Privacy Policy

StoreGuard Settings Audit reviews store domain, MyShopify domain, primary domain, public contact email, shop owner email, shop address, legal policy metadata, policy text length and hash, shop currency, timezone, unit, tax settings, app session data, billing status, audit findings, and operational logs.

The app does not request customer data, order data, product data, theme data, checkout data, write access, protected customer data, email sending access, inventory data, or policy editing access.

Access tokens and sensitive business contact snapshots are encrypted at rest. Owner/admin views show aggregate operational metadata and do not display actual merchant contact emails, actual shop address, full policy body, access tokens, raw encrypted snapshots, or raw webhook payloads.

Merchants can request deletion through Shopify privacy webhooks or support. Customer data request and customer redact webhooks are safe no-ops because StoreGuard stores no customer data.