AI Bulk Product SEO

by Twin Code

Privacy Policy

App: AI Bulk Product SEO  | Last updated: May 8, 2026

This Privacy Policy describes how AI Bulk Product SEO ("the App", "we", "us") collects, uses, and deletes information when you install and use the App through the Shopify App Store.

1. Who We Are

AI Bulk Product SEO is a Shopify application that generates SEO-optimized meta titles and descriptions for your product catalog using artificial intelligence. The App is operated as a Shopify embedded application hosted on Railway.

2. Data We Collect

Store information

• Your Shopify store domain (e.g. your-store.myshopify.com)
• Your store owner email address — provided automatically by Shopify when you install the App and used solely for account identification and support
• Your current subscription plan and credit usage within the App
• Shopify offline access token required to call the Shopify Admin API on your behalf

Product data

• Product titles, descriptions, handles, product types, vendors, and tags — read from your store to generate SEO suggestions
• AI-generated meta titles and meta descriptions we write back to your products (stored so you can review history and track improvements)

AI usage logs

• Aggregate token counts (input/output), AI model used, and credits consumed per generation session. No product content is retained in these logs.

SEO Profile (optional)

• Business description, target keywords, ideal customer profile, competitor URLs, and SEO goals that you voluntarily enter to personalise AI output

Google Search Console (optional)

• If you choose to connect a Google account, we store your Google account email, display name, profile picture URL, and encrypted OAuth tokens (access token and refresh token)
• Tokens are encrypted at rest using AES-256-GCM
• We use these tokens only to read Search Console performance data (impressions, clicks, queries) for your verified properties

Conversion tracking (optional)

• Order IDs, order numbers, product IDs, product titles, sale amounts, currency, and the HTTP referrer URL (referringSite) of orders
• We use this data solely to show you which optimized products have generated sales from search traffic
• We do not collect customer names, customer email addresses, phone numbers, or shipping addresses

3. How We Use Your Data

• To authenticate your store and maintain your session with Shopify
• To associate your store with your store owner email for account identification and support
• To send you product updates, feature announcements, and App-related news. You can opt out at any time by clicking the unsubscribe link in any email we send.
• To generate AI-powered SEO suggestions for your products
• To track your credit usage and manage your subscription plan
• To display analytics about your SEO improvements and conversion impact
• To improve AI output quality using your optional SEO Profile context

We do not sell, rent, or share your data with third parties for marketing purposes. We may contact you at your store owner email address with product news and updates related to the App; you can opt out at any time.

4. Third-Party Services

• Shopify – App platform and billing. Subject to Shopify's Privacy Policy.
• OpenAI – Used to generate meta titles and descriptions. Product titles, descriptions, and your SEO Profile context are sent to the OpenAI API. OpenAI's Privacy Policy applies.
• Google – Used for Search Console integration when you opt in. Subject to Google's Privacy Policy.
• Railway – Cloud hosting provider where the App and database run. Data is stored in a PostgreSQL database hosted on Railway infrastructure.

5. Data Retention

• All data associated with your store is deleted immediately when you uninstall the App
• A secondary deletion pass runs automatically 48 hours after uninstall in compliance with Shopify's GDPR requirements
• Google OAuth tokens are deleted immediately if you disconnect your Google account from within the App

6. GDPR & Merchant Rights

We comply with Shopify's mandatory GDPR webhook requirements:

• Customer data requests – The App does not store personally identifiable customer data. We respond to all customer data requests within 30 days confirming no customer PII is held.
• Customer data erasure – As above; no customer records to erase.
• Shop data erasure – All shop data is permanently deleted within 48 hours of a merchant uninstalling the App.

7. Security

• OAuth tokens are encrypted at rest using AES-256-GCM with a unique IV per value
• All data is transmitted over HTTPS/TLS
• Access to the database is restricted to the App server only
• Shopify webhook authenticity is verified via HMAC-SHA256 on every incoming webhook

8. Children's Privacy

The App is intended for use by Shopify merchants and is not directed at children under the age of 13. We do not knowingly collect data from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The date at the top of this page reflects the most recent revision. Continued use of the App after changes are posted constitutes your acceptance of the updated policy.

10. Contact

If you have questions or requests regarding your data, please contact us through the Shopify App Store listing or via the support link in the App.