RE:CATALOG — Privacy Policy

Last updated: 15 July 2026 Effective: TODO: effective date

This policy explains what RE:CATALOG (“the app”, “we”, “us”) collects when you install it on your Shopify store, what we do with it, who else receives it, and how long we keep it.

RE:CATALOG is operated by TODO: registered company name, TODO: registered address. Privacy contact: TODO: privacy@….


1. In one paragraph

RE:CATALOG turns product photos into a draft Shopify product. To do that, it sends your product photos and a small amount of shop context to an AI provider, writes the result back into your own Shopify store, and keeps a record of the generation in our database so you can see your history and so we can bill correctly. We do not collect, receive, or store any data about your customers. We do not store your product photos on our servers. We do not sell or share your data for advertising.


2. What we collect

2.1 Data you enter in the app

Data Why
Brand voice (free text) Injected into the AI prompt so generated copy matches your tone.
AI provider and model selection Determines which AI provider processes your photos, where this option is enabled for your plan.
Your own AI API key (BYOK plans only) Lets the app call your AI provider account on your behalf instead of ours. See §6.
Target languages Which of your published Shopify locales the app translates into.
App interface language Persisted so the app UI stays in your chosen language across navigations.

2.2 Data we receive from Shopify

When you install the app, Shopify grants it the following access scopes: write_products, write_files, read_locales, write_translations, write_metaobjects, write_metaobject_definitions.

Using those scopes, the app accesses:

We request no access to customer data. The app holds no read_customers, read_orders, or equivalent scope, and therefore never receives protected customer data of any kind.

2.3 Product photos — how they are handled

This is the part most merchants ask about, so it is spelled out in full:

  1. When you add photos in the app, your browser uploads them directly to Shopify’s own storage, using Shopify staged uploads. The bytes do not pass through our servers on the way up.
  2. The photos become files in your own Shopify Files library, under your control, served from Shopify’s CDN.
  3. When you press Generate, our server asks Shopify for a resized copy of each photo (maximum 1568 pixels on the long edge), holds it in memory only for the duration of that single request, and sends it to the AI provider.
  4. The resized copy is discarded when the request ends. The app never writes your photos to our database or to any storage we control.

What our database records about a photo is only its Shopify file identifier (gid://shopify/MediaImage/…) — a reference to a file that lives in your store, not the image itself.

2.4 Data the app generates

For each generation, we store a job record containing: your shop domain, the job status, the Shopify file identifiers of the input photos, the AI-generated catalog content (title, description, category, attributes, tags, SEO texts, suggested price, image alt texts), the identifier of the product created, the AI provider and model used, token counts and an estimated cost, and any error message if the job failed.

The token counts and cost estimate are used only for our own service monitoring. They are not used for billing you — Shopify handles that (§7).

We also store per-language translation records: the target language, its status, token counts, and any error. The translated text itself is not stored by us (§5).

2.5 Automated logs

Our hosting provider generates standard server logs (request time, path, status code, errors). Application logs may record your shop domain alongside webhook receipts and error diagnostics. These logs are used for debugging and abuse prevention, are not used to profile you, and are retained per our hosting provider’s standard retention.


3. What we do not collect


4. Who else receives your data (sub-processors)

4.1 AI providers

Generating a catalog entry requires sending your data to an AI provider. Depending on your plan and settings, that provider is one of:

Provider Operator Endpoint
Claude Anthropic PBC (USA) api.anthropic.com
GPT OpenAI, L.L.C. (USA) api.openai.com
Gemini Google LLC (USA) generativelanguage.googleapis.com
Mistral Mistral AI SAS (France) api.mistral.ai
Grok xAI Corp. (USA) api.x.ai

Which provider is used: on standard plans, we choose the provider using our own API keys, and the choice is shown in the app. On plans where model selection or BYOK is enabled, you choose the provider in Settings. If a provider fails mid-request, the app may retry with a fallback provider from the same list; the provider that actually produced your result is recorded on the job and shown in the app.

What is sent to the provider:

What is never sent: your access token, your customers’ data (we hold none), your billing details, or your BYOK key for any provider other than the one it belongs to.

