Privacy Policy

Last updated: December 23, 2025

1. Introduction

GrowthPilot AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Shopify application and website (collectively, the "Service").

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

We collect information in the following ways:

2.1 Information from Shopify

When you install our app, we receive the following from Shopify:

  • Store Information: Your store name, domain, email address, and Shopify plan
  • Access Tokens: OAuth tokens to authenticate API requests on your behalf
  • Store Configuration: Theme information, installed apps, and store settings relevant to monitoring

2.2 Monitoring Data

Our Service collects the following data for health monitoring:

  • Response Times: How quickly your store pages load
  • HTTP Status Codes: Server response codes (200, 404, 500, etc.)
  • Uptime Records: When your store is accessible or unavailable
  • Error Details: Error messages and stack traces when issues occur
What We Don't Collect: We do NOT collect or store your customers' personal information, payment details, order data, or any personally identifiable information (PII) from your store's customers.

2.3 Account Information

We may collect:

  • Email addresses for alert notifications
  • Phone numbers (if SMS alerts are enabled)
  • Slack webhook URLs (if Slack integration is enabled)
  • Support correspondence and feedback

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To monitor your store's health and detect issues
  • Alerts: To send you notifications about detected problems
  • AI Diagnosis: To analyze issues and provide fix recommendations
  • Analytics: To generate uptime reports and performance metrics
  • Support: To respond to your inquiries and provide customer service
  • Improvements: To improve our Service and develop new features

4. AI Processing

Our Service uses artificial intelligence to analyze store health data and provide diagnoses. This processing includes:

  • Analyzing error patterns and response time anomalies
  • Correlating issues with recent store changes
  • Generating plain-English explanations of detected problems
  • Suggesting remediation steps
AI Disclaimer: AI-generated diagnoses are suggestions only. While our AI strives for accuracy, recommendations should be verified before making significant changes to your store. We are not liable for actions taken based on AI suggestions.

5. Data Sharing and Disclosure

We do not sell your data. We may share information in the following circumstances:

  • Service Providers: With third-party vendors who help us operate our Service (hosting, email delivery, AI processing)
  • Legal Requirements: When required by law, regulation, or legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share data

Our Service Providers Include:

  • Cloud hosting providers for data storage
  • Email service providers for alert delivery
  • SMS providers for text notifications (if enabled)
  • AI/ML providers for intelligent diagnosis

6. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS/SSL) and at rest
  • Secure access controls and authentication
  • Regular security assessments
  • Limited employee access on a need-to-know basis

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your data as follows:

  • Health check history: 7-90 days depending on your plan
  • Issue records: Retained until resolved or for plan duration
  • Account data: Retained while your account is active
  • After uninstall: Data is deleted within 30 days of app uninstallation

8. Your Rights (GDPR & CCPA)

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a portable format
  • Objection: Object to certain processing activities
  • Restriction: Request restriction of processing

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

9. Cookies and Tracking

Our website uses essential cookies for functionality. We do not use third-party tracking cookies or advertising trackers. The Shopify app operates within the Shopify admin and follows Shopify's cookie policies.

10. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

11. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses where applicable.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Shopify Data Protection: As a Shopify Partner, we comply with Shopify's API Terms of Service and data protection requirements. We access only the minimum data necessary to provide our monitoring service.