Defendant operates a web-based payment processing platform offered to merchants nationwide. Plaintiff alleged that defendant violated California’s privacy laws by retaining customers’ personal data obtained from the merchants and tracking the customers. This decision holds that defendant is not subject to personal jurisdiction in California because it did not target its activity to California or its consumers but operated its payment processing and data collection practices the same way without regard to where sales occurred. Plaintiff’s claims do not relate to Shopify’s broader contacts with California to promote its business with merchants since those contacts are not causally connected or related to the privacy invasions that form the basis of plaintiff’s claims. The data extraction activities were not aimed at California simply because plaintiff is a California resident and suffered harm here. Operating an interactive website alone is not enough to confer personal jurisdiction everywhere from which the website is accessible, there must be some forum-specific focus or showing defendant meant to cultivate an audience in the forum. The fact that a broadly accessible web platform knowingly profits from consumers in the forum state is not enough. The defendant website must have a forum-specific focus or specifically appeal to the audience in the forum state. The court also considers how the defendant’s business operates and particularly whether actions of third parties, like the merchants here, choose where the defendant’s business affects consumers.