Privacy Policy

Last updated:

This Privacy Policy describes how Parasamgates ("we", "our", "us") collects, uses, and protects information in connection with the paraGEO Shopify application and the services we provide at parasamgates.com. By installing the paraGEO app or using our services, you agree to the terms described below.

1. Overview

paraGEO is a Shopify application that generates Generative Engine Optimization (GEO) content — AI-generated summaries, FAQs, and JSON-LD structured data — for your products, collections, and articles, and writes them to your Shopify store as metafields so AI systems (ChatGPT, Claude, Perplexity, Gemini, and others) can better parse and cite your catalog.

The app runs as an embedded admin application inside the Shopify admin. All data is processed on behalf of you, the merchant.

2. Information we collect

When you install and use paraGEO, we collect and process the following categories of information from your Shopify store via the Shopify Admin API:

Shop metadata

  • Shop domain (e.g., example.myshopify.com)
  • Shop name, description, primary URL, contact email, currency
  • Shop logo and brand assets (if configured)

Catalog content

  • Product titles, descriptions, variants, pricing, images, tags, SEO fields, and vendor information
  • Collection titles, descriptions, rules, and SEO fields
  • Blog article titles, bodies, authors, and publication status
  • Online store page titles and bodies
  • Theme file contents (to verify GEO JSON-LD is rendering)

Authentication and usage data

  • Shopify offline access tokens, stored securely server-side and used only to call the Shopify Admin API on your behalf
  • Subscription tier and billing cycle (Starter, Growth, Scale, Enterprise), retrieved from Shopify's billing system
  • App usage metrics (number of sync runs per month, audit scores, optimization run history) to enforce plan limits and display analytics
  • Action audit trail for support and debugging

Information we do NOT collect

  • Customer names, emails, addresses, phone numbers, or IP addresses
  • Order details, cart contents, or customer purchase history
  • Payment card information or banking details — all billing is handled directly by Shopify
  • Personally identifiable information of your store's customers

3. How we use your information

We use the information above exclusively to:

  • Generate AI-optimized titles, descriptions, FAQs, and JSON-LD schemas for your catalog
  • Write the generated content back to your store as metafields
  • Display dashboard audits, progress indicators, and usage analytics to you
  • Enforce subscription plan limits (product caps, monthly sync quotas)
  • Verify that the GEO theme extension is rendering correctly on your storefront
  • Maintain an audit log to support debugging and customer support requests

We do not use your data to train AI models, sell to third parties, or for any purpose unrelated to the operation of the app.

4. Third-party processors

paraGEO sends catalog content to the following third-party services to generate AI output. Each provider processes the content solely for the purpose of returning the generated result and does not retain it for training:

  • OpenAI privacy policy. Used to generate product summaries, FAQs, and structured data. OpenAI's enterprise API policy excludes API inputs from model training.
  • Anthropic privacy policy. Used as an alternative AI provider for specific optimization tasks. Anthropic's commercial API similarly excludes inputs from training.
  • Shopify privacy policy. The Admin API is the source of all catalog and shop data we process. Shopify also handles all billing and subscription management for the app.

5. Data retention

We retain your data only as long as the app is installed on your store. When you uninstall paraGEO:

  • Immediately on uninstall: our app/uninstalled webhook fires and deletes every row in our database that is scoped to your shop domain — including session tokens, site data, optimization runs, audit logs, metafield snapshots, subscription plan state, and usage counters.
  • 48 hours after uninstall: Shopify fires the GDPR shop/redact webhook as a second-pass safety net. We re-run the same delete to ensure no data survives.

App-owned metafields (under the $app:geo namespace) written to your store are automatically cleaned up by Shopify when the app is uninstalled. We cannot delete them manually because our access token is revoked at uninstall time.

6. Data security

  • All data in transit is encrypted with TLS 1.2 or higher
  • Shopify access tokens are stored server-side in an encrypted session database and never exposed to client browsers
  • Access tokens use Shopify's short-lived refresh mechanism (expiring offline access tokens), limiting the blast radius of any token compromise
  • Webhook signatures are verified on every request using HMAC-SHA256 with the app secret
  • The internal API is gated behind a pre-shared secret and accessible only from localhost on the application server
  • Database credentials are stored in environment files with restricted filesystem permissions, never in version control

7. Your rights (GDPR, CCPA)

paraGEO complies with Shopify's mandatory GDPR webhook contract:

  • customers/data_request — we do not store customer PII, so data requests are acknowledged and responded to with a notice that no personal data is on file.
  • customers/redact — same rationale; no customer data exists to redact.
  • shop/redact — triggers the full shop-scoped delete described in section 5.

If you are a resident of the European Union, the United Kingdom, or California, you have additional rights to access, correct, port, or delete your personal information. Because we do not collect PII from your customers, these rights apply only to merchant-level data (your shop contact email and billing records). To exercise any of these rights, email us at biz@parasamgates.com.

8. Cookies and tracking

paraGEO uses only the session cookies managed by Shopify's embedded app framework to keep you signed in to the admin. We do not set our own tracking cookies, analytics beacons, or advertising pixels. We do not use Google Analytics, Meta Pixel, or any similar third-party tracker inside the app.

9. Children's privacy

paraGEO is a B2B Shopify app for merchants. It is not directed at children under the age of 13, and we do not knowingly collect information from anyone under 13.

10. International data transfers

Your data may be processed in the United States, the European Union, and any country where our third-party AI providers operate their infrastructure. By installing the app, you consent to this cross-border processing.

11. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be announced via email to the contact address on file for your Shopify store and reflected in the "Last updated" date at the top of this page. Continued use of the app after changes are posted constitutes acceptance of the updated policy.

12. Contact

Questions, concerns, or requests about this Privacy Policy can be sent to:

Parasamgates
biz@parasamgates.com

This policy applies to the paraGEO Shopify app and the parasamgates.com website. Data processed by Shopify itself (your store, customers, orders, and billing) is governed by Shopify's own Privacy Policy.