Privacy Policy

Last updated: April 12, 2026

This Privacy Policy describes how BERG: Store Locator & Maps ("the App"), developed by Berg Event, collects, uses, and protects information when you use our Shopify application.

1. Information We Collect

Store Information: When you install the App, we access your Shopify store domain, access tokens, and scopes as required by Shopify's OAuth process. This is necessary to operate the App within your store.

Venue Data: Store owners enter venue information (names, addresses, descriptions, images, contact details) through the admin panel. This data is stored in our database and displayed on the public storefront.

Analytics Data: We collect anonymous analytics events (page views, contact clicks, website clicks) to provide store owners with usage statistics. We do not collect visitor IP addresses, session identifiers, or any personally identifiable information about storefront visitors.

Geolocation: The App may request a visitor's geographic location to sort venues by distance. This is only done with explicit consent via a GDPR-compliant consent modal. Location data is processed entirely in the visitor's browser and is never sent to or stored on our servers.

2. How We Use Information

• To display venue listings and maps on your Shopify storefront
• To provide analytics dashboards showing venue performance
• To authenticate and manage your app installation
• To sort venues by distance when the visitor consents to geolocation

3. Data Storage & Security

All data is stored on secure, encrypted servers hosted by Railway (railway.app) with PostgreSQL databases. Access tokens are stored securely and only used for authorized Shopify API operations.

4. Data Sharing

We do not sell, rent, or share your data with third parties. Data is only shared with:

• Shopify: As required by the Shopify platform for app functionality
• OpenStreetMap / CARTO: Map tiles are loaded from CARTO's CDN — no user data is sent to them
• Nominatim (OpenStreetMap): For geocoding addresses entered by store owners (not visitors)

5. Data Retention

Venue data and analytics are retained as long as the App is installed. When you uninstall the App, all associated data (venues, analytics, settings, translations) is permanently deleted within 30 days.

6. GDPR Compliance

The App is designed to comply with GDPR and Norwegian privacy law (Personopplysningsloven):

• No visitor personal data is collected or stored
• Geolocation requires explicit consent before activation
• No cookies are set by the App (language preference uses localStorage)
• Analytics are fully anonymous (no IP, no session tracking)

7. Your Rights

As a store owner, you can:

• Access all your data through the App's admin panel
• Export your data via CSV from the admin dashboard
• Delete individual venues or all data by uninstalling the App
• Request a full data export or deletion by contacting us

8. Contact

For privacy-related questions, contact:

Berg Event
Email: kontakt@bergevent.no
Norway

9. Changes

We may update this Privacy Policy from time to time. Changes will be reflected by the "Last updated" date at the top of this page.