Privacy Policy

Last Updated: November 18, 2025

Introduction

This Privacy Policy ("Policy") describes how Zipify Lab (the "Site", "we", "us", or "our") collects, uses, and discloses your personal information when you visit, use our services, or interact with ShopRank AI (the "App") at https://shoprankai.zipify.com or otherwise communicate with us (collectively, the "Services"). For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a Shopify merchant, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.

We are committed to protecting your privacy and being transparent about our data practices. Please read this Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.

Information We Collect

Store Owner Information

When you install and use our App, we collect minimal information:

• Email Address: We collect and use your email address solely for the purpose of communicating about GDPR-related webhook notifications and essential service communications required by Shopify's platform policies.
• Shop Domain: Your Shopify store domain for authentication and service provision.

Product Catalog Data

To provide our AI indexing optimization services, we temporarily access and process your product information including:

• Product titles, descriptions, and variants
• Product images
• Product metadata and attributes
• SEO information
• Taxonomy and categorization data

Important: This data is processed in real-time for analysis and AI indexing optimization purposes but is not stored permanently on our servers.

Customer Data

We do not collect, store, or process any of your customers' personal information, including but not limited to:

• Customer names
• Customer email addresses
• Customer shipping addresses
• Customer payment information
• Customer purchase history
• Any other customer personal data

Information We Collect through Shopify APIs

When you install our App, we access certain information through Shopify's APIs under the following scopes:

• read_themes: To read and analyze your theme information
• read_products: To read and analyze your product catalog information
• write_products: To update product information based on optimization recommendations
• write_files: To manage and optimize product images

This information is accessed in real-time and is necessary to provide our core product catalog optimization services.

Information We Collect through Cookies

We also automatically collect certain information about your interaction with the Services ("Usage Data"). To do this, we may use cookies, pixels and similar technologies ("Cookies"). Usage Data may include:

• Usage Information: Information about how you interact with the App, including features used and actions taken
• Device Information: Browser type, IP address (for security purposes only), and device identifiers
• Log Data: Technical logs for troubleshooting and service improvement

For specific information about the Cookies that we use related to powering our store with Shopify, see https://www.shopify.com/legal/cookies. Most browsers automatically accept Cookies by default, but you can choose to set your browser to remove or reject Cookies through your browser controls.

How We Use Information

We use the information we collect for the following purposes:

1. Service Provision: To analyze and optimize your product catalog for improved AI indexing and discoverability
2. Communication: To send essential service notifications and respond to GDPR webhook requirements
3. Service Improvement: To improve our App's functionality, features, and user experience
4. Technical Support: To troubleshoot issues and provide customer support
5. Security: To detect, prevent, and address security issues or fraudulent activity
6. Compliance: To comply with legal obligations and Shopify's platform requirements

Data Storage and Retention

Minimal Data Storage

We practice data minimization:

• Product Data: We do not permanently store your product catalog data. Product information is processed in real-time during analysis and AI indexing optimization sessions.
• Email Address: Stored only for GDPR webhook communications and essential service notifications.
• Session Data: Temporary analysis results may be cached briefly to improve performance but are automatically deleted after the session.

Data Retention Period

• Email addresses are retained for the duration of your active subscription and for a reasonable period thereafter to comply with legal obligations.
• Temporary processing data is automatically deleted within 24 hours.
• Upon app uninstallation, all associated data is deleted within 30 days.

Data Sharing and Disclosure

We Do Not Sell Your Data

We do not sell, rent, or trade any information to third parties for marketing purposes.

Service Providers

We may share limited information with trusted third-party service providers who assist us in operating our App:

• Cloud Infrastructure Providers: For hosting and computing services (AWS)
• AI Processing Services: For providing AI-powered product indexing analysis
• Analytics Services: For understanding App usage and improving our services

All service providers are contractually obligated to protect your data and use it only for the purposes we specify.

Legal Requirements

We may disclose information if required to do so by law or in response to:

• Legal processes (subpoenas, court orders)
• Requests from government authorities
• Protection of our rights, property, or safety
• Prevention of fraud or security threats

Data Security

We implement appropriate technical and organizational security measures to protect the information we process:

• Encryption: Data in transit is encrypted using industry-standard protocols (TLS/SSL)
• Access Controls: Strict access controls limit who can access information
• Security Monitoring: Continuous monitoring for security threats and vulnerabilities
• Regular Audits: Periodic security assessments and updates

However, please note that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect information, we cannot guarantee absolute security.

Your Rights and Choices

Depending on your location, you may have certain rights regarding your information:

General Rights

• Access: Request access to the information we hold about you
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your information
• Objection: Object to our processing of your information
• Data Portability: Request a copy of your information in a portable format

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: privacy@zipify.com

We will respond to your request within 30 days.

Uninstalling the App

You can stop our access to your store data at any time by uninstalling the App from your Shopify admin. Upon uninstallation, we will delete all associated data within 30 days.

GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA) or United Kingdom (UK), you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing

We process information based on:

• Consent: You provide consent when installing and using our App
• Contract Performance: Processing necessary to provide our services
• Legitimate Interests: For service improvement and security purposes
• Legal Obligations: To comply with applicable laws

Your GDPR Rights

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

Data Transfers

If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by the European Commission
• Other legally recognized transfer mechanisms

CCPA Compliance (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

Information We Collect

Categories of information we collect are described in the "Information We Collect" section above.

Your CCPA Rights

• Right to Know: What personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: We do not sell personal information, so opt-out is not applicable
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at privacy@zipify.com.

Children's Privacy

Our App is not intended for use by individuals under the age of 18. We do not knowingly collect information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

Third-Party Links

Our App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Policy in the App
• Updating the "Last Updated" date at the top of this Policy
• Sending an email notification for significant changes (if we have your email address)

Your continued use of the App after such modifications constitutes your acceptance of the updated Policy.

International Data Transfers

Our App is operated from the United States. If you are located outside the United States, please be aware that information we process may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

By using our App, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

Data Controller

For the purposes of GDPR and other data protection laws, the data controller is:

ShopRank AI

If you have questions about who controls your data or how it is processed, please contact us using the information below.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@zipify.com

Response Time: We aim to respond to all inquiries within 30 days.

Shopify-Specific Disclosures

Integration with Shopify

Our App integrates with Shopify's platform and is subject to:

• Shopify's API Terms of Service
• Shopify's Partner Program Agreement
• Shopify's App Store requirements

Shopify's Access

Shopify may have access to information as described in Shopify's own privacy policy. Please review Shopify's privacy policy to understand how Shopify handles data.

Webhooks

We use Shopify webhooks to:

• Respond to GDPR data requests (customer data requests, customer redaction requests, shop redaction requests)
• Maintain service functionality
• Ensure compliance with data protection requirements