Skip to main content
Henry Social, Inc. (“Henry,” “we,” or “us”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, share, and protect information in connection with:
  • Our websites, dashboards, hosted checkout pages, widgets, and browser-based experiences;
  • Our APIs, SDKs, MCP server, and other developer tools; and
  • Any other online services that link to this Privacy Policy
    (collectively, the “Sites” or “Services”).
This Privacy Policy applies to:
  • Developers and other businesses that integrate Henry (“Customers” or “Developers”);
  • End users who interact with Henry-powered checkouts or other flows (“End Users”); and
  • Visitors to our marketing sites and docs.
By using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, you should not use the Services.

1. Key Definitions

“Personal Data” means information that identifies, relates to, describes, or can reasonably be linked to an identified or identifiable individual. This can include your name, email address, shipping address, IP address, and similar data. “Sites” means our websites, applications, widgets, blogs, social network pages, or other online, mobile, or wireless offerings and the Services we provide through them. “Services” means our infrastructure and tools that enable applications, agents, and other interfaces to facilitate shopping and checkout experiences across online merchants, including our APIs, SDKs, hosted checkout pages, and dashboards. “Merchants” means third-party brands, retailers, and other merchants whose products or services you may purchase using Henry-powered flows. Merchants remain the merchant of record for your purchases.

2. Information We Collect

The Personal Data we collect falls into several broad categories.

2.1 Information You Provide Directly

We may collect Personal Data that you choose to provide when you:
  • Sign up for a Henry account or access the Services as a Customer or Developer;
  • Use Henry-powered checkout or other flows as an End User;
  • Integrate our APIs or SDKs into your product;
  • Communicate with us (for example, by email or through support channels); or
  • Subscribe to our newsletters or marketing communications.
This may include:
  • Identifiers:
    Name, email address, phone number, company, job title, username, and password.
  • Commercial Information:
    Billing address, shipping address, transaction and order information related to your use of Henry or Henry-powered checkouts, including items purchased, cart contents, and order history.
  • Account & Integration Information:
    API keys, integration settings, merchant account identifiers, and configuration details you use with our SDKs or APIs.
  • Payment Information:
    We typically rely on third-party payment processors to handle payments. We do not store full credit or debit card numbers ourselves, but we may receive limited information related to your payment (such as the last four digits of your card, card type, and transaction status) from our payment processors and/or Merchants.
  • Support and Communications:
    Content of messages you send us, including support tickets, feedback, or other communications.

2.2 Information We Receive from Customers / Developers

Customers and Developers may submit Personal Data to us through the Services, for example when they:
  • Integrate Henry with their own applications, agents, or services;
  • Connect a Merchant account or other platform to Henry; or
  • Use Henry to facilitate checkout for their users.
Depending on the integration, this may include:
  • Identifiers:
    Names, email addresses, phone numbers, shipping addresses, and other contact details for End Users or other individuals.
  • Commercial Information:
    Product details, cart contents, order history, and other purchase-related information.
  • Interaction Data:
    Information about how End Users interact with Henry-powered flows, such as steps completed in a checkout or error states.
Customers are responsible for their own privacy and security practices. Where we process Personal Data on behalf of a Customer, the Customer’s privacy policy may also apply, and the Customer generally controls how that data is used.

2.3 Information We Automatically Collect

Like many online services, we automatically collect certain information when you visit our Sites or use our Services. We may use cookies, pixels, and similar technologies to collect some of this information. See our Cookie Policy for more details. Categories of automatically collected data may include:
  • Device Information:
    IP address, operating system, browser type and version, device identifiers, language settings, and other technical details about the device and applications you use to access the Services.
  • Log Data:
    Logs about how you access and use the Services, including timestamps, URLs, referrer URLs, response times, error codes, user agent strings, and other diagnostic information. We may also access metadata associated with files you upload or transmit through the Services.
  • Product Usage Data:
    Information about how you interact with the Services, such as which features you use, which endpoints you call, your interactions with hosted checkout pages, and performance metrics related to our Services.
We may aggregate or de-identify this information so that it can no longer reasonably be linked to a particular individual.

2.4 Information We Collect from Third Parties

We may obtain information about you from third-party sources, including:
  • Public databases and public profiles on social media platforms;
  • Service providers and partners (for example, analytics providers, fraud prevention services, and payment processors);
  • Merchants and other platforms with which we integrate.
We take reasonable steps to ensure that such third parties are permitted to share this information with us.

