🔒 Short version: FreshGuard AI only reads your Shopify data to provide the inventory management service. We never sell, rent, or share your store or customer data with third parties for marketing purposes.
1. Information We Collect
When you install FreshGuard AI, we access certain data from your Shopify store that is required to provide the service:
- Store Information: Your shop domain, email address, and basic profile information used to authenticate your account and deliver the service.
- Product & Variant Data: We read and write product variant information and Metaobjects to create, update, and track your inventory batches and expiry dates.
- Order Data: We read incoming orders via the
orders/create webhook to execute automatic FEFO (First-Expired, First-Out) batch deductions and write order tags and metafields for lot traceability. - Customer Data (limited): Customer names and email addresses are read only when you use the Recall Report feature to identify customers who received a specific recalled batch. This data is displayed on-screen and in CSV exports but is not stored on our servers.
- Location Data: We read your Shopify store's fulfilment locations to populate the location selector in the batch creation modal.
- Billing Data: Subscription status is managed entirely by Shopify's Billing API. FreshGuard AI never handles payment card information.
2. How We Use Your Information
We use the data collected exclusively to provide and improve the FreshGuard AI service:
- To create, read, update, and delete inventory batch Metaobjects on your Shopify store.
- To execute automatic FEFO batch deductions when customer orders are placed.
- To tag orders and write
consumed_batches metafields for lot traceability and recall compliance. - To calculate financial analytics (inventory value, wastage, value at risk) shown only to you.
- To send automated email notifications to addresses you configure in Preferences.
- To authenticate your Shopify Admin session and enforce plan limits.
We do not sell, rent, share, or otherwise transfer your store or customer data to any third party for marketing, advertising, or analytics purposes.
3. Data Storage & Security
All batch and inventory data is stored directly in Shopify Metaobjects on your Shopify store's own infrastructure. FreshGuard AI acts as the application interface to that data — it does not maintain a separate copy of your inventory data on external servers.
Session tokens and app configuration (such as your plan status and preference settings) are stored in an encrypted, isolated database. All connections use TLS 1.2+ encryption. We follow strict internal access policies.
4. Data Retention & Deletion (GDPR Compliance)
We comply fully with Shopify's mandatory GDPR requirements and implement all three required privacy webhooks:
- customers/data_request: If a customer requests their data, we will provide any relevant data we hold within 30 days of receiving the request from Shopify.
- customers/redact: If a customer requests deletion, we will erase their data from our systems. Note: batch-to-order records stored in Shopify Metafields on your store are managed by you as the data controller.
- shop/redact (App Uninstall): When you uninstall FreshGuard AI, Shopify sends an app/uninstalled webhook. All session data and store configuration data is deleted from our systems within 48 hours. Batch data stored in Shopify Metaobjects on your own store is retained by Shopify until you manually delete it.
5. Third-Party Services
FreshGuard AI uses the following third-party services to operate:
- Shopify: As the platform host, Shopify processes all store and customer data subject to Shopify's own Privacy Policy.
- Render.com / Cloud Hosting: The FreshGuard AI application server is hosted on enterprise cloud infrastructure with SOC 2 compliance.
- Nodemailer / SMTP: Used to send expiry notification emails to the addresses you configure in Preferences. No email content is stored after delivery.
6. Your Rights
As a Shopify merchant using FreshGuard AI, you have the right to: access the data we hold about your store, request correction of inaccurate data, request deletion of your data, withdraw consent at any time by uninstalling the app. To exercise any of these rights, contact us via the Shopify App Store support link or at the email address on your installation screen.
7. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last updated" date at the top of this page. Continued use of FreshGuard AI after changes constitutes acceptance of the revised policy.
8. Contact Us
If you have any questions about this Privacy Policy or how your data is handled, please contact us through the Shopify App Store support channel or visit sumadroid.com.