Privacy Policy - AI Blog Poster

Last Updated: June 6, 2026

1. Introduction

AI Blog Poster ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Shopify application and associated services (the "Service").

2. Information We Collect

2.1 Shop and Store Data

When you authorize our app to access your Shopify store, we collect and process:

•Shop name, domain, and Shopify shop ID

•Store owner contact information and email

•Store metadata (currency, timezone, country, primary language)

•Store branding information (logo, primary colors, fonts)

•Billing and subscription information for the app

•OAuth access token for API communication with Shopify

2.2 Product and Catalog Data

We synchronize and store the following product information from your store:

•Product titles, descriptions, body HTML, and vendor information

•Product images and image URLs

•Product variants, pricing, and inventory quantities

•Product handles, tags, types, and status (active/draft/archived)

•Product SEO information (SEO title and description)

•Collection titles, descriptions, handles, and images

•Product categorization and collection associations

2.3 Generated Content and Blog Data

Our AI-powered system creates and stores the following:

•Generated blog post titles, content (in HTML format), and excerpts

•SEO metadata for blog posts (focus keywords, SEO titles, descriptions)

•Blog post status (draft, published, scheduled) and publication dates

•Blog post revisions and edit history with version control

•Autosaved content snapshots and editing session data

•Keywords and keyword density analysis for generated content

•References to products mentioned within generated blog posts

•Generation parameters and AI model information used for creation

2.3.1 User Inputs Stored During Content Generation

We store the specific inputs you provide when generating blog content:

•Blog topics and subjects you request

•Tone and style preferences (professional, casual, friendly, etc.)

•Target content length (word count) specifications

•Custom instructions and additional writing guidelines

•Selected product IDs to feature in content

•Focus keywords for SEO optimization

•Additional SEO keywords and related keywords lists

•Selected product images for inclusion

•Internal and external backlinks you provide

•Author name and attribution information

•Special content features you request (how-to sections, product comparisons, etc.)

These inputs are stored with each generation job and blog post so that you can review, regenerate, or modify content with the same parameters later.

2.3.2 Content Editing and Version History

When you edit blog posts, we store:

•All content changes and edits you make

•Autosaved versions of your content (captured automatically as you work)

•Revision history with timestamps for each version

•Information about which user made each edit

•Descriptions of changes made in each revision

•Current sections being edited in active editing sessions

2.4 Brand Voice Analysis Data

We analyze your existing content to create a brand voice profile, which includes:

•Tone and formality analysis of your existing content

•Common vocabulary, phrases, and writing style patterns

•Paragraph and sentence structure preferences

•Brand values and unique selling propositions provided by you

•Target audience description and preferred writing style

•Example phrases and content structure patterns

•Confidence scores and metadata about the brand voice profile

2.5 User and Session Data

We collect information about users who use our app:

•Shopify user ID, email address, and account role/permissions

•Active editing sessions and which blog posts are being edited

•User ID information for tracking authorship of edits and revisions

•Generation job history and status of blog creation tasks initiated by each user

•Blog post view counts and last viewed timestamps

•Locked fields and editing state during collaborative editing sessions

2.6 SEO Analysis Data

We perform SEO analysis and store:

•Keyword research and search volume estimates

•Keyword difficulty scores and competition analysis

•SEO scores for generated blog content

•Blog post ideas with categories, estimated traffic, and difficulty levels

2.7 System and Log Data

We automatically collect:

•Webhook delivery logs and event history from Shopify

•Authentication event logs including login/logout activity

•Data synchronization job logs and status

•API request logs and generation job queue data

•Error reports and technical diagnostics

•Device and browser information (user agent, IP address) from authentication logs

3. How We Use Your Information

We use the information we collect for the following purposes:

•Storing and managing your user inputs and preferences for content generation

•Preserving your content generation parameters for future regeneration and editing

•Maintaining revision history and autosave snapshots for content recovery

•Tracking user editing activity and authorship for content accountability

•AI-powered blog content generation using AWS Bedrock and related AI models

•Synchronizing and analyzing your product catalog and store information

•Analyzing your existing content to create and maintain brand voice profiles

•Generating blog post ideas based on your products and store data

•SEO analysis and keyword research recommendations for generated content

•Managing user editing sessions and collaborative editing capabilities

•Processing generation jobs and async content creation tasks

•Monitoring and analyzing service usage, performance, and reliability

•Detecting, preventing, and addressing fraud, abuse, and security issues

•Complying with legal obligations and Shopify's data compliance requirements

•Providing customer support and responding to your inquiries

•Sending transactional and service-related communications

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We share data with third-party service providers who assist us in operating the Service:

•We use AWS Bedrock for AI-powered content generation. This includes sending product descriptions, store information, and content parameters to related LLMs. AWS processes this data according to its privacy policies.

•Shopify - We use Shopify's GraphQL API to fetch and synchronize product, collection, and store data

•Cloud hosting providers - For database storage and application infrastructure

•Payment processors - For subscription and billing management

Important: When generating blog content, your product data, store metadata, and content preferences are sent to AWS Bedrock for processing by AI models. This data is used to generate content and is subject to AWS's data handling policies.

4.2 Data Transfers for AI Processing

To provide AI-powered content generation, we must transfer the following data to AWS Bedrock:

•Selected product information (titles, descriptions, types, tags, prices)

•Your store metadata (store name, description, branding)

•Your brand voice profile preferences and instructions

•SEO keywords and focus keyword preferences

•Custom content instructions and tone specifications

•Selected product images and captions

AWS Bedrock processes this data temporarily to generate content. For more information on how AWS handles this data, please review AWS's privacy policies and data processing terms.

