Privacy Policy

Introduction

JDMT Ventures LLC ("we," "our," or "us") operates the Metadata Editor application (the "Service"). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our Service through the Shopify platform.

Information We Collect

Store Information

When you install the app, we receive basic information about your Shopify store including:

• Store domain and Shopify store ID
• Store email address
• Store locale and timezone
• Store owner information

Product Information

To provide our services, we access and process:

• Product titles, descriptions, and handles
• Product images and their URLs
• Product SEO metadata (meta titles and descriptions)
• Image alt text attributes
• Product types and vendor information

Usage Information

We automatically collect certain information about your use of the Service:

• Features used and actions taken within the app
• Error logs and performance data
• Session information and authentication tokens

How We Use Your Information

We use the collected information to:

• Provide Core Services: Enable bulk editing of SEO metadata and alt text for your products
• Generate AI Content: Use Azure OpenAI to generate SEO-optimized meta titles, descriptions, and alt text
• Save Your Preferences: Remember your settings and maintain session state
• Improve Our Service: Analyze usage patterns to enhance features and user experience
• Provide Support: Respond to your inquiries and provide technical assistance
• Ensure Security: Detect and prevent fraud, abuse, or security incidents

Data Processing and Storage

AI Processing

When you use our AI features:

• Product information is sent to Azure OpenAI API for processing
• Azure OpenAI processes data according to Microsoft's privacy policies
• Generated content is returned to your store and not retained by our systems
• We do not use your data to train AI models

Data Storage

• Session data is stored in our PostgreSQL database
• We do not permanently store your product data - it's fetched from Shopify as needed
• Generated content is saved directly to your Shopify store
• Database backups are retained for 30 days for disaster recovery

Data Sharing and Disclosure

We do not sell, trade, or rent your information. We may share your information only in these circumstances:

• Service Providers: With Azure OpenAI for content generation (under strict data processing agreements)
• Legal Requirements: When required by law, court order, or governmental authority
• Protection of Rights: To protect our rights, privacy, safety, or property
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice)

Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encrypted data transmission using HTTPS/TLS
• Secure authentication through Shopify OAuth
• Regular security updates and patches
• Access controls and authentication for our systems
• Regular security audits and monitoring

However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

Data Retention

• Session Data: Retained while your store has the app installed, deleted upon uninstallation
• Product Data: Not stored permanently, fetched from Shopify as needed
• Generated Content: Saved to your Shopify store, not retained in our systems
• Logs: Application logs retained for 90 days for debugging and security purposes

Your Rights (GDPR & CCPA)

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your information (subject to legal obligations)
• Portability: Request your data in a structured, machine-readable format
• Objection: Object to certain processing of your information
• Restriction: Request restriction of processing
• Non-discrimination: Not be discriminated against for exercising your rights

To exercise these rights, contact us at info@jdmtventures.com. We will respond within 30 days.

Shopify Merchant Data

Our app integrates with Shopify and accesses merchant data through Shopify's API. We:

• Only request permissions necessary for app functionality
• Comply with Shopify's API Terms of Service
• Respect Shopify's data protection standards
• Process webhook data for app uninstallation and scope updates

Cookies and Tracking

We use minimal cookies necessary for:

• Session management and authentication
• Security features and fraud prevention
• Remembering your preferences within the app

We do not use third-party tracking cookies or analytics that track you across websites.

Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. We ensure appropriate safeguards are in place for such transfers, including:

• Standard contractual clauses approved by the European Commission
• Ensuring third parties are Privacy Shield certified or equivalent

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Updating the "Last updated" date at the top of this policy
• Sending an email notification to the store contact email
• Displaying a notice within the app

Continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process personal data based on:

• Contract: Processing necessary to perform our services
• Legitimate Interests: Improving our services, security, and fraud prevention
• Legal Obligations: Compliance with applicable laws
• Consent: Where you have given explicit consent