Privacy Policy

Last updated: 27 June 2026

Introduction

CartGain (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cart recovery platform for e-commerce businesses.

We comply with the General Data Protection Regulation (GDPR), India's Digital Personal Data Protection Act (DPDP Act, 2023), and other applicable data protection laws.

Information We Collect

1. Personal Data

  • Account Information: Name, email address, phone number, company name, and password when you create an account.
  • Payment Information: Credit card details, billing address, and transaction history (processed securely via Razorpay).
  • Communication Data: Messages you send us via support, chat, or email.

2. Business Data

  • Store Information: E-commerce platform details, store URL, and API credentials.
  • Customer Data: Abandoned cart information including customer names, emails, phone numbers, and cart contents.
  • Analytics Data: Recovery rates, conversion metrics, and campaign performance.

3. Automatically Collected Data

  • Usage Data: Pages visited, features used, time spent, and interaction patterns.
  • Device Data: IP address, browser type, operating system, and device information.
  • Cookies: We use essential cookies for functionality and analytics cookies (with your consent).

How We Use Your Data

We process your data for the following purposes:

  • Service Delivery: To provide, maintain, and improve our cart recovery services.
  • Communication: To send recovery notifications via WhatsApp, SMS, and email on your behalf.
  • Analytics: To track recovery performance and provide insights.
  • Security: To detect and prevent fraud, unauthorized access, and security incidents.
  • Legal Compliance: To comply with applicable laws and regulations.
  • Marketing: With your consent, to send promotional communications about new features or offers.

Data Sharing and Third Parties

We share data with the following categories of third parties:

  • E-commerce Platforms: Shopify, WooCommerce, etc., to sync cart data.
  • Communication Providers: WhatsApp Business API, MSG91 (SMS), Resend (Email).
  • AI Services: OpenAI (GPT-4o-mini) for AI-powered message generation — customer names and cart product details are processed to generate personalized recovery messages. OpenAI does not use API data for training.
  • Payment Processors: Razorpay for secure payment processing.
  • Cloud Infrastructure: Vercel and Supabase for hosting and database.
  • Analytics Tools: Google Analytics (anonymized data only).
  • Legal Authorities: When required by law or to protect our rights.

All third parties are bound by data processing agreements and must comply with applicable data protection laws. See our Data Processing Agreement for details.

International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for EU data and compliance with India's DPDP Act for Indian data.

Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account termination, we retain data for up to 90 days for backup purposes, then securely delete or anonymize it, unless required by law to retain longer.

Your Data Protection Rights

Depending on your location, you have the following rights:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your data (“right to be forgotten”).
  • Restriction: Limit how we process your data.
  • Data Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to certain processing activities.
  • Withdraw Consent: Withdraw consent at any time (where processing is consent-based).

To exercise these rights, contact us at support@cart-gain.com.

SMS and WhatsApp Communications (TCPA Compliance)

By using CartGain, you agree to the following:

  • Consent: You confirm that you have obtained explicit consent from your customers to receive SMS and WhatsApp messages on your behalf.
  • Opt-out: All messages include clear instructions to opt-out (e.g., “Reply STOP to unsubscribe”).
  • Message Frequency: Messages are sent based on cart abandonment events, not exceeding reasonable frequency.
  • Message & Data Rates: Standard messaging and data rates may apply to recipients.
  • Support: For help, recipients can reply “HELP” or contact your support team.

Data Security

We implement industry-standard security measures including encryption in transit (TLS/SSL), encryption at rest, access controls, regular security audits, and employee training. However, no system is 100% secure, and we cannot guarantee absolute security.

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or prominent notice on our website. Continued use after changes constitutes acceptance.

Contact Us

If you have questions about this Privacy Policy or our data practices:

Email: support@cart-gain.com

Legal: support@cart-gain.com

Grievance Officer: support@cart-gain.com

Address: Street No. 3, Line Par, Shanker Garden, Bahadurgarh, Haryana - 124507

View our Data Processing Agreement (DPA) →

Terms of ServiceDPAHome

© 2026 CartGain. All rights reserved.