Privacy Policy

Last updated: 2026-04-09

AI Related Products ("the App") is a Shopify application that generates related product recommendations using AI embeddings. This Privacy Policy explains what information the App processes and how it is handled.

What data we process

The App only processes publicly available product information from your Shopify store, such as product titles, descriptions, and product identifiers. This information is used to generate vector embeddings that allow the App to suggest related products.

Product data is processed on a per-store basis. Each store's data is kept isolated and is never shared with other stores or third parties beyond what is required for the App to function (see "Subprocessors" below).

What data we do NOT process

• We do not collect or store any customer personal data.
• We do not collect or store any order information.
• We do not track individual shoppers, visitors, or end users of your store.
• We do not use cookies or analytics on the storefront.

What we store

The App stores the following per installation:

• Your Shopify shop domain and authentication session (required for the App to communicate with the Shopify Admin API).
• App configuration and onboarding state.
• Vector embeddings derived from your public product data, used to power related-product suggestions.

Subprocessors

To generate embeddings, public product text (titles and descriptions) is sent to OpenAI via their API. OpenAI processes this data solely to return embeddings and does not use it to train their models. See OpenAI's privacy policy for details.

Data retention and deletion

When you uninstall the App, or when Shopify sends a shop/redact webhook, all data associated with your store — including sessions, settings, and embeddings — is permanently deleted.

Because the App does not store any customer personal data, the customers/data_request and customers/redact compliance webhooks are acknowledged but require no action.

Security

All communication with Shopify and OpenAI occurs over HTTPS. Webhooks from Shopify are verified using HMAC signatures. User authentication is handled via Shopify session tokens.

Contact

For questions about this Privacy Policy, please contact support@coddin.nl.