Privacy Policy

1. Information We Collect

• Account Data: name and email address when you register, including Google OAuth profile data if you sign in with Google.
• Store Data: when you connect your Shopify store via OAuth, we collect your shop domain, store name, Shopify store ID, product catalog (titles, descriptions, images, prices, variants), and inventory levels.
• Interview Data: your text and voice responses during the brand strategy interview process, and transcripts generated from voice recordings.
• Payment Data: billing details are processed securely by Stripe. We store only transaction identifiers; full payment card details are never held by us.
• Usage Data: pages visited, features used, session duration, and interaction logs collected via Google Analytics.

2. How We Use Your Information

• To provide, operate, and improve the Auxora platform and generate your personalized AI marketing strategies, landing pages, and ad creatives.
• To import your Shopify product catalog and sync product changes between Auxora and your Shopify store.
• To process payments and send transaction receipts.
• To send service-related communications, security notices, and important updates.
• To analyze platform usage and improve user experience.
• To comply with applicable legal obligations.

3. Data Sharing

We do not sell or trade your personal information.

We share data only with trusted service providers who process it on our behalf under data protection agreements: Stripe (payment processing), OpenAI (AI content generation), Cloudflare (infrastructure and hosting), Google (authentication and analytics), and Shopify (store data via their API when you authorize the connection).

We may disclose information when required by law or valid legal process.

4. Data Security

All data is stored on Cloudflare's encrypted, SOC 2-compliant infrastructure. Payments are processed via Stripe under PCI-DSS compliance. Shopify access tokens are encrypted at rest using Fernet symmetric encryption. All communication with Shopify occurs over HTTPS/TLS, and OAuth callbacks and GDPR webhooks are verified using HMAC-SHA256 signature validation. Access to user data is restricted to authorized personnel only.

While we implement industry-standard security measures, no method of transmission over the internet is 100% secure.

5. Data Retention

Account and interview data is retained while your account is active and for a reasonable period thereafter to support service continuity. When you disconnect your Shopify store, your access token is immediately invalidated and purged, and imported product data is removed within 30 days.

Upon a valid deletion request: data is removed from production systems within 30 days and from backup systems within 90 days, unless retention is required by applicable law.

6. Your Rights

Depending on your jurisdiction, you may have the right to: access a copy of your data, correct inaccurate information, request data deletion, restrict or object to processing, and receive your data in a portable format.

To exercise any of these rights, contact us at academy@auxora.ai. We will respond within 30 days.

We respond to all Shopify-mandated GDPR webhooks including customer data requests, customer data erasure, and shop data erasure within the required timeframes.

7. Cookies

We use essential cookies for authentication and session management, and analytics cookies (Google Analytics) to understand platform usage. We do not use advertising or cross-site tracking cookies.

8. Children's Privacy

Auxora is intended for users aged 18 and older. We do not knowingly collect personal information from anyone under 13. If we become aware that a child under 13 has provided data, we will promptly delete it.

9. Changes to This Policy

We may update this policy periodically. Material changes will be communicated via email or a prominent notice on the platform. Continued use of Auxora after changes take effect constitutes acceptance of the updated policy.

10. Contact Us

For privacy questions or to exercise your data rights, contact us at:

academy@auxora.ai

MindLight Tech Inc.