3. How We Use Personal Data

We use the Personal Data we collect for a variety of purposes, including:

3.1 To Provide and Operate the Services

  • Facilitating Henry-powered checkouts and other shopping flows;
  • Routing orders and order information between Customers, End Users, and Merchants;
  • Creating and managing your Henry account;
  • Operating APIs, SDKs, dashboards, and other tools;
  • Providing customer support and responding to your inquiries.

3.2 To Secure and Maintain the Services

  • Monitoring, preventing, and detecting fraud, abuse, security incidents, and other harmful activity;
  • Managing and protecting the integrity of our infrastructure and systems;
  • Debugging and troubleshooting problems;
  • Enforcing our Terms of Service and other agreements, and protecting our rights and those of others.

3.3 To Analyze and Improve the Services

  • Understanding how the Services are used;
  • Developing new features, products, and services;
  • Improving performance, reliability, and user experience;
  • Conducting research, analytics, and A/B testing.

3.4 To Communicate with You

  • Sending you service-related messages (such as account notices, technical updates, or security alerts);
  • Responding to your questions and support requests;
  • Sending you marketing communications about Henry (where permitted by law), including product updates, events, and other information we think may interest you. You can opt out of marketing communications at any time.

3.5 To Support Advertising and Marketing

  • Using cookies and similar technologies to measure the effectiveness of our marketing;
  • Showing you tailored advertising on our Sites and, where applicable, on other websites and platforms, through third-party advertising partners (subject to your choices and applicable law).
  • Complying with applicable laws, regulations, and legal processes;
  • Responding to lawful requests from public authorities;
  • Fulfilling our tax, accounting, and auditing obligations.
We may also use Personal Data for any other purpose described at the time we collect it or with your consent.

4. How We Share Personal Data

We may share Personal Data in the following ways:

4.1 Affiliates and Service Providers

We share Personal Data with our affiliates and with third-party service providers who help us operate, secure, and improve the Services. These service providers may assist us with:
  • Hosting and infrastructure;
  • Payment processing;
  • Analytics and performance monitoring;
  • Security and fraud prevention;
  • Customer support and communications;
  • Marketing and advertising.
These service providers are authorized to use Personal Data only as necessary to provide services to us and are subject to appropriate confidentiality obligations.

4.2 Merchants

When you use Henry to facilitate a purchase from a Merchant, we share relevant Personal Data with that Merchant and/or its service providers as necessary to:
  • Process your order;
  • Arrange shipping or delivery;
  • Handle returns, exchanges, or customer service;
  • Comply with the Merchant’s legal obligations.
Merchants are independent third parties with their own privacy and data practices. Their use of your Personal Data is governed by their respective privacy policies and terms, not by this Privacy Policy.

4.3 Customers / Developers

If you interact with Henry through a Customer or Developer (for example, through an AI shopping agent, application, or platform that integrates Henry), we may share Personal Data and usage information related to that integration back to the Customer, including:
  • Transaction and order information;
  • Logs and metrics relevant to the Customer’s use of the Services;
  • Contact or profile information where the Customer already has a relationship with you.
We expect Customers to use such information in accordance with their own privacy policies and applicable law.

4.4 Marketing and Advertising Partners

Through cookies and similar technologies, we may share limited information (such as cookie identifiers, IP address, and usage data) with third-party marketing and advertising partners (such as Google, Meta, and others) to help us:
  • Measure the effectiveness of our marketing;
  • Provide tailored advertising on our Sites and, where applicable, on other websites or apps you may visit.
You can manage cookie preferences through your browser settings and, where available, through our cookie banner. See our Cookie Policy for details.

4.5 De-Identified and Aggregate Data

We may share de-identified or aggregate data with Customers, partners, or other third parties to help them understand trends and usage patterns. This data cannot reasonably be used to identify an individual and is not considered Personal Data. We may disclose Personal Data if we believe in good faith that such disclosure is reasonably necessary to:
  • Comply with any applicable law, regulation, legal process, or governmental request;
  • Enforce our Terms of Service or other agreements;
  • Protect the rights, property, or safety of Henry, our users, Merchants, or the public;
  • Detect, prevent, or otherwise address fraud, security, or technical issues.

