Privacy Policy

Last updated: December 2025

1. Introduction

ShopOps ("we", "us", or "our") provides software services to Shopify merchants to help analyze and structure storefront data for operational and AI-readiness purposes (the "Service"). This Privacy Policy explains how we collect, use, store, and disclose information when merchants install and use the ShopOps application. By using the Service, you agree to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Information collected via Shopify APIs

When a merchant installs ShopOps, we collect and process information made available through Shopify APIs, strictly in accordance with the permissions granted by the merchant. This may include:

Store information (store name, domain, language, currency)
Product and catalog data (titles, descriptions, images, variants, pricing)
Inventory and availability information
Storefront structure and metadata
App installation and configuration status

We do not collect payment card data.

2.2 Information provided directly by merchants

Merchants may provide information directly to us, including:

Contact information (name, email address, company name)
Account and authentication information
Configuration settings and preferences
Communications with our support team

2.3 Information about merchants' customers

ShopOps is designed primarily to analyze storefront and product information. We do not intentionally collect personal information of merchants' customers (buyers). If limited customer-related data is incidentally processed through Shopify APIs (for example, anonymized or aggregated behavioral signals), such data is:

Used solely to provide the Service to the merchant
Not used to identify individual customers
Not sold, shared for advertising, or used for cross-merchant profiling

ShopOps does not place cookies or tracking technologies directly on merchants' customers' devices.

2.4 Automatically collected information

When merchants use the Service, we may automatically collect:

Device and browser information
IP address
Usage logs (pages accessed, features used, timestamps)
Diagnostic and performance data

This information is used for security, monitoring, and service improvement purposes.

3. How We Use Information

We use collected information solely for the following purposes:

Providing, operating, and maintaining the Service
Analyzing storefront and catalog data to generate operational insights
Improving data structure and AI-readiness for merchant storefronts
Responding to support requests and communications
Monitoring performance, security, and abuse prevention
Complying with legal and regulatory obligations

We do not use merchant or customer data for advertising, and we do not sell personal data.

4. AI Processing and Automated Analysis

ShopOps may use automated processing techniques to analyze storefront and catalog data provided by merchants:

Automated processing is used only to deliver insights and recommendations to the same merchant
We do not use merchant data to train generalized AI models for unrelated third parties
We do not use data for interest-based advertising or marketing profiling
Any aggregated analysis is performed in a manner that does not identify individual merchants or customers

We share information only in the following limited circumstances:

Service providers: With trusted vendors who assist with hosting, analytics, and infrastructure, under contractual confidentiality obligations
Legal compliance: When required by law, regulation, or lawful request
Business transfers: In connection with a merger, acquisition, or sale of assets
With merchant consent: When explicitly authorized by the merchant

We do not sell personal information to third parties.

6. Data Retention

We retain personal data only as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy:

Upon app uninstallation, we delete or anonymize Shopify-derived data within 90 days, unless retention is required by law
Aggregated or anonymized data that no longer identifies a merchant or individual may be retained for analytical purposes

7. Data Deletion and Shopify Compliance

ShopOps complies with Shopify's data protection requirements, including mandatory privacy webhooks:

We process data deletion requests received via Shopify
We delete or anonymize personal data when a merchant uninstalls the app or submits a valid deletion request
We maintain procedures to respond to GDPR, CPRA, and similar privacy requests within applicable timeframes

8. International Data Transfers

We may store and process information in countries other than the merchant's jurisdiction. Where required, we rely on appropriate safeguards to protect personal data, such as contractual protections and recognized transfer mechanisms.

9. Rights of Individuals

Depending on applicable law, individuals may have the right to:

Access their personal data
Request correction or deletion
Restrict or object to processing
Request data portability

Merchants or individuals may exercise these rights by contacting us using the details provided in the Contact Us section.

10. Jurisdiction-Specific Privacy Rights

Depending on your location and applicable law, additional privacy rights and obligations may apply.

If you are located in the EEA or the United Kingdom, ShopOps processes personal data in accordance with the General Data Protection Regulation (GDPR). Under applicable law, you may have the right to:

Access your personal data
Correct or update inaccurate or incomplete personal data
Request deletion of your personal data
Restrict or object to certain processing activities
Request portability of your personal data
Withdraw consent where processing is based on consent

Where personal data is transferred outside the EEA or the United Kingdom, such transfers are subject to appropriate safeguards recognized under GDPR.

10.2 United States - California Privacy Rights (CPRA and CalOPPA)

If you are a resident of California, the following disclosures apply in accordance with the California Privacy Rights Act (CPRA) and the California Online Privacy Protection Act (CalOPPA):

Do Not Track signals: ShopOps does not track users across third-party websites for targeted advertising purposes and therefore does not respond to browser Do Not Track (DNT) signals.
Consumer rights: You may have the right to request access to, correction of, or deletion of your personal information, as well as the right to opt out of the sale or sharing of personal information.
No sale or sharing of data: ShopOps does not sell or share personal information, including for cross-context behavioral advertising, and does not discriminate against individuals for exercising their privacy rights.

10.3 Singapore - Personal Data Protection Act (PDPA)

If you are located in Singapore, ShopOps processes personal data in accordance with the Personal Data Protection Act (PDPA). Personal data is:

Collected only for reasonable and disclosed purposes
Protected using reasonable security arrangements
Retained only for as long as necessary to fulfill business or legal obligations

10.4 People's Republic of China - Personal Information Protection Law (PIPL)

Where applicable, ShopOps processes personal information in accordance with the Personal Information Protection Law (PIPL) of the People's Republic of China. Individuals may have the right to:

Access and correct personal information
Request deletion of personal information
Request explanations regarding personal information processing activities

Where cross-border transfers of personal information occur, such transfers are conducted in accordance with applicable legal requirements and required safeguards.

11. Privacy Officer

ShopOps has not appointed a formal Data Protection Officer. Privacy-related inquiries are handled by our designated privacy contact, who oversees compliance with applicable data protection laws.

12. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: haozhuangdai@fifteen-ai.com
Contact form: Contact us (please include your name or store name, subject such as Data Access Request, Deletion Request, or Privacy Inquiry, and a clear description of your request)