Privacy Policy
Last Updated: October 15, 2025
Introduction
Veristyle ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Shopify application.
Information We Collect
Store Information
When you install Veristyle, we collect:
- Store domain and name
- Store owner email
- Store location and timezone
- OAuth access tokens (encrypted with AES-256-GCM)
Product Data
To provide our AI optimization services, we process:
- Product titles and descriptions
- Product images
- Product variants (sizes, colors, prices)
- Product tags and categories
- Inventory levels
Order Data
For revenue attribution and analytics:
- Order IDs and timestamps
- Order totals and currency
- Products purchased
Customer Data
We collect minimal customer data for demographics:
- Customer location (country/region)
- Purchase patterns (aggregated and anonymized)
Note: We do NOT collect personally identifiable customer information such as names, addresses, or payment details.
How We Use Your Information
We use the collected data to:
- Optimize Product Descriptions: Analyze your products to generate AI-optimized descriptions for ChatGPT and other AI shopping assistants
- Generate Product Feeds: Create OpenAI-compatible product feeds in multiple formats (JSON, CSV, TSV, XML)
- Calculate GEO Scores: Provide Guided Experience Optimization scores for your products
- Track Performance: Measure the effectiveness of AI optimizations through revenue attribution
- Improve Services: Enhance our AI models and recommendation algorithms
- Provide Support: Respond to your inquiries and troubleshoot issues
Data Storage and Security
Security Measures
We implement industry-standard security practices:
- Encryption: All access tokens are encrypted using AES-256-GCM
- Secure Transmission: All data is transmitted over HTTPS/TLS
- Database Security: Hosted on secure PostgreSQL infrastructure with SSL
- Access Controls: Strict access controls limit data access to authorized personnel only
Data Retention
- Active Stores: Data is retained while your store has the app installed
- Uninstalled Apps: Product analysis data is deleted within 30 days of uninstallation
- Store Credentials: OAuth tokens are immediately marked as inactive upon uninstallation
- Aggregated Analytics: Anonymized analytics may be retained for service improvement
Data Sharing and Disclosure
We do NOT sell, trade, or rent your data to third parties. We may share data only in these limited circumstances:
- Service Providers: We use OpenAI's API for product analysis (subject to OpenAI's privacy policy)
- Legal Requirements: When required by law, court order, or government regulation
- Business Transfers: In the event of a merger, acquisition, or sale of assets
- With Your Consent: When you explicitly authorize data sharing
Third-Party Services
Our app integrates with:
- OpenAI: For AI-powered product analysis and optimization
- Shopify: For accessing your store data through approved OAuth scopes
- Vercel: For hosting our application infrastructure
Each service has its own privacy policy governing their use of data.
Your Rights
You have the right to:
- Access: Request a copy of your data we've collected
- Correction: Request corrections to inaccurate data
- Deletion: Request deletion of your data (uninstalling the app automatically triggers deletion)
- Opt-Out: Disable specific features like analytics tracking
- Data Portability: Receive your data in a machine-readable format
Cookies and Tracking
We use minimal cookies for:
- Session management during OAuth authentication
- Maintaining your app preferences
We do NOT use tracking cookies for advertising purposes.
Children's Privacy
Our service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children.
International Data Transfers
Your data may be processed in the United States or other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers.
Changes to This Privacy Policy
We may update this Privacy Policy periodically. We will notify you of any material changes by:
- Posting the updated policy with a new "Last Updated" date
- Sending an email notification to your store owner email
- Displaying an in-app notification
GDPR Compliance (EU Users)
If you're in the EU, you have additional rights under GDPR:
- Right to object to data processing
- Right to restrict processing
- Right to lodge a complaint with a supervisory authority
- Automated decision-making protections
CCPA Compliance (California Users)
California residents have the right to:
- Know what personal information is collected
- Know whether personal information is sold or disclosed
- Opt-out of the sale of personal information (we don't sell data)
- Request deletion of personal information
- Non-discrimination for exercising CCPA rights