4.7 Business Transfers

In connection with any merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar transaction, Personal Data may be transferred to a successor or affiliate as part of the transaction. If such a transfer occurs, we will require the transferee to honor this Privacy Policy or provide notice and, where required, obtain your consent.
If you are located in the European Economic Area (“EEA”) or the United Kingdom, we process your Personal Data on one or more of the following legal bases:
  • Performance of a Contract:
    To provide the Services, process transactions, and fulfill our obligations under our agreements with you or the Customer you act for.
  • Legitimate Interests:
    To operate, secure, and improve our Services; prevent fraud and misuse; conduct analytics and marketing; and support our business operations, provided that our interests are not overridden by your rights and interests.
  • Consent:
    Where required by law (for example, certain marketing communications or non-essential cookies), we rely on your consent. You may withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
  • Legal Obligations:
    To comply with applicable laws and regulations (for example, tax and accounting requirements, responding to law enforcement requests, and maintaining records of your privacy rights requests).

6. Your Privacy Choices and Rights

6.1 Marketing Communications

You may opt out of receiving marketing emails from us at any time by:
  • Clicking the “unsubscribe” link in the email; or
  • Contacting us at [email protected].
Even if you opt out of marketing communications, we may still send you service-related emails (for example, about your account, security alerts, or important updates to our terms and policies).

6.2 Rights Under Certain Laws (e.g., CCPA, GDPR)

Depending on your jurisdiction, you may have certain rights regarding your Personal Data, such as:
  • The right to know whether we process your Personal Data and to access it;
  • The right to correct inaccurate Personal Data;
  • The right to request deletion of your Personal Data (subject to certain exceptions);
  • The right to restrict or object to certain processing;
  • The right to data portability;
  • The right not to be discriminated against for exercising your privacy rights.
If you are a California resident or an EEA/UK resident, additional, more specific rights may apply under the California Consumer Privacy Act (“CCPA”), the EU General Data Protection Regulation (“GDPR”), or the UK GDPR. To exercise these rights, please contact us at [email protected] with sufficient detail for us to understand and respond to your request. We may need to verify your identity before fulfilling your request. In some cases, we may direct you to contact the relevant Customer (for example, where we process your data solely on a Customer’s behalf). If you are in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority.

6.3 Developer / Customer Communications

If you no longer wish to be contacted by a Customer or Developer that uses Henry, please unsubscribe directly from that Customer’s communications or contact them to update or delete your information. Where appropriate, you can also contact us, and we may notify the Customer of your request, but we may not control how the Customer handles your data.

7. International Transfers

Henry is based in the United States, and we and our service providers may process Personal Data in the United States and other countries that may have different data protection laws than your country. Where required by law, we implement appropriate safeguards (such as standard contractual clauses) to protect Personal Data transferred from the EEA/UK or other regions to the United States or other countries. You may contact us for more information about these safeguards.

8. Children’s Privacy

Our Services are not directed to children under the age of 16, and we do not knowingly collect Personal Data from children under 16. If you become aware that a child has provided us Personal Data in violation of this Privacy Policy, please contact us at [email protected]. If we learn that we have collected Personal Data from a child under 16, we will take reasonable steps to delete that information.

9. Do Not Track

Some browsers include a “Do Not Track” (“DNT”) setting that signals to websites that you do not want your online activity tracked. The industry has not yet established a standard for responding to DNT signals, and we do not currently respond to DNT browser signals. You can manage your cookie preferences through your browser settings and, where available, through our cookie banner.

10. Cookies and Similar Technologies

We use cookies, pixels, and similar technologies to:
  • Help our Sites and Services function properly;
  • Remember your preferences;
  • Understand how you use our Services;
  • Provide and measure the effectiveness of advertising.
You can control cookies through your browser settings and, where available, through our cookie banner. For more information, please see our Cookie Policy.

11. Data Retention

We retain Personal Data for as long as necessary to:
  • Provide the Services and fulfill the purposes described in this Privacy Policy;
  • Comply with legal, tax, and accounting obligations;
  • Resolve disputes and enforce our agreements;
  • Maintain business records consistent with our retention policies.
When we no longer have a legitimate need to process Personal Data, we will delete or de-identify it, or, if deletion is not possible (for example, because it is stored in backup archives), we will securely store it and isolate it from further processing until deletion is possible.

12. Security

We take reasonable technical and organizational measures designed to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures may include encryption in transit, access controls, and regular security reviews. However, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and may provide additional notice (such as by email or in-product notice) where required by law. Your continued use of the Services after an updated Privacy Policy is posted constitutes your acceptance of the changes. If you do not agree with the updated Privacy Policy, you should stop using the Services.

14. Contact Information

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us at: Henry Social, Inc.
Attn: Privacy Officer
265 Lorimer St 401 New York, NY, 11206 US Email: [email protected]
© 2025 Henry Social, Inc. All rights reserved.