Privacy Policy – AiTHOR Apps

Last updated: 30 November 2025

This Privacy Policy explains how AiTHOR ("we", "us", "our") collects, uses, and protects information when you install or use any of our Shopify apps (collectively, the "Apps") in your Shopify store.

By installing or using any AiTHOR app, you agree to the collection and use of information in accordance with this policy.

1. Who we are

Controller / Developer:
AiTHOR
Email: support@aithorapp.co.uk

We build Shopify apps that help merchants manage and improve their stores, including tools for compliance, analytics, and workflow automation.

2. What our Apps do

Our Apps are designed to work inside your Shopify admin and may provide functionality such as:

  • Analysing product data (titles, descriptions, metadata).
  • Calculating and displaying reports or metrics.
  • Providing suggestions or tools to improve store content.

Each specific app explains its exact functionality in its Shopify App Store listing. Unless explicitly stated, our Apps do not automatically change customer data, orders, or theme code.

3. Data we access from Shopify

When you install an AiTHOR app, Shopify shares certain information with us so the app can function. The exact data depends on the permissions (scopes) requested by the app, which are always listed during installation.

In general, our Apps may access:

  • Store information
    • Shopify shop domain (for example: my-store.myshopify.com)
    • Store name, primary locale, and basic settings
  • Account / session information
    • Shopify session identifiers
    • Shop owner name and email address, as provided via Shopify
  • Store data relevant to the app
    • For example: product titles, descriptions, handles, IDs, images, or content records where needed.

We only request the minimum scopes required for each app to function. We do not intentionally collect:

  • Payment card details
  • Customer passwords
  • Data outside the scopes approved during installation

4. Data we store

To operate our Apps and provide you with useful features, we may store:

  • Shop identification data
    • Shopify shop domain and internal IDs
    • Session or token identifiers used for secure access
  • App-generated data
    • Scan results, reports, or metrics
    • Summaries of how many records were processed
  • Operational data
    • Error logs and performance metrics
    • Support requests that you send to us

We aim to store only what is needed to provide the app's features, troubleshoot issues, and maintain reasonable audit logs.

5. How we use your data

We use the information described above to:

  • Provide and maintain each app's core functionality.
  • Display data, reports, or scans inside your Shopify admin.
  • Authenticate your store and keep sessions secure.
  • Monitor performance and fix bugs or errors.
  • Respond to your support requests and feedback.
  • Comply with legal, tax, and accounting obligations.

We do not sell or rent your data, and we do not use your store's data to build unrelated advertising profiles.

6. Legal bases (EEA/UK)

Where the GDPR, UK GDPR, or similar laws apply, we rely on the following legal bases:

  • Performance of a contract – to provide the app you chose to install.
  • Legitimate interests – to secure, maintain, and improve our Apps.
  • Legal obligations – to comply with applicable laws and regulations.

7. Sharing and third-party services

We may share your information with third parties who help us run our Apps, including:

  • Shopify – as the platform your store runs on.
  • Hosting and infrastructure providers – for example, cloud hosting, databases, and logging tools.
  • Professional advisors or authorities – where required to comply with legal obligations or enforce our rights.

We only share data with parties who need it to provide their services to us and who are obligated to protect it appropriately. We do not share your data with third parties for their own marketing purposes.

8. International data transfers

Our infrastructure and some of our providers may be located in countries other than your own. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses or equivalent mechanisms) to protect data transferred internationally.

9. Data retention

We retain data only for as long as necessary to:

  • Provide and improve the Apps;
  • Meet legal and accounting requirements; and
  • Resolve disputes and enforce our agreements.

In general, shop and session records are kept while a store uses the app and removed within a reasonable period after uninstall. Some anonymized or aggregated information may be retained for analytics and security purposes.

10. Uninstalling and data deletion

When you uninstall one of our Apps from your Shopify store:

  • Shopify sends us an app/uninstalled webhook.
  • We revoke active sessions and stop accessing your store.

If you would like us to delete remaining records that can reasonably be linked to your store, you can contact us at support@aithorapp.co.uk. We will respond within a reasonable timeframe and in accordance with applicable law.

11. Your rights

Depending on your location, you may have rights over your personal data, including to:

  • Request access to the data we hold about you;
  • Request correction of inaccurate information;
  • Request deletion of certain data;
  • Object to or restrict processing in some circumstances; and
  • Request a copy of your data in a portable format.

Because much of the data relates to your Shopify store, some requests may need to be directed to Shopify as the main platform provider. To exercise your rights in relation to our Apps, contact us at support@aithorapp.co.uk.

12. Security

We use reasonable technical and organizational measures to protect your data, including:

  • Encrypted connections (HTTPS) for data in transit;
  • Restricted access to production systems and databases;
  • Regular updates and security patches for our infrastructure.

No system can be completely secure, but we work to keep your information protected and monitor our environment for potential issues.

13. Children

Our Apps are intended for business merchants and are not directed to children. We do not knowingly collect personal data from anyone under 16 years of age.

14. Changes to this policy

We may update this Privacy Policy from time to time, for example to reflect changes in our Apps, legal requirements, or our data practices. When we make material changes, we will update the Last updated date above and may notify you through the App or by email where appropriate.

15. Contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or our Apps, you can contact us at:

Email: support@aithorapp.co.uk