Privacy Policy

Last updated: December 12, 2025

This Privacy Policy describes how GR0 Commerce ("we", "our", or "us") collects, uses, and protects your information when you use our Shopify app and related services (the "Service").

1. Information We Collect

Account Information

When you create an account, we collect your email address and a password (which is encrypted and stored securely). We also assign you a role (merchant or admin) to manage access to features.

Store Information

When you connect your store, we collect and store:

  • Store name and domain
  • Platform type (e.g., Shopify)
  • Store connection settings and preferences
  • Feed configuration and mapping settings

Product Catalog Data

We automatically sync and store your product catalog information, including:

  • Product titles, descriptions, and metadata
  • Product images and media
  • Pricing and inventory information
  • Product variants and options
  • Product categories and tags

Platform Connection Data

To sync your product data, we securely store encrypted access tokens and connection settings for your e-commerce platform (e.g., Shopify OAuth tokens).

Usage Data

We collect information about how you use the Service, including sync logs, feed generation history, and error reports to help improve the Service.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Sync your product catalog from your connected store
  • Generate OpenAI-compliant product feeds for ChatGPT discovery
  • Validate and fix product feed data issues
  • Enable instant checkout functionality through the Agentic Commerce Protocol
  • Process payments through integrated payment processors (e.g., Stripe)
  • Send you service-related communications
  • Respond to your inquiries and provide customer support
  • Comply with legal obligations and enforce our terms

3. Data Sharing and Disclosure

Service Providers

We share your product data with third-party service providers to deliver the Service:

  • OpenAI: We submit your product feeds to OpenAI to make your products discoverable in ChatGPT. This includes product information, pricing, images, and metadata.
  • Stripe: We share order and payment information with Stripe to process payments for instant checkout transactions.
  • Hosting and Infrastructure: We use cloud hosting providers to store and process your data securely.

Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users or others.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4. Customer Data

We do not collect, store, or process customer data. We only process product catalog data and store information. We do not have access to your customers' personal information, purchase history, or any other customer data from your store.

If you receive a customer data request (e.g., under GDPR or CPRA), we will respond that we do not store customer data, as required by Shopify's compliance webhook requirements.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

  • Encryption of sensitive data, including access tokens and passwords
  • Secure HTTPS connections for all data transmission
  • Regular security assessments and updates
  • Access controls and authentication requirements
  • Secure data storage with industry-standard practices

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. If you delete your account or disconnect your store, we will delete or anonymize your data in accordance with our data retention policies and applicable law.

When you uninstall the app from your Shopify store, we will delete your store connection data and product catalog data within 48 hours, as required by Shopify's compliance requirements.

7. Your Rights

Depending on your location, you may have certain rights regarding your personal information:

  • Access: You can access and review your account information through the Service dashboard.
  • Correction: You can update your account information and store settings at any time.
  • Deletion: You can delete your account or disconnect your store, which will result in deletion of your data.
  • Data Portability: You can export your product feed data through the Service.
  • Opt-Out: You can disconnect your store or delete your account to stop data collection.

To exercise these rights, please contact us at support@gr0commerce.com.

8. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using the Service, you consent to the transfer of your information to these countries.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

GR0 Commerce
Email: support@gr0commerce.com
Website: www.gr0commerce.com