Provider data handling: these providers are bound by their own API terms. Anthropic, OpenAI, Google, Mistral, and xAI each state that data submitted through their paid APIs is not used to train their models by default. We rely on those API terms and do not opt into any training programme. You should review the terms of whichever provider you select, and this is a specific reason to consider a BYOK plan (§6) if you want the provider relationship to be directly yours.

4.2 Infrastructure

Sub-processor Role Location
Vercel Inc. Application hosting and serverless execution TODO: Vercel region
Neon Inc. Managed PostgreSQL database TODO: Neon region
Shopify Inc. Your store, file storage, translations, billing Per Shopify’s own terms

4.3 Shopify APIs we call

4.4 Nobody else

We do not sell your data. We do not share it for advertising or profiling. We do not disclose it to any party other than those listed above, except where we are legally required to.


5. Translations stay in Shopify

When the app translates your product, the translated title, description, and SEO texts are written directly into Shopify’s native translation store and are never saved in our database. You own and edit them in Shopify’s Translate & Adapt, exactly as if you had typed them yourself. If you uninstall the app, your translations remain in your store.


6. Bring your own key (BYOK)

On plans that enable it, you can supply your own AI provider API key.

You can remove your key at any time in Settings.


7. Billing data

RE:CATALOG uses Shopify’s usage-based billing. We never see or handle your payment details.

For each analysis the app delivers to you, we queue and send one usage event to Shopify containing your shop ID, the event name product_generated, and a value of 1. Shopify applies your plan’s included units and bills the remainder on your Shopify invoice. We keep the queued event record so a failed send can be retried safely.

Exceptions: generations on BYOK plans and on the free plan are not metered to Shopify. On the free plan, the app counts your completed analyses per calendar month itself, in order to enforce the plan’s monthly allowance.


8. Retention and deletion

Event What happens
While installed Settings, generation history, translation records, and usage events are retained so you can see your history and so billing stays correct.
You uninstall the app Shopify sends an uninstall webhook. Any pending usage events are sent to Shopify first (Shopify accepts them for 24 hours after uninstall), then your session and all your settings — including your encrypted BYOK key — are deleted immediately.
48 hours after uninstall Shopify sends a shop/redact webhook. We then purge everything remaining: your generation history, all translation records, and all usage event records. Nothing about your shop remains in our database.
customers/data_request, customers/redact We respond to Shopify’s mandatory webhooks, but we hold no customer data, so there is nothing to return or erase.

You can also ask us to delete your data at any time by writing to TODO: privacy@…. Note that data you asked the app to write into your own store — draft products, files, translations — belongs to your store and is not ours to delete; you remove it in Shopify.


9. Security

No system is perfectly secure, but we take these measures to protect your data and will notify you and the relevant authorities of a personal data breach where the law requires it.


10. International transfers

Depending on the AI provider used, your product photos and shop context may be processed in the United States (Anthropic, OpenAI, Google, xAI) or the European Union (Mistral). Where data leaves the EEA/UK, transfers rely on the relevant provider’s Standard Contractual Clauses and supplementary measures.

If you need EU-only processing, select an EU-based provider where model selection is available to you, or use a BYOK plan with a provider and region of your choosing.


11. Legal basis (GDPR)

Where GDPR applies, we process this data on the basis of:

You are the data controller for your store’s data; we act as data processor for the data you send through the app. Note that in practice the data we process on your behalf is business data about your products, not personal data about individuals.


12. Your rights

Where GDPR, UK GDPR, CCPA/CPRA, or a comparable law applies, you may request access to, correction of, export of, or deletion of your data, and may object to or restrict certain processing. Write to TODO: privacy@… and we will respond within the period the applicable law requires (30 days under GDPR). You may also lodge a complaint with your supervisory authority; ours is TODO: supervisory authority.

We do not sell personal information, and we do not share it for cross-context behavioural advertising, as those terms are defined under California law.


13. Children

RE:CATALOG is a business tool sold to merchants. It is not directed at children and we do not knowingly collect data from anyone under 16.


14. Changes

We may update this policy as the app changes. Material changes will be announced in the app or by email to the address on your Shopify account before they take effect. The “Last updated” date at the top always reflects the current version.


15. Contact

TODO: registered company name TODO: registered address Privacy: TODO: privacy@… Support: TODO: support@…