Privacy Policy

Last updated: April 6, 2026

SEO Aligner ("we", "our", "us") operates the SEO Aligner Shopify app and the website at seoaligner.com. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

1. Data We Collect

When you install SEO Aligner on your Shopify store, we collect and store:

• Shop information: Your Shopify store domain (e.g., yourstore.myshopify.com), store name, and shop owner email address. This is provided by Shopify during the OAuth installation flow.
• Product data: Product titles, descriptions, tags, product types, and vendor names. We read this data to analyze your catalog and generate optimized content. We write updated descriptions back to your store only when you explicitly click "Publish".
• Brand profile: The brand voice settings you configure (tone, audience, vocabulary, industry). This is data you provide voluntarily to customize AI-generated content.
• Usage data: Number of descriptions generated, generation history, and plan/billing status for enforcing plan limits.

We do not collect or store any customer data, order data, payment information, or personal data about your store's customers.

2. How We Use Your Data

• AI content generation: Your product data and brand profile are sent to the Google Gemini API to generate SEO-optimized descriptions. Google processes this data according to their Gemini API Terms of Service.
• App functionality: Shop information is used to authenticate your sessions, manage your subscription, and deliver the app experience.
• Communication: Your shop email may be used to send transactional notifications related to your account (e.g., billing confirmations). We do not send marketing emails to installed merchants.

3. Data Storage and Security

• All data is stored in an encrypted PostgreSQL database hosted on Render (US region).
• Your Shopify API access token is encrypted at rest using Fernet symmetric encryption before being stored in our database. It is never stored in plaintext.
• All communication between your browser, Shopify, and our servers uses HTTPS/TLS encryption.
• API requests from the embedded app are authenticated using Shopify App Bridge session tokens with JWT signature verification.

4. Third-Party Services

We use the following third-party services to operate SEO Aligner:

• Shopify: Platform provider. Governed by Shopify's Privacy Policy.
• Google Gemini API: AI model for generating product descriptions. Product data is sent to Google's API for processing. Google does not use Gemini API data to train models.
• Render: Cloud hosting provider for our application and database.

We do not sell, rent, or share your data with any other third parties.

5. Data Retention

• While installed: Your data is retained as long as the app is installed on your store.
• After uninstall: When you uninstall SEO Aligner, your access token is immediately cleared and your shop is marked inactive. Within 48 hours, Shopify sends a mandatory data deletion request (shop/redact webhook), and we permanently delete all shop data, including your brand profile and generation history.
• No soft deletes: Data deletion is a hard delete from our database, not a soft archive.

6. GDPR and Your Rights

We comply with the General Data Protection Regulation (GDPR) and Shopify's mandatory data protection requirements. You have the right to:

• Access your data: Request a copy of all data we store about your shop.
• Delete your data: Uninstall the app to trigger automatic deletion, or email us to request immediate deletion.
• Data portability: Request your data in a machine-readable format.

We respond to all three mandatory Shopify GDPR webhooks: customers/data_request, customers/redact, and shop/redact. Since we do not store customer personal data, customer data requests and redactions are acknowledged but require no action.

7. Cookies

SEO Aligner does not use cookies. Authentication is handled entirely through Shopify App Bridge session tokens.

8. Children's Privacy

SEO Aligner is a business tool for Shopify merchants. We do not knowingly collect data from anyone under the age of 16.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the app after changes constitutes acceptance of the revised policy.

10. Contact

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at:

[email protected]