Privacy Policy

Last updated: February 2026

1. Introduction

Jewelry Configurator by JMS ("the App") is operated by JMS Dev Lab. This Privacy Policy explains how we collect, use, and protect information when you install and use our Shopify app.

2. Information We Collect

2a. From Shopify Merchants

• Shop domain and store name (provided by Shopify during installation)
• Email address associated with the Shopify account
• Billing and subscription details (processed through Shopify Billing API)
• App configuration settings (branding, markup rules, enabled series)

2b. From Store Customers

• Ring configuration selections (shape, metal, size, stones) for order fulfillment
• Consultation request details (name, email, phone) when voluntarily submitted
• Anonymous usage analytics (page views, configuration steps completed)

2c. Automatically Collected

• IP addresses (for rate limiting and security, not stored long-term)
• Browser type and device information (aggregated analytics only)

3. How We Use Information

• To provide the ring configuration service and process orders
• To communicate Stuller product specifications to fulfillment
• To display real-time pricing and product images via the Stuller DAS API
• To generate analytics dashboards for merchants
• To manage billing and subscriptions through Shopify
• To respond to support and consultation requests

4. Third-Party Services

We integrate with the following services:

• Stuller Inc. — Product images, pricing, and catalog data are fetched via Stuller's API. Stuller's privacy policy governs their data handling when Stuller-backed catalog data is used.
• Shopify — Authentication, billing, and storefront integration are managed by Shopify. Refer to Shopify's privacy policy.

We do not sell, rent, or share personal data with any other third parties.

5. Data Retention

• Merchant configuration data is retained while the app is installed.
• Upon app uninstallation, shop data is deleted within 48 hours per Shopify requirements.
• Consultation requests are retained for 12 months, then anonymized.
• Analytics data is aggregated and anonymized after 90 days.

6. GDPR Rights

If you are in the European Economic Area, you have the right to:

• Access, correct, or delete your personal data
• Object to or restrict processing of your data
• Data portability
• Withdraw consent at any time

To exercise these rights, contact us at privacy@jmsdevlab.com. We will respond within 30 days.

7. Data Security

We use industry-standard measures to protect data, including encrypted connections (TLS), secure session management, and access controls. API credentials are stored as environment variables and never exposed to the client.

8. Changes to This Policy

We may update this policy periodically. Changes will be posted on this page with an updated "Last updated" date. Continued use of the app constitutes acceptance of the revised policy.

9. Contact

JMS Dev Lab
Email: privacy@jmsdevlab.com