Privacy Policy

What we collect

• Your Shopify shop domain and a Shopify-issued access token.
• Public storefront HTML during accessibility scans, with end-customer attributes redacted before storage.
• Configuration you enter (widget colour, scan schedule, plan tier).
• Subscription metadata returned by Shopify Billing.

What we never collect

• Your end customers' personal data. Customer-bound HTML attributes are redacted before any persistence or AI call.
• Payment card or bank data. Shopify handles all payment instruments.
• Cross-site tracking or analytics on your storefront.

How AI processing works

Pro-tier AI suggestions are produced by sending a redacted accessibility issue payload to Groq, our AI inference provider. We send only the WCAG criterion, a CSS selector, and a short HTML snippet after PII scrubbing. Groq's own privacy and retention terms apply to that processing, see groq.com/privacy-policy. AI-generated content is labelled as such in the admin UI and you preview a unified diff before any code is written to your theme.

Data retention

We retain scan data, issue lists, AI fix suggestions, and audit logs for as long as the app is installed, plus 30 days after uninstall to allow re-install without data loss. After 30 days post-uninstall the data is permanently deleted. Pro plan merchants can configure a shorter retention window in app settings, enforced by a weekly automated purge.

Where data is stored

Application and database run on Google Cloud (europe-central2), located in the EU. International transfers to Groq are covered by the EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914).

Your rights

Under GDPR you have rights of access, rectification, erasure, portability, restriction of processing, and to object. Under the CCPA (California residents) you have rights to know, delete, correct, and opt out of any sale of personal information (we do not sell or share for cross-context behavioural advertising).

To exercise any of these rights, email contact@ensomedia.pl from the email associated with your Shopify shop owner account. We respond within 30 days as required by GDPR Art. 12(3).

Cookies

AccessifyAI uses only essential cookies necessary for app operation inside the Shopify admin. We do not use tracking, advertising, or cross-site analytics cookies on storefronts.

Children's privacy

AccessifyAI is a B2B service for Shopify merchants. It is not directed to children. We do not knowingly collect personal information from children under 13 (or under 16 where local law applies a higher digital-consent age).

Contact

Ensomedia (sole proprietorship, Poland) is the data controller.