Privacy Policy

Last updated: June 18, 2026

1. Data We Collect

When you install Custodian, we access the following Shopify store data through the Shopify Admin API:

  • Store information — shop name, domain, currency, and locale settings.
  • Products and collections — titles, descriptions, images, prices, variants, and review metafields.
  • Online Store pages — page titles, content, and template assignments.
  • Legal policies — shipping and refund policy text, used to generate accurate buy-box content.
  • Theme files — we write a custom page template to your active theme to render Custodian-generated pages.

We also collect storefront behavioral data via a lightweight Shopify web pixel embedded on generated pages. This includes:

  • Anonymous session and page-view identifiers (randomly generated, not tied to customer accounts)
  • Page views, scroll depth, CTA clicks, time on page, and exit events
  • Viewport dimensions and device type (mobile/desktop)
  • UTM parameters (source, medium, campaign, term, content) and referrer domain

This pixel does not collect IP addresses, cookies, customer names, emails, or any personally identifiable information. We do not access customer personal information, payment details, or order-level data.

2. How We Use Your Data

We use your store data exclusively to power Custodian's core features:

  • Page generation — products, collections, policies, and brand context are used to generate landing pages tailored to your store.
  • Style profiling — we analyze your storefront's visual identity (colors, typography, layout patterns) to match generated pages to your brand.
  • Review aggregation — if you use Judge.me, Okendo, Yotpo, or Loox, we read product review metafields to display ratings on generated pages.
  • Daily Brief — behavioral signals collected via our lightweight storefront pixel are combined with page context to produce decision recommendations.
3. Third-Party Services

To deliver AI-powered page generation and analysis, we share relevant store data with the following third-party providers:

  • OpenAI — product descriptions, store context, and page content are sent to OpenAI's API for content generation and analysis. Data is processed under OpenAI's API data usage policy and is not used to train their models.
  • Anthropic — similar store context may be sent to Anthropic's Claude API for planning and content generation. Data is processed under Anthropic's privacy policy.
  • Meta (Facebook) — if you connect your Meta Ads account via our in-app OAuth flow, we read ad creative data from the Meta Marketing API to align page content with your active campaigns. Your encrypted access token is stored per-shop and used only to fetch ad creatives. We do not write to or modify your ad account.
  • Google Ads — if you connect your Google Ads account via our in-app OAuth flow, we read ad creative data to align page content with your active campaigns. Your encrypted access and refresh tokens are stored per-shop. We do not write to or modify your ad account.
  • Crisp — we use Crisp for in-app live chat support. Your merchant email, name, shop domain, and current app route are shared with Crisp to provide contextual support.

We do not sell, rent, or trade your data to any third party.

4. Data Retention

We retain your store data for as long as your Custodian app is installed. Specifically:

  • Page versions and history — stored indefinitely while the app is installed, so you can roll back to any previous version.
  • Behavioral telemetry — anonymous event data (page views, clicks, scroll depth) is retained while the app is installed and deleted upon uninstall.
  • AI-generated content — generated page content is stored as part of your page history.

When you uninstall Custodian, we delete all associated store data within 30 days. The custom page template written to your theme is not automatically removed — you can delete it manually from your theme editor.

5. Data Deletion Requests

You can request deletion of your data at any time by:

  • Uninstalling the Custodian app from your Shopify admin — this triggers automatic data deletion within 30 days.
  • Contacting us directly at adrien@custodiancommerce.com — we will process your request within 7 business days.

We comply with Shopify's mandatory webhook requirements for data deletion (customers/data_request, customers/redact, shop/redact).

6. GDPR & CCPA/CPRA

If you are located in the European Economic Area (EEA) or California, you have additional rights regarding your data:

  • Right to access — you can request a copy of the data we hold about your store.
  • Right to rectification — you can ask us to correct inaccurate data.
  • Right to erasure — you can request deletion of your data (see section 5).
  • Right to data portability — you can request your data in a machine-readable format.
  • Right to object — you can object to processing of your data for specific purposes.
  • Right to correction (CPRA) — you can request correction of inaccurate personal information.
  • Right to opt out (CPRA) — we do not sell or share personal information for cross-context behavioral advertising.
  • Non-discrimination — we will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, contact us at adrien@custodiancommerce.com.

Our legal basis for processing merchant store data is contractual necessity — we process data as required to deliver the app features you installed Custodian for. For storefront visitor analytics collected via our pixel, we rely on legitimate interest in providing page performance insights, and we honor customer consent signals via Shopify's consent API.

Questions about this policy? Contact us at adrien@custodiancommerce.com.