Privacy Policy

Information We Collect

When you install Postrise on your Shopify store, we collect and store the following data necessary to operate the App:

• Shop information: Your shop domain, primary locale, country code, and timezone
• OAuth access token: A secure token issued by Shopify that allows Postrise to interact with your store's Admin API
• Content data you create: Keywords you add, articles Postrise generates, link targets you configure, and brand voice settings
• Usage data: Articles published, citation queries tracked, plan tier, and feature usage metrics
• Product and blog data: Product titles, descriptions, blog posts, and collections accessed to generate relevant content

We do not collect or store customer personal data from your store. We do not access customer names, email addresses, order data, or payment information.

How We Use Information

We use the collected information solely to:

• Provide the core functionality of Postrise: generate blog content, publish articles, track AI citations, and manage your subscription
• Communicate with you about account, billing, and product updates
• Improve the App and develop new features
• Comply with legal obligations

We do not sell, rent, or share your data with third parties for marketing purposes.

Third-Party Services

Postrise integrates with the following third-party services to deliver its functionality:

• Shopify: Authentication, storefront publishing, and billing
• DataForSEO: Keyword search volume and difficulty data
• OpenAI: ChatGPT API for citation tracking
• Anthropic: Claude API for article generation and citation tracking
• Perplexity: Sonar API for citation tracking
• Pexels: Stock imagery for article featured images

Each service has its own privacy policy. Data shared with these services is limited to what is necessary for the specific feature.

Data Storage and Security

Your data is stored on secure servers protected by industry-standard encryption (TLS in transit, AES-256 at rest). Access to data is restricted to authorized personnel and automated systems required to operate the App. We follow industry best practices for security and regularly review our infrastructure.

Data Retention

We retain your data for as long as Postrise is installed on your store. When you uninstall Postrise, we honor Shopify's GDPR webhooks:

• shop/redact: All shop data is deleted within 48 hours of uninstall
• customers/redact: We do not store customer data, but acknowledge requests
• customers/data_request: We do not store customer data, but acknowledge requests

You can also request immediate data deletion by emailing [email protected].

Your Rights (GDPR, CCPA, and Australian Privacy Act)

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to processing of your data
• Request data portability
• Lodge a complaint with a supervisory authority

To exercise these rights, contact [email protected].

Cookies

The Postrise marketing site (postrise.app) uses minimal cookies for session management. The embedded admin within Shopify uses session tokens issued by Shopify for authentication. We do not use third-party tracking cookies or advertising pixels.

Children's Privacy

Postrise is a B2B product intended for use by Shopify merchants who are at least 18 years old. We do not knowingly collect information from individuals under 18.

Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent revision. Material changes will be communicated via email to active users.

Contact

Questions about this Privacy Policy can be sent to:

For data deletion requests or other privacy-related inquiries, please use the email above with the subject line “Privacy Request”.