Privacy

Shopify Product Descriptions AI Privacy Policy

Current public-facing privacy draft for reviewer and merchant trust checks.

Last updated: 2026-06-16

1. Overview

Shopify Product Descriptions AI ("the App") helps merchants generate and review product-content drafts inside Shopify admin before optionally applying approved updates back to their catalog.

This policy explains what store data the App accesses, how that data is used, how long it is kept, and who to contact with privacy questions.

2. Data we access

To provide the product workflow, the App accesses:

  • Shopify store domain and app session data
  • product titles
  • product descriptions
  • product tags
  • SEO title and SEO description fields
  • merchant-configured settings such as preferred tone, banned phrases, required claims, keyword defaults, and default playbook
  • lightweight recent activity records about generate/apply actions

The App requests only the readproducts and writeproducts scopes and does not access customer, order, or payment data.

3. How we use data

We use this data to:

  • load products into the embedded workflow
  • generate structured draft content from real Shopify product facts
  • score drafts with deterministic QA checks
  • let merchants review and selectively apply approved fields
  • persist merchant settings for future sessions
  • show recent activity summaries for trust and operational visibility

We do not sell merchant or store data, and we do not use it to train models.

4. AI provider handling

The App supports two provider modes. A local mock mode is used for development and safe review and does not send any data to an external AI provider. An azure_foundry mode is used in production, where relevant product facts and merchant settings are sent to Azure AI Foundry solely to generate the draft content the merchant requests. Azure AI Foundry processes this data as a sub-processor and does not receive Shopify customer or order data.

5. Data retention

The App persists, per shop:

  • Shopify app session records required for authentication
  • merchant settings
  • lightweight recent activity summaries for generate/apply events

This data is retained while the App is installed. When a merchant uninstalls the App, or when Shopify sends a shop/redact request, the associated data is deleted within 30 days. Merchant and store data-deletion requests are also handled through Shopify's mandatory customers/data_request, customers/redact, and shop/redact compliance webhooks.

6. Data sharing and sub-processors

The App relies on the following processors to operate:

  • Shopify (platform and merchant data source)
  • Azure AI Foundry (AI draft generation)
  • self-managed cloud hosting (CapRover) for the application server and database

We do not share store data with any party other than the processors listed above, and only to the extent needed to run the service.

7. Merchant controls

Merchants control whether generated content is applied to Shopify. The App is designed around review-before-apply rather than blind automatic writeback. Merchants can update their saved settings at any time or uninstall the App through Shopify, which begins the deletion process described in section 5.

8. Security and access

The App operates using the minimum product scopes needed for the workflow (readproducts, writeproducts). Data is transmitted over HTTPS, and access to the hosting environment is restricted to the operator.

9. Contact

Privacy questions can be directed to:

  • Operator: MB Procrastinatorius, operating as Product Descriptions AI
  • Email: shopify@selfspark.app
  • Location: Republic of Lithuania