4.3 Legal Requirements

We may disclose your information when required by law or when we believe in good faith that disclosure is necessary to:

•Comply with legal processes, court orders, or governmental requests

•Enforce our terms of service and other agreements

•Protect the security or integrity of our Service

•Protect the rights, privacy, safety, or property of our users and customers

4.4 No Sale of Personal Data

We do not sell, trade, or rent your personal information to third parties. We do not disclose personal data for commercial purposes or marketing to other businesses.

5. Data Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These include:

•Encryption of data in transit and at rest

•Secure authentication mechanisms

•Regular security assessments and updates

•Limited access to personal information on a need-to-know basis

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain personal information and app data for different periods depending on the type of information:

6.1 Active Shop Data

While your app subscription is active, we retain:

•Shop information and OAuth access tokens - for as long as the app is installed

•Synced product and collection data - updated regularly, retained until deletion

•Generated blog posts and content - retained until you delete them

•User generation inputs (topics, tones, keywords, instructions) - retained with each blog post indefinitely

•Content autosaves and editing sessions - retained for 90 days after last activity

•Blog post revisions and version history - retained until you delete the blog post

•Generation job parameters and history - retained for 1 year

•Brand voice profiles - retained until you delete them

6.2 Upon Shop Uninstallation

When you uninstall our app from your Shopify store, we automatically delete:

•All shop data and store metadata

•OAuth access tokens and authentication information

•All synced product and collection data

•All generated blog posts and content

•All brand voice profiles and analysis data

•All editing sessions and autosave data

•Generation job records related to your shop

This deletion is handled through Shopify's app uninstallation webhook and typically completes within 30 days. Some log data may be retained for security and compliance purposes for up to 90 days.

6.3 Data Requested for Deletion

You may request deletion of your data at any time by contacting us. Upon request for individual data deletion, we will:

•Delete specified personal information from active records

•Maintain minimum data needed for billing, legal compliance, and security for up to 90 days

•Respond to your request within 30 days

6.4 Backup and Archive Data

Deleted data may persist in our backup systems for up to 90 days for disaster recovery purposes. These backups are not accessible for normal operations and will be automatically purged after the retention period.

7. Your Rights and Choices

7.1 Data Subject Rights

Depending on your location, you may have the right to:

•Access the personal data we hold about you

•Request correction of inaccurate data

•Request deletion of your data (subject to legal obligations)

•Object to processing of your data

•Request restriction of processing

•Data portability

•Withdraw consent at any time

7.2 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided below.

7.3 Marketing Communications

You may opt out of receiving promotional communications from us by following the unsubscribe instructions in those communications or by contacting us directly.

8. Data Compliance and Shopify Webhook Handling

In accordance with Shopify's App Data Privacy requirements and applicable privacy laws (GDPR, CCPA, etc.), we maintain webhooks to automatically handle data requests:

8.1 Customer Data Access Requests (GDPR/CCPA)

When a customer requests access to their personal data, Shopify forwards this request to us. We respond by:

•Identifying data associated with the customer in our system

•Compiling a comprehensive data export within 30 days

•Providing data in a portable, machine-readable format

8.2 Customer Data Deletion Requests

When a customer requests deletion of their personal data, we:

•Delete all customer personal information from our active systems

•Remove customer references from blog posts and content (while preserving content integrity)

•Complete deletion within 30 days of the request

•Maintain audit logs for compliance verification

8.3 Shop Uninstallation (app/uninstalled webhook)

When the app is uninstalled from a Shopify store, we automatically:

•Revoke API access and delete the OAuth access token

•Delete all shop-specific data including products, collections, blog posts, and metadata

•Remove brand voice profiles and generation histories

•Clear all synced and generated content

•Process deletions within 30 days of uninstallation

8.4 Shop Information Updates

When shop information changes (via shop/update webhook), we:

•Update store metadata such as name, email, currency, and timezone

•Maintain consistency with current shop information

We maintain detailed logs of all webhook events and compliance actions to ensure accountability and adherence to privacy regulations.

9. AI Processing and Model Data Handling

9.1 AI Content Generation

Our app uses AWS Bedrock to power AI-driven blog content generation. When you request blog post generation:

•Your product data, store information, and content parameters are sent to AWS Bedrock

•The data is processed using AI models to generate content

•AWS may retain request data for a limited time for service improvement, as per AWS's privacy policies

•Generated content is returned to your store and stored in our database

•Original request data is not used to train these models without appropriate safeguards

9.2 Brand Voice Analysis

When we analyze your existing content to create a brand voice profile:

•We analyze tone, vocabulary, and writing patterns from your provided samples

•This analysis stays within our system and is not shared with external AI providers

•The profile helps customize future generated content to match your brand

•You can update or delete your brand voice profile at any time

9.3 AI Model Updates

We may update the AI models used for content generation. When this occurs:

•New generations may produce different results than previous ones

•Previous content is not automatically regenerated

•You maintain full control over when to regenerate content

10. International Data Transfers

Your information may be transferred to, stored in, and processed in countries other than your country of residence, including the United States (where AWS services are hosted). These countries may have data protection laws that differ from your home country. By using our Service, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection rules.

For EU residents: We rely on appropriate safeguards such as Standard Contractual Clauses to ensure your data is adequately protected during international transfers.

11. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will delete such information promptly.

12. Third-Party Links

Our Service may contain links to third-party websites and services that are not operated by us. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services before providing your information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by updating the "Last Updated" date. Your continued use of the Service after changes constitute your acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions about this Privacy Policy, our privacy practices, or wish to exercise your rights, please contact us at:

Email: business.diaae@gmail.com

15. Compliance with GDPR, CCPA, and Other Privacy Laws

We are committed to complying with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy and data protection laws. If you are a resident of the EU, California, or other jurisdictions with privacy laws, you have additional rights as described in Section 7 above.