses third-party applications to provide better service to all our users. These apps and services make use of persistent cookies to improve user experience, analyze user behavior, and manage content.

How to control and disable cookies

You have the right to decide whether or not to accept cookies and similar technologies. If, however, you choose to disable cookies, it may affect the availability and functionality of some components or features of Company.

Opt-out of cookies through browser

Most browsers accept cookies, by default. However, they provide ways that allow you to change cookie settings in order to make the browser refuse certain types of cookies or at least inform you before accepting cookies. You can make these changes either through the browser’s inbuilt settings or through external plugins. The procedure for changing cookie settings is different for different browsers. You can go to the help page of your browser to learn more.


If you do not opt out of accepting cookies, you agree to the collection, usage as well as sharing of your details, including your personal data, by us and by the various third-party apps (subject to their privacy and cookie policies) that we use. You can change cookie setting to revoke your consent anytime by following the steps mentioned in the ‘How to control and disable cookie settings’ section given above.



BONIFY, LLC utilizes Tracking Information to access anonymous data to help us understand how our Services are used. We use Tracking Information to customize content for you and improve our Services. Google Analytics provides reports to Company with website trends without identifying individual visitors.

Providing the Services

We use Merchant Personal Data to provide the Services, provide customer service/support and communicate with you regarding the Services and new features. If you are a Merchant, it enables us to track your use for merchant service purposes.


We will not sell, rent, or share Personal Data with third parties outside of our company without your consent, except in the following ways:

Note About Posting Personal Data in Fields.

While we do not post your Personal Data directly, Bonify’s Services includes the organizing and posting of fields by Merchant to Merchant website for viewing by the public (you can choose what data to display). If you choose to post your contact information or other Personal Data into these fields they will be viewable by third parties on your Merchant website.

Processing Your Payment

We work with Shopify to process your payment in order to use the Services. We do not collect or store your payment information or Personal Information related to payment.

Direct Marketing

We use Merchant Personal Data to communicate with you regarding the provision of the Services, but also to let you know about additional features and services we provide that may be of interest to you. If you do not wish to receive marketing communications, you may opt out at any time

Law Enforcement and Internal Operations

Personal Data may be provided where we are required to do so by law, or if we believe in good faith that it is reasonably necessary (i) to respond to claims asserted against BONIFY, LLC or to comply with the legal process (for example, discovery requests, subpoenas or warrants); (ii) to enforce or administer our policies and agreements with users; (iii) for fraud prevention, risk assessment, investigation, customer support, product development and debugging purposes; or (iv) to protect the rights, property or safety of BONIFY, LLC, its users or members of the general public. We will use commercially reasonable efforts to notify users about law enforcement or court-ordered requests for data unless otherwise prohibited by law. However, nothing in this Privacy Policy is intended to limit any legal defenses or objections that you may have to any third-party request to compel disclosure of your information.

Business Transfer

BONIFY, LLC may sell, transfer or otherwise share some or all of its assets, including Merchant Personal Data, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.  Under such circumstances, BONIFY, LLC will use commercially reasonable efforts to notify its users if their personal information is to be disclosed or transferred and/or becomes subject to a different privacy policy.


We sometimes contract with other companies and individuals to perform functions or services on our behalf, such as software maintenance, data hosting, sending email messages, etc. We necessarily have to share your Personal Data with such third-parties as may be required to perform their functions. We take steps to ensure that these parties take protecting your privacy as seriously as we do, including entering into Data Processing Addendum(s), EU Model Clauses and/or ensuring these third-parties have EU-U.S. and Swiss-US Privacy Shield certification.

Third Party Service Providers

Use of the Shopify Platform and Shopify as Controller in Common

Our Service is intended to work with the Shopify platform, which collects your information, including your Personal Data and processes it for Merchants that use the Shopify platform. As such, Shopify is also a Controller in common of your Personal Information. For Merchants, this means that they have their own policies as to how they use your Personal Information as a customer of theirs. If you would like to know more about Shopify’s privacy and data protection practices, please refer to their privacy policy or contact their Data Protection Officer at or at the addresses below:

Shopify Residents outside of the European Economic Area:

Shopify Inc.
Attn: Chief Privacy Officer
150 Elgin St., 8th Fl
Ottawa, ON K2P 1L4

Shopify Residents of the European Economic Area:

Shopify International Limited
Attn: Data Protection Officer
c/o Intertrust Ireland
2nd Floor 1-2 Victoria Buildings
Haddington Road
Dublin 4, D04 XN32

The following third-party processors collect personal data on our behalf and transmit it to us:

Third-Party Provider: Zendesk (
Location of the Processing: United States (US).
Basis for Processing: Zendesk is EU-US Privacy Shield Certified
Purpose and Personal Data collected: collects email address and correspondence history through service help center and support ticketing system, including, but not limited to install/uninstall and Merchant upgrades/downgrades.
Privacy Policy:

Third-Party Provider: Drip (
Location of the Processing: United States
Basis for Processing: EU Standard Contractual Clauses and Data Protection Addendum
Purpose and Personal Data collected: Email marketing tool. The service collects the merchant’s name; email address, site domain; Application status (current or past client) for Bonify campaign engagement. For more information on their privacy and data protection practices, please refer to their Privacy Policy.

