Privacy Policy

Introduction

agntfy ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered Shopify theme editing service. By using our Service, you consent to the data practices described in this policy.

Information We Collect

Personal Information

• Name and email address when you create an account or sign up for early access
• Shopify store URL and basic store information (store name, plan type)
• Payment information (processed securely through Stripe — we never store full card details)
• Communication preferences and support interactions

Shopify Store Data

When you connect your Shopify store, we access the following data through Shopify's official APIs in compliance with the Shopify API Terms of Service:

• Theme files: Liquid templates, CSS/SCSS stylesheets, JavaScript files, and theme settings required to perform AI-driven customizations
• Theme metadata: Theme name, version, and configuration settings
• Store configuration: Basic store settings necessary for theme rendering context (e.g., currency, language)

We do not access or store customer data, order data, product data, or any other merchant data beyond what is strictly necessary for theme editing functionality.

Technical Information

• Usage patterns and feature interactions
• Device information, IP address, and browser type
• Log files and error reports for debugging purposes

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

• Essential Cookies: Required for authentication, session management, and security. These cannot be disabled.
• Analytics Cookies: Help us understand how you use our Service (e.g., Google Analytics). You may opt out via your browser settings or our cookie preferences.
• Functional Cookies: Remember your preferences and settings for a better experience.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect Service functionality.

How We Use Your Information

• Service Provision: To provide and maintain our AI theme editing service, including processing your theme customization requests
• Customization: To personalize your experience and improve our AI recommendations
• Communication: To send you updates, support responses, and important notices about Service changes
• Improvement: To analyze usage patterns and improve our service quality
• Security: To detect, prevent, and address technical issues and security threats
• Compliance: To comply with Shopify's Partner Program requirements and applicable legal obligations

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information in these limited circumstances:

• Shopify: Data exchanged through Shopify's APIs is subject to Shopify's own privacy policy and API Terms of Service. We act as a data processor for Shopify store data.
• Service Providers: With trusted third-party services (payment processors, hosting providers, analytics) that are contractually bound to protect your data
• AI Processing: Theme data may be processed by AI models to generate customizations. This data is not used to train third-party AI models.
• Legal Requirements: When required by law or to protect our rights and safety
• Business Transfers: In connection with a merger, acquisition, or asset sale (with prior notice)

Data Retention and Deletion

We retain your data only as long as necessary to provide the Service and comply with legal obligations:

• Account Data: Retained for the duration of your account. Deleted within 30 days of account termination upon request.
• Theme Data: Stored only during active use and for backup/rollback purposes. Theme files are purged within 90 days of disconnecting your store or closing your account.
• Usage Logs: Retained for up to 12 months for analytics and debugging, then anonymized or deleted.
• Payment Records: Retained as required by applicable tax and financial regulations.

In compliance with Shopify's API Terms, we delete all Shopify store data within 48 hours of an app uninstall or access token revocation.

Data Security

We implement industry-standard security measures to protect your information:

• End-to-end encryption for all data transmission (TLS 1.2+)
• Encryption at rest for stored theme data and credentials (AES-256)
• Shopify API tokens stored using industry-standard encryption and never exposed in logs or client-side code
• Secure cloud storage with regular security audits
• Limited access controls and employee training
• Regular security assessments and vulnerability scanning

Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information ("right to be forgotten")
• Portability: Export your data in a common, machine-readable format
• Restriction: Request that we restrict processing of your data in certain circumstances
• Objection: Object to processing based on legitimate interest
• Opt-out: Unsubscribe from marketing communications at any time

To exercise any of these rights, contact us at privacy@agntfy.com. We will respond within 30 days.

GDPR Compliance (EEA Users)

If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases:

• Contract Performance: Processing necessary to provide the Service you requested
• Legitimate Interest: Improving our Service, security, and fraud prevention
• Consent: Marketing communications and non-essential cookies
• Legal Obligation: Compliance with applicable laws and regulations

You may withdraw consent at any time. International data transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission.

CCPA Compliance (California Residents)

Under the California Consumer Privacy Act (CCPA), California residents have additional rights:

• Right to Know: What personal information we collect, use, and disclose
• Right to Delete: Request deletion of your personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
• Right to Opt-Out: We do not sell personal information. If this changes, we will provide a "Do Not Sell My Personal Information" link.

Shopify API Compliance

As a Shopify Partner, we strictly comply with Shopify's API Terms of Service and Partner Program Agreement:

• We only request the minimum API scopes necessary to provide theme editing functionality
• Shopify store data is never used for purposes beyond providing our Service
• We do not share Shopify merchant data with third parties for their own marketing or advertising purposes
• All Shopify data is deleted promptly upon app uninstall or token revocation, in accordance with Shopify's requirements
• We maintain appropriate security measures as required by Shopify's Partner Program

International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country. We ensure appropriate safeguards are in place, including Standard Contractual Clauses and adequacy decisions, to protect your data during international transfers.

Children's Privacy

Our service is not intended for children under 16 (or under 13 in the United States). We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us immediately and we will delete it.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by email or through our Service at least 30 days before the changes take effect. Your continued use of our Service after changes become effective constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy, our privacy practices, or wish to exercise your data rights, please contact us: