Privacy Policy

Last Updated: 18.03.2026

Welcome to Ecommerce GodFather (“we,” “us,” or “our”). This document serves as our Privacy Policy and sets out the Data Processing Agreement (DPA) between us and the merchants (“Merchants,” “you”) who use our SaaS platform and WordPress plugin to integrate WooCommerce with Telegram and Max Mini Apps.

1. Our Role: Data Processor vs. Data Controller

Under the General Data Protection Regulation (GDPR) and similar privacy laws (like CCPA/CPRA), there is a strict distinction between a Controller and a Processor:

  • The Merchant is the Data Controller: You determine the purposes and means of processing your customers’ personal data. You are responsible for obtaining explicit consent from your customers.
  • Ecommerce GodFather is the Data Processor: We process your customers’ data strictly on your behalf, according to your instructions, and solely to provide our Cloud CRM, order synchronization, and Mini App infrastructure.

2. Information We Process

To provide our Services, we process two categories of data:

A. Merchant Data (B2B):

  • Account details (email, billing information).
  • Integration credentials (WooCommerce API keys, Telegram/Max bot tokens, webhook URLs).

B. End-User Data (Your Customers): Processed automatically when users interact with your Mini App:

  • Messenger IDs, usernames, and basic public profile information.
  • E-commerce activity (browsing history, favorites, abandoned carts).
  • Order details (names, shipping addresses, phone numbers, purchased items) synced with your WooCommerce store.

3. GDPR Compliance & Data Subject Rights

As a Data Processor, we assist Merchants in fulfilling their GDPR obligations:

  • Right to Erasure (“Right to be Forgotten”): If a customer requests data deletion from your store, you can delete their profile via your WordPress backend or our SaaS dashboard, which will permanently purge their data from our servers.
  • Right of Access & Portability: We provide tools for you to export customer CRM data and order history.
  • Sub-processors: We use third-party cloud infrastructure, including servers located in the Russian Federation (e.g., FirstVDS), to host our backend and databases. We implement strict access controls and encryption to ensure data security.
  • Data Breach Notification: In the event of a security breach compromising end-user data, we will notify affected Merchants within 48 hours so you can inform your local supervisory authorities.

4. CCPA / CPRA Compliance (California Residents)

We comply with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

  • Do Not Sell or Share My Personal Information: Ecommerce GodFather does not sell, rent, or share Merchant or End-User personal data with third-party data brokers, advertising networks, or external parties for commercial purposes. Data is used exclusively to operate your messenger store.

5. International Data Transfers

Our infrastructure operates globally. When processing data for users in the European Economic Area (EEA), UK, or other regulated regions, data may be transferred to our servers located in the Russian Federation or our operational hubs in Vietnam. Because these jurisdictions may not have the same data protection laws as your home country, we rely on legally recognized transfer mechanisms, including Standard Contractual Clauses (SCCs) and robust data encryption, to ensure that all cross-border data transfers meet GDPR adequacy requirements.

6. Data Retention and Security

We retain end-user data in our Cloud CRM only for as long as your Ecommerce GodFather subscription remains active.

  • If a Merchant’s account is suspended or deleted, or if the API connection is permanently revoked, we will automatically schedule the deletion of all associated bot data and customer profiles within 90 days.
  • All API communication between your WordPress server and our SaaS platform is secured via HTTPS/TLS encryption.

7. Merchant Obligations

By using our Service, you agree to include a link to this Privacy Policy in your own store’s privacy documentation and explicitly inform your customers that their orders and profiles are processed via the Ecommerce GodFather Mini App infrastructure.

8. Contact Information

For privacy-related inquiries, data deletion requests, or DPA compliance questions, please contact our Data Protection Officer (DPO) at:

Website: https://egodfather.app

Email: support@egodfather.app

Start accepting orders in messengers today

Join hundreds of stores growing their revenue with Ecommerce GodFather.

Start for free Contact us