Third Party Provider: HotJar
Location of Processing: Malta
Basis for Processing: Located in the European Union
Purpose and Personal Data collected: HotJar tracks and records Merchant activity on our Services solely for the purposes of improving the Services and providing Merchant support. We implement screens to limit our access to your Personal Data. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device's IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. To opt-out of HotJar collecting such data go their Opt Out Page. For more information on HotJar’s privacy and data collection practices, please refer to their Privacy Policy

Third Party Provider: Google Analytics
Location of Processing: United States
Basis for Processing: US-EU Privacy Shield and EU Standard Contractual Clauses with Data Processing Amendment.
Google Analytics collects information about the use of the Services. Google Analytics collects information such as how often users visit this site, what pages they visit when they do so, and what other sites they used prior to coming to this site. We use the information we get from Google Analytics only to improve this site, but in anonymous form. Google Analytics collects only the IP address assigned to you on the date you visit this site and assigns a user ID code, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Google uses this information to analyze your use of the website, to generate reports about website activities for website operators and to provide further services related to website and internet use. Google may also share such information with third parties to the extent it is legally required to do so and/or to the extent third parties process data on behalf of Google. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy and Data Processing Amendment. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser. You may block Google Analytics on some browsers with the help of a browser add-on if you do not want us to use this website analysis. This add-on can be downloaded at: ' For more information on Google Analytics and Google’s privacy practices, please review their privacy policy at


We have implemented reasonable administrative, technical and physical security measures to protect your personal information against unauthorized access, destruction or alteration. For example:

However, because no security system can be 100% effective, we cannot completely guarantee the security of any information we store, process or transmit.

Payments Encryption: Bonify works with Shopify utilizes only PCI-DSS compliant third-party payment processors to ensure the security of your personal information. Users should review Insert NAME And Link to the Payment Encryption company here initiating transactions on the Site.


Right to Review or Withdraw Consent

You can update most of your Personal Data by logging on to your Shopify account. However, if additional assistance is required to change or delete inaccuracies within your Personal Data or would like to know what information about you was collected, please contact us at We reserve the right to charge for copies of data requested.

If you would like to stop receiving email communications, follow the unsubscribe instructions at the bottom of the email.

Right to Withdraw Consent

You have the right to withdraw consent where such consent is required to share or use data. People located in the European Economic Area (EEA) may request that we delete your Personal Data. If you receive communications from us and no longer wish to receive them, please follow the removal instructions in the email or change your account settings. You can delete your Personal Data uninstalling the app through the Shopify dashboard. However, since your Personal Data is required for us to provide the Services to you, deleting it will also terminate your access to the services. Deleting your Personal Data does not mean that all of it will be removed. If you request that we remove your Personal Data, we will work with you to find ways to comply with your lawful request where possible. We may be required by law, to retain it to exercise or defend legal claims, or contractual obligations with our customers to retain some information in connection with our obligation to provide the Services. We may de-identify and anonymize some data for purposes of retaining it.

If you would like to stop receiving email communications, follow the unsubscribe instructions at the bottom of the email.

Data Portability

If you are located in the EEA and you would like us to transmit your Personal Data to another company providing similar services using the Shopify network or otherwise, we will work with them to do so upon request and verification of such request with both the requestor and the company receiving the Personal Data.

Right to Redress

If you are located in the EEA and you believe we have violated any data protection laws you may file a complaint with the Data Protection Authority.

Transnational Transfer of Data

If you are providing your Personal Data to us directly to use our Services, we will transmit your data, including your Personal Data, to the United States in order to fulfill our contractual obligations to you.


California residents who have an established business relationship with BONIFY, LLC may make a written request to BONIFY LLC about whether BONIFY LLC has disclosed any Personal Information to any third-parties for the third-parties' direct marketing purposes during the prior calendar year. To make such a request, please send an email or write us:

ADDRESS: 83 Amherst Street, FL2, Manchester, NH 03101
PHONE: 603 518-7387

Third Party Websites

We may link to other websites or use third party services such as Amazon’s S3 to connect with the Service. When you click on one of these links or use these services, you are ‘clicking’ to another website or using a third party service. BONIFY, LLC does not control the data collection or privacy practices of such third-party sites. We encourage you to read the privacy policies of any third-party sites, as their collection, use and storage practices, and policies may differ from ours.

Minors Under 16-years of Age

BONIFY, LLC does not knowingly collect or store any personal information from or about children under the age of 16.

If you believe a child under the age of 16 has under any circumstances provided us with personal information and data, a parent or legal guardian can email us at to request that their children’s information be deleted from our records and we will work with our partners to resolve the request

Do Not Track

Do Not Track” or DNT is a feature enabled on some browsers that sends a signal to request that a web application disable its tracking or cross-site user tracking. At present, our Site does not respond to or alter its practices when a DNT signal is received.

Changes to Privacy Policy

BONIFY, LLC reserves the right to amend this Privacy Policy at any time. If BONIFY, LLC makes material changes to its Privacy Policy, we will notify you by (1) changing the Effective Date on our Privacy Policy and provide additional notification either (1) via email or other means as we may deem commercially reasonable.


If you ever have any questions about our online Privacy Policy, please contact us. We respect your rights and privacy, and will be happy to answer any questions or concerns you might have. You may direct any such questions